Black Box CLI Guide for SmartPath OS (LWN602A Series)
The following is a complete list of commands
available in the SmartPath OS for the LWN602A Series along with
explanations of every keyword. Click a command to see its keyword
explanations. Then click the Back Arrow in your browser to return to the
list of commands. For an introduction to the SmartPath CLI, explaining
different ways to access it, some keyboard shortcuts, and usage tips, click here.
aaa mac-format case-sensitivity {lower-case|upper-case}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
mac-format |
Set the MAC address format to use when sending client MAC addresses to an external authentication server
|
case-sensitivity |
Set the letter case to use when formatting MAC addresses
|
lower-case |
Use lowercase formatting (Example: 01ab23cd45ef; Default: lower-case)
|
upper-case |
Use uppercase formatting (Example: 01AB23CD45EF; Default: upper-case)
|
aaa mac-format delimiter {dash|dot|colon}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
mac-format |
Set the MAC address format to use when sending client MAC addresses to an external authentication server
|
delimiter |
Set the type of delimiter to use when formatting MAC addresses
|
dash |
Set a dash ( - ) as the MAC address delimiter (Default: colon)
|
dot |
Set a dot ( . ) as the MAC address delimiter (Default: colon)
|
colon |
Set a colon ( : ) as the MAC address delimiter (Default: colon)
|
aaa mac-format style {two-delimiter|five-delimiter|no-delimiter}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
mac-format |
Set the MAC address format to use when sending client MAC addresses to an external authentication server
|
style |
Set the number of delimiters to use when grouping the hexadecimal digits in a MAC address
|
two-delimiter |
Set the number of delimiters in a MAC address as two (Example: 0123.4567.89ab; Default: no-delimiter)
|
five-delimiter |
Set the number of delimiters in a MAC address as five (Example: 01-23-45-67-89-ab; Default: no-delimiter)
|
no-delimiter |
Set the number of delimiters in a MAC address as none (Example: 0123456789ab; Default: no-delimiter)
|
aaa ppsk-server auto-save-interval <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
ppsk-server |
Set parameters for the local SmartPath AP when it is acting as a private PSK server
|
auto-save-interval |
Set the length of time to save the list of private PSK-to-client MAC address bindings to flash memory
|
<number> |
Enter the interval in seconds(Default: 600 sec; Range: 60-3600)
|
aaa ppsk-server
radius-server {primary|backup1|backup2|backup3} <ip_addr|string> [
shared-secret <string> ] [ auth-port <number> ] [
via-vpn-tunnel ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
ppsk-server |
Set parameters for the local SmartPath AP when it is acting as a private PSK server
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
primary |
Set the RADIUS server that is first queried when authenticating users
|
backup1 |
Set the RADIUS server that is queried if the primary server stops responding
|
backup2 |
Set the RADIUS server that is queried if the backup1 server stops responding
|
backup3 |
Set the RADIUS server that is queried if the backup2 server stops responding
|
<ip_addr> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
<string> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
shared-secret |
Set the shared secret for authenticating communications with a RADIUS server
|
<string> |
Enter the shared secret for authenticating communications with a RADIUS server (1-64 chars)
|
auth-port |
Set the RADIUS authentication port number
|
<number> |
Enter the RADIUS authentication port number (Default: 1812; Range: 1-65535)
|
via-vpn-tunnel |
Send all RADIUS traffic through a VPN tunnel (Note:
Set this option on VPN clients when the RADIUS server is in a different
subnet from the tunnel interface. When they are in the same subnet,
tunneling is automatic.)
|
aaa radius-server <string> acct-port <port>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
<string> |
Enter the name of the RADIUS server (1-32 chars; Note: Use this name when assigning the server to a realm.)
|
acct-port |
Set the RADIUS accounting port number
|
<port> |
[1~65535]Enter the RADIUS accounting port number (Default: 1813; Range: 1-65535)
|
aaa radius-server <string> auth-port <port>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
<string> |
Enter the name of the RADIUS server (1-32 chars; Note: Use this name when assigning the server to a realm.)
|
auth-port |
Set the RADIUS authentication port number
|
<port> |
[1~65535]Enter the RADIUS authentication port number (Default: 1812; Range: 1-65535)
|
aaa radius-server <string> server <string> shared-secret <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
<string> |
Enter the name of the RADIUS server (1-32 chars; Note: Use this name when assigning the server to a realm.)
|
server |
Set the IP address or resolvable domain name for the RADIUS server
|
<string> |
Enter the IP address or domain name (max 32 chars) for the RADIUS server
|
shared-secret |
Set the shared secret for authenticating communications with a RADIUS server
|
<string> |
Enter the shared secret (1-64 chars; Note: The RADIUS shared secret is case sensitive and can contain spaces.)
|
aaa radius-server account-interim-interval <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
account-interim-interval |
Set the interval in seconds for sending RADIUS accounting updates
|
<number> |
Enter the interval in seconds for sending RADIUS accounting updates (Default: 20; Range: 10-100000000)
|
aaa radius-server
accounting {primary|backup1|backup2|backup3} <ip_addr|string> [
shared-secret <string> ] [ acct-port <number> ] [
via-vpn-tunnel ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
accounting |
Set parameters for a RADIUS accounting server
|
primary |
Set the RADIUS accounting server to which the SmartPath AP sends Accounting-Request packets first
|
backup1 |
Set the RADIUS accounting server to which the
SmartPath AP sends Accounting-Request packets if the primary server does
not respond
|
backup2 |
Set the RADIUS accounting server to which the
SmartPath AP sends Accounting-Request packets if the backup1 server does
not respond
|
backup3 |
Set the RADIUS accounting server to which the
SmartPath AP sends Accounting-Request packets if the backup2 server does
not respond
|
<ip_addr> |
Enter the IP address or domain name for the RADIUS accounting server (max 32 chars)
|
<string> |
Enter the IP address or domain name for the RADIUS accounting server (max 32 chars)
|
shared-secret |
Set the shared secret for securing communications with RADIUS accounting servers
|
<string> |
Enter the shared secret (1-64 chars; Note: The RADIUS shared secret is case sensitive and can contain spaces.)
|
acct-port |
Set the RADIUS accounting port number
|
<number> |
Enter the RADIUS accounting port number (Default: 1813; Range: 1-65535)
|
via-vpn-tunnel |
Send all RADIUS traffic through a VPN tunnel (Note:
Set this option on VPN clients when the RADIUS server is in a different
subnet from the tunnel interface. When they are in the same subnet,
tunneling is automatic.)
|
aaa radius-server dynamic-auth-extension
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
dynamic-auth-extension |
Enable the SmartPath AP acting as a NAS to accept
unsolicited messages from the RADIUS authentication server (Default:
Disabled)
|
aaa radius-server keepalive enable
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
keepalive |
Set parameters for periodically checking network connectivity to RADIUS servers
|
enable |
Set parameters for periodically checking network connectivity to RADIUS servers
|
aaa radius-server keepalive interval <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
keepalive |
Set parameters for periodically checking network connectivity to RADIUS servers
|
interval |
Set the interval between periodic connectivity status checks
|
<number> |
Enter the interval in seconds (Default: 60; Range: 60-86400)
|
aaa radius-server keepalive retry <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
keepalive |
Set parameters for periodically checking network connectivity to RADIUS servers
|
retry |
Set the number of times to retry sending an
Access-Request or Accounting-Request that does not elicit a response
from a RADIUS authentication or accounting server
|
<number> |
Enter the retry value (Default: 3; Range: 1-10)
|
aaa radius-server keepalive retry-interval <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
keepalive |
Set parameters for periodically checking network connectivity to RADIUS servers
|
retry-interval |
Set the interval between retries if no response is received from the RADIUS server
|
<number> |
Enter the retry interval value in seconds (Default: 10; Range: 1-60)
|
aaa radius-server keepalive username <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
keepalive |
Set parameters for periodically checking network connectivity to RADIUS servers
|
username |
Set the user name to submit in Access-Request messages when checking the connectivity to RADIUS authentication servers
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password to submit in Access-Request messages
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local attr-map group-attr-name <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
attr-map |
Map an attribute defined on a remote LDAP server to an attribute on the local RADIUS server
|
group-attr-name |
Set the user group attribute name that is defined on the LDAP server
|
<string> |
Enter the attribute name (1-32 chars; Note: The
attribute type must be "string". Default attribute in AD: memberOf; in
OD: apple-group-realname; in LDAP server: radiusGroupName)
|
aaa radius-server local attr-map reauth-attr-name <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
attr-map |
Map an attribute defined on a remote LDAP server to an attribute on the local RADIUS server
|
reauth-attr-name |
Set the user reauthentication time attribute name that is defined on the LDAP server
|
<string> |
Enter the attribute name (1-32 chars; Note: The
attribute type must be "integer". Default attribute in AD:
msRADIUSServiceType; in LDAP server: radiusServiceType)
|
aaa radius-server local attr-map user-profile-attr-name <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
attr-map |
Map an attribute defined on a remote LDAP server to an attribute on the local RADIUS server
|
user-profile-attr-name |
Set the user group ID attribute name that is defined on the LDAP server
|
<string> |
Enter the attribute name (1-32 chars; Note: The
attribute type must be "string". Default attribute in AD:
msRADIUSCallbackNumber; in LDAP server: radiusCallbackNumber)
|
aaa radius-server local attr-map vlan-attr-name <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
attr-map |
Map an attribute defined on a remote LDAP server to an attribute on the local RADIUS server
|
vlan-attr-name |
Set the VLAN ID attribute that is defined on the LDAP server
|
<string> |
Enter the attribute name (1-32 chars; Note: The
attribute type must be "string". Default attribute in AD:
msRASSavedCallbackNumber; in LDAP server: radiusCallbackId)
|
aaa radius-server local cache lifetime <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
cache |
Set parameters for caching user-authentication responses from external LDAP servers
|
lifetime |
Set the lifetime for entries in the RADIUS server cache
|
<number> |
Enter the lifetime for keeping entries in the RADIUS server cache (Default: 86400 seconds; Range: 3600-2592000)
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} computer-ou <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
computer-ou |
Set the OU (organizational unit) used on the Active
Directory server where the SmartPath AP RADIUS server admin has
privileges to add the SmartPath AP as a computer in the domain
|
<string> |
Enter the OU (Max: 256 chars; Format:
ou/sub-ou/sub-ou; Note: If there are any spaces, enclose the entire
string in quotation marks.)
|
aaa radius-server local
db-type active-directory {primary|backup1|backup2|backup3} domain
<string> binddn <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the AD domain controller
|
<string> |
Enter the NetBOIS name of the domain (1-64 chars;
Note: The domain name cannot contain multiple-level domains delimited by
dots.)
|
binddn |
Set the bindDN (distinguished name) under which LDAP
searches are done (Note: bindDN must be set if want to get attributes
from AD server or want to check TLS username against LDAP server.)
|
<string> |
Enter the bindDN name (1-256 chars)
|
password |
Set the password which authenticate the bindDN
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local
db-type active-directory {primary|backup1|backup2|backup3} domain
<string> fullname <string> [ default ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the AD domain controller
|
<string> |
Enter the NetBOIS name of the domain (1-64 chars;
Note: The domain name cannot contain multiple-level domains delimited by
dots.)
|
fullname |
Set the full DNS name of the domain to which the RADIUS server (local SmartPath AP) and AD server both belong
|
<string> |
Enter the full DNS name of the domain (1-64 chars)
|
default |
Set the domain as the default domain, which will be added to the RADIUS request if no domain name appears in the request
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} domain <string> server <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the AD domain controller
|
<string> |
Enter the NetBOIS name of the domain (1-64 chars;
Note: The domain name cannot contain multiple-level domains delimited by
dots.)
|
server |
Set the IP address or resolvable domain name for the AD server (Note: The AD server is the same as the domain controller.)
|
<string> |
Enter the IP address or domain name (1-64 chars)
|
aaa radius-server local
db-type active-directory {primary|backup1|backup2|backup3} login
admin-user <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
login |
Set admin user name and password that the local SmartPath AP will use to access the AD server
|
admin-user |
Set the admin user name
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password which authenticate the login user
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local
db-type active-directory {primary|backup1|backup2|backup3} {server}
<string> [ {via-vpn-tunnel} ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
server |
Set the IP address or resolvable domain name for the AD server
|
<string> |
Enter the IP address or domain name (1-64 chars)
|
via-vpn-tunnel |
Send all traffic from the SmartPath AP RADIUS
authentication server to the AD server through a VPN tunnel (Note: Set
this option on VPN clients when the AD server is in a different subnet
from the tunnel interface. When they are in the same subnet, tunneling
is automatic.)
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} {tls-enable|global-catalog}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
tls-enable |
Enable TLS authentication that the local SmartPath AP, as an LDAP client, uses with the AD server (Default: Disabled)
|
global-catalog |
Set the SmartPath AP to use TCP port 3268 when doing an LDAP search on an AD global catalog server (Default: Disabled)
|
aaa radius-server local db-type ldap-server sub-type edirectory
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
sub-type |
Set the type of LDAP server
|
edirectory |
Set the user database on an eDirectory LDAP server
|
aaa radius-server local db-type ldap-server sub-type edirectory acct-policy-check
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
sub-type |
Set the type of LDAP server
|
edirectory |
Set the user database on an eDirectory LDAP server
|
acct-policy-check |
Enable the Novell eDirectory account policy check and intruder detection for RADIUS users (Default: Disabled)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} basedn <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
basedn |
Set the base DN (distinguished name) where the user profiles are located in the LDAP tree structure
|
<string> |
Enter the base DN (1-256 chars; Note: If there are any spaces, enclose the whole string in quotation marks.)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} binddn <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
binddn |
Set the bind DN (distinguished name) under which LDAP searches are done
|
<string> |
Enter the bind DN (1-256 chars; Note: If there are any spaces, enclose the whole string in quotation marks.)
|
password |
Set the password which authenticate the bindDN
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} filter-attr <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
filter-attr |
Set the LDAP search filter to locate user objects using the name the client supplies during RADIUS authentication
|
<string> |
Enter the filter attribute used to search for the user (Default: "cn"; 1-32 chars)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} no-strip-filter
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
no-strip-filter |
Do not strip the realm name from the search filter
that the Black Box RADIUS server includes in requests sent to the LDAP
server
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} port <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
port |
Set the destination port number for communicating with the LDAP server
|
<number> |
[1~65535]Enter the destination port number (Default: 389, 636 for LDAPS; Range: 1-65535)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} protocol {ldap|ldaps}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
protocol |
Set the protocol for communicating with the LDAP server
|
ldap |
Set LDAP as the protocol for communicating with the LDAP server (Default: LDAP)
|
ldaps |
Set LDAPS (Secure LDAP) as the protocol for communicating with the LDAP server (Default: LDAP)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} {server} <string> [ {via-vpn-tunnel} ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
server |
Set the IP address or resolvable domain name for the LDAP server
|
<string> |
Enter the IP address or domain name (1-32 chars)
|
via-vpn-tunnel |
Send all traffic from the SmartPath AP RADIUS
authentication server to the LDAP server through a VPN tunnel(Note: Set
this option on VPN clients when the LDAP server is in a different subnet
from the tunnel interface. When they are in the same subnet, tunneling
is automatic.)
|
aaa radius-server local db-type library-sip-server {primary} institution-id <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
institution-id |
Set institution ID that the local RADIUS server provides when exchanging messages with the library SIP server
|
<string> |
Enter the institution ID (1-64 chars)
|
aaa radius-server local db-type library-sip-server {primary} login-enable
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
login-enable |
Enable the SmartPath AP, acting as a library SIP
client, to log in when connecting to the library SIP server (Default:
Disabled)
|
aaa radius-server local db-type library-sip-server {primary} login-user <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
login-user |
Set the user name that the local RADIUS server submits when logging in to the library SIP server
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password that the local SmartPath AP RADIUS server submits when logging in to the library SIP server
|
<string> |
Enter the password (1-32 chars)
|
aaa radius-server local db-type library-sip-server {primary} port <port>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
port |
Set the library SIP server port number
|
<port> |
[1~65535]Enter the port number (Default: 6001; Range: 1-65535)
|
aaa radius-server local db-type library-sip-server {primary} separator <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
separator |
Set the character that the library SIP server uses to separate multiple field name + value entries
|
<string> |
Enter the separator (1 char; Default: '|')
|
aaa radius-server local db-type library-sip-server {primary} {server} <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
server |
Set IP address or domain name of the library SIP server
|
<string> |
Enter the IP address or domain name (Domain name: 1-32 chars)
|
aaa radius-server local db-type local
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
local |
Set the user database on the local SmartPath AP
|
aaa radius-server local
db-type open-directory {primary|backup1|backup2|backup3} admin-user
<string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
admin-user |
Set the admin user name that the local SmartPath AP uses when logging in to the OD server
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password that the local SmartPath AP uses when logging in to the OD server
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local
db-type open-directory {primary|backup1|backup2|backup3} domain
<string> binddn <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the OD domain controller
|
<string> |
Enter the name of the domain (1-64 chars)
|
binddn |
Set the bindDN (distinguished name) under which LDAP searches are done
|
<string> |
Enter the bindDN name (1-256 chars)
|
password |
Set the password which authenticate the bindDN
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} domain <string> fullname <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the OD domain controller
|
<string> |
Enter the name of the domain (1-64 chars)
|
fullname |
Set the full DNS name of the OD domain server
|
<string> |
Enter the full DNS name of the domain (1-64 chars)
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} filter-attr <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
filter-attr |
Set the LDAP search filter to locate user objects using the name the client supplies during RADIUS authentication
|
<string> |
Enter the filter attribute used to search for the user (Default: "uid"; 1-32 chars)
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} no-strip-filter
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
no-strip-filter |
Do not strip the realm name from the search filter
that the Black Box RADIUS server includes in requests sent to the
OpenDirectory server
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} tls-enable
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
tls-enable |
Enable TLS authentication that the local SmartPath AP, as an LDAP client, uses with the OD server (Default: Disabled)
|
aaa radius-server local
ldap-auth {primary|backup1|backup2|backup3} type tls ca-cert
<string> [ client-cert <string> private-key <string> [
private-key-password <string> ] ] [ verify-server
{never|try|demand} ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
ldap-auth |
Set the authentication method that the local SmartPath AP, as an LDAP client, uses with the LDAP server
|
primary |
Set the authentication method for the first LDAP server
|
backup1 |
Set the authentication method for the second LDAP server
|
backup2 |
Set the authentication method for the third LDAP server
|
backup3 |
Set the authentication method for the fouth LDAP server
|
type |
Set the authentication type to use for LDAP communications
|
tls |
Set the authentication type as TLS (Transport Layer Security)
|
ca-cert |
Set the CA certificate that the local SmartPath AP uses when authenticating itself as an LDAP client to an LDAP server
|
<string> |
Enter the file name of the CA certificate (1-32 chars)
|
client-cert |
Set the client certificate that the local SmartPath AP uses when authenticating itself to an LDAP server
|
<string> |
Enter the file name of the client certificate (1-32 chars)
|
private-key |
Set the private key that the local SmartPath AP uses to authenticate itself to an LDAP server
|
<string> |
Enter the name of the private key file (1-32 chars)
|
private-key-password |
Set the password for the private key that is used when forming a TLS tunnel
|
<string> |
Enter the password (1-32 chars)
|
verify-server |
Set options for verifying the LDAP server (Default: LDAP server verification is try.)
|
never |
never verify the identity of the LDAP server (Default: try)
|
try |
try verify the identity of the LDAP server (Default: try)
|
demand |
demand verify the identity of the LDAP server (Default: try)
|
aaa radius-server local library-sip-policy <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
library-sip-policy |
Set a library SIP policy to enforce when the local RADIUS server acts as a library SIP client
|
<string> |
Enter the library SIP policy name (1-32 chars)
|
aaa radius-server local local-check-period <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
local-check-period |
Set the length of time that the local SmartPath AP
RADIUS server checks just its cache of user-authentication responses and
its own database before retrying previously unresponsive LDAP servers
|
<number> |
Enter the interval for checking the local RADIUS cache and database (Default: 300 secs; Min: 30; Max: 3600)
|
aaa radius-server local nas <string> shared-key <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
nas |
Set parameters for other cluster members acting as the RADIUS NAS (Network Access Server)
|
<string> |
Enter an IP address or a subnet for the RADIUS NAS, or a resolvable domain name (1-32 chars)
|
shared-key |
Set the shared secret for authenticating communications with the RADIUS NAS
|
<string> |
Enter the shared secret (1-31 chars)
|
aaa radius-server local port <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
port |
Set the local RADIUS port number
|
<number> |
Enter the RADIUS port number (Default: 1812; Range: 1-65535)
|
aaa radius-server local remote-check-period <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
remote-check-period |
Set the length of time that the local SmartPath AP
RADIUS server will repeatedly try contacting an unresponsive LDAP server
before giving up
|
<number> |
Enter the LDAP server retry interval (Default: 30 secs; Min: 10; Max: 3600)
|
aaa radius-server local retry-interval <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
retry-interval |
Set the interval after which the SmartPath AP RADIUS
server tries to contact a previously unresponsive primary LDAP server
(even if a backup server is currently responding)
|
<number> |
Enter the interval for retrying the primary LDAP server (Default: 600 secs; Min: 60; Max: 200000000)
|
aaa radius-server local shared-secret-auto-gen
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
shared-secret-auto-gen |
Enable the automatic generation of shared secrets when static entries are not found (Default: Enabled)
|
aaa radius-server local
sta-auth ca-cert <string> server-cert <string> private-key
<string> [ private-key-password <string> ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
sta-auth |
Set the authentication type and certificate parameters for authenticating users
|
ca-cert |
Set the CA certificate for a TLS (Transport Layer Security) tunnel
|
<string> |
Enter the file name of the CA certificate (1-32 chars)
|
server-cert |
Set the server certificate used when forming a TLS tunnel
|
<string> |
Enter the file name of the server certificate (1-32 chars)
|
private-key |
Set the private key used when forming a TLS tunnel
|
<string> |
Enter the name of the private key file (1-32 chars)
|
private-key-password |
Set the password for encrypting the private key used when forming a TLS tunnel
|
<string> |
Enter a password (1-64 chars)
|
aaa radius-server local sta-auth type tls {check-cert-cn|check-in-db}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
sta-auth |
Set the authentication type and certificate parameters for authenticating users
|
type |
Set the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
tls |
Set TLS (Transport Layer Security) as the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
check-cert-cn |
Check the CN (common name) in the certificate against the user name (Default: Disabled)
|
check-in-db |
Query databases to check if the user exists (Default: Disabled)
|
aaa radius-server local sta-auth type {leap|peap|tls|ttls}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
sta-auth |
Set the authentication type and certificate parameters for authenticating users
|
type |
Set the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
leap |
Set LEAP (Lightweight Extensible Authentication Protocol) as the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
peap |
Set PEAP (Protected Extensible Authentication Protocol) as the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
tls |
Set TLS (Transport Layer Security) as the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
ttls |
Set TTLS (Tunneled TLS) as the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
aaa radius-server local sta-auth type {peap|ttls} check-in-db
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
sta-auth |
Set the authentication type and certificate parameters for authenticating users
|
type |
Set the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
peap |
Set PEAP (Protected Extensible Authentication Protocol) as the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
ttls |
Set TTLS (Tunneled TLS) as the RADIUS authentication type (Default: tls+peap+ttls+leap)
|
check-in-db |
Enable the local RADIUS server to query the Active
Directory database to check that user accounts are stored under the
proper baseDN before authenticating them (Default: Disabled)
|
aaa radius-server local user-group <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
user-group |
Add a user group on the local RADIUS server
|
<string> |
Enter the user group name (1-32 chars)
|
aaa radius-server local {enable|cache}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local SmartPath AP as a RADIUS server
|
enable |
Enable RADIUS server functionality on the local SmartPath AP
|
cache |
Set parameters for caching user-authentication responses from external LDAP servers
|
aaa radius-server proxy dead-time <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
proxy |
Set parameters for proxying RADIUS requests
|
dead-time |
Set the interval after which the SmartPath AP tries to contact a previously unresponsive RADIUS server
|
<number> |
Enter the interval in seconds (Default: 300; Range: 30-3600)
|
aaa radius-server proxy realm <string> no-strip
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
proxy |
Set parameters for proxying RADIUS requests
|
realm |
Set parameters for proxying requests to RADIUS servers based on the realm specified in submitted user names
|
<string> |
Enter the realm name (1-32 chars; Note: Assign a
server to the "NULL" realm to proxy requests that do not include a realm
name to that server. Assign a server to "DEFAULT" to send it requests
containing an unconfigured realm.)
|
no-strip |
Do not strip the realm name from a submitted user
name when proxying requests to the RADIUS server (Default: The realm
name is stripped from proxied requests.)
|
aaa radius-server proxy realm <string> {primary|backup} <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
proxy |
Set parameters for proxying RADIUS requests
|
realm |
Set parameters for proxying requests to RADIUS servers based on the realm specified in submitted user names
|
<string> |
Enter the realm name (1-32 chars; Note: Assign a
server to the "NULL" realm to proxy requests that do not include a realm
name to that server. Assign a server to "DEFAULT" to send it requests
containing an unconfigured realm.)
|
primary |
Assign a backup RADIUS server to the realm
|
backup |
Assign a backup RADIUS server to the realm
|
<string> |
Enter the RADIUS server name (1-32 chars)
|
aaa radius-server proxy realm format {nai|nt-domain}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
proxy |
Set parameters for proxying RADIUS requests
|
realm |
Set parameters for proxying requests to RADIUS servers based on the realm specified in submitted user names
|
format |
Set the format in which a realm name is appended to a user's name in request packets
|
nai |
Set NAI (network access identifier) as the realm name format: user@realm (Default: NAI)
|
nt-domain |
Set Windows NT domain as the realm name format: realm\user (Default: NAI)
|
aaa radius-server proxy retry-delay <number> retry-count <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
proxy |
Set parameters for proxying RADIUS requests
|
retry-delay |
Set the interval to wait for a response from the RADIUS server before resending a proxied request
|
<number> |
Enter the interval between retries in seconds (Default: 5; Range: 3-10)
|
retry-count |
Set the number of times to retry proxying a request to the RADIUS server
|
<number> |
Enter the number of retries (Default: 3; Range: 1-10)
|
aaa radius-server retry-interval <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
retry-interval |
Set RADIUS server retry interval
|
<number> |
Enter RADIUS server retry interval (Default: 600 secs; Range: 60-100000000)
|
aaa radius-server
{primary|backup1|backup2|backup3} <ip_addr|string> [ shared-secret
<string> ] [ auth-port <number> ] [ acct-port
<number> ] [ via-vpn-tunnel ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
primary |
Set the RADIUS server that is first queried when authenticating users
|
backup1 |
Set the RADIUS server that is queried if the primary server stops responding
|
backup2 |
Set the RADIUS server that is queried if the backup1 server stops responding
|
backup3 |
Set the RADIUS server that is queried if the backup2 server stops responding
|
<ip_addr> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
<string> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
shared-secret |
Set the shared secret for authenticating communications with a RADIUS server
|
<string> |
Enter the shared secret for authenticating communications with a RADIUS server (1-64 chars)
|
auth-port |
Set the RADIUS authentication port number
|
<number> |
Enter the RADIUS authentication port number (Default: 1812; Range: 1-65535)
|
acct-port |
Set the RADIUS accounting port number
|
<number> |
Enter the RADIUS accounting port number (Default: 0; Range: 0-65535)
|
via-vpn-tunnel |
Send all RADIUS traffic through a VPN tunnel (Note:
Set this option on VPN clients when the RADIUS server is in a different
subnet from the tunnel interface. When they are in the same subnet,
tunneling is automatic.)
|
access-console custom-ssid <string>
|
access-console |
Set access console parameters
|
custom-ssid |
Set custom SSID profile name for the access console
|
<string> |
Enter an SSID profile name (1-32 chars)
|
access-console hide-ssid
|
access-console |
Set access console parameters
|
hide-ssid |
Hide the SSID in beacons and probe responses (Default: disabled)
|
access-console max-client <number>
|
access-console |
Set access console parameters
|
max-client |
Set the maximum number of clients that can associate with the access console SSID
|
<number> |
Enter the maximum number of clients that can associate (Default: 2; Range: 1-64)
|
access-console mode {auto|disable|enable}
|
access-console |
Set access console parameters
|
mode |
Set the mode for the access console (Note: 'auto'
enables the access console only when there is no Ethernet or wireless
backhaul connection. 'enable' and 'disable' set the mode manually.)
|
auto |
Set the mode as auto (Default: auto)
|
disable |
Set the mode as disable (Default: auto)
|
enable |
Set the mode as enable (Default: auto)
|
access-console security mac-filter <string>
|
access-console |
Set access console parameters
|
security |
Set the security parameters for the access console
|
mac-filter |
Assign a MAC filter to the access console to
restrict access only to those MAC addresses and OUIs (organizational
unique identifiers) specified in the filter
|
<string> |
Enter the filter name (1-32 chars)
|
access-console security protocol-suite open
|
access-console |
Set access console parameters
|
security |
Set the security parameters for the access console
|
protocol-suite |
Set the security protocol suite for the access console
|
open |
Set the security protocol suite as open
|
access-console security
protocol-suite
{wpa-aes-psk|wpa-tkip-psk|wpa2-aes-psk|wpa2-tkip-psk|wpa-auto-psk}
ascii-key <string>
|
access-console |
Set access console parameters
|
security |
Set the security parameters for the access console
|
protocol-suite |
Set the security protocol suite for the access console
|
wpa-aes-psk |
Set the security protocol suite as wpa-aes-psk
|
wpa-tkip-psk |
Set the security protocol suite as wpa-tkip-psk
|
wpa2-aes-psk |
Set the security protocol suite as wpa2-aes-psk
|
wpa2-tkip-psk |
Set the security protocol suite as wpa2-tkip-psk
|
wpa-auto-psk |
Set the security protocol suite as wpa-auto-psk
|
ascii-key |
Set key type as an ASCII string
|
<string> |
Enter the ASCII key value (8-63 chars)
|
access-console telnet
|
access-console |
Set access console parameters
|
telnet |
Enable Telnet manageability of the access console (Default: enabled)
|
admin auth radius-method [ {pap|chap|ms-chap-v2} ]
|
admin |
Set the administrator parameters
|
auth |
Set the administrators authentication method
|
radius-method |
Authenticate admins by checking accounts stored on an external RADIUS server
|
pap |
Set PAP (Password Authentication Protocol) as the
method for sending authentication requests between the SmartPath AP and
RADIUS server (Default: PAP)
|
chap |
Set CHAP (Challenge-Handshake Authentication
Protocol) as the method for sending authentication requests between the
SmartPath AP and RADIUS server (Default: PAP)
|
ms-chap-v2 |
Set MS-CHAP-v2 (Microsoft CHAP Version 2) as the
method for sending authentication requests between the SmartPath AP and
RADIUS server (Default: PAP)
|
admin auth {local|radius|both}
|
admin |
Set the administrator parameters
|
auth |
Set the administrators authentication method
|
local |
Authenticate admins by checking accounts stored on the local database (Default: local)
|
radius |
Authenticate admins by checking accounts stored on an external RADIUS server
|
both |
Authenticate admins by checking accounts on an external RADIUS server first and the local database second
|
admin manager-ip <ip_addr/netmask>
|
admin |
Set the administrator parameters
|
manager-ip |
Allow administrative access from a host or subnet (By default, access from all addresses are allowed.)
|
<ip_addr/netmask> |
Enter an IP address and netmask
|
admin min-password-length <number>
|
admin |
Set the administrator parameters
|
min-password-length |
Set the minimum password length
|
<number> |
Enter the minimum password length (Default: 5; Range: 5-32)
|
admin root-admin <string> password <string>
|
admin |
Set the administrator parameters
|
root-admin |
The root-admin has complete privileges, including the ability to add, modify, and delete other admins
|
<string> |
Enter root-admin name (3-20 characters)
|
password |
Set password for the root-admin
|
<string> |
Set password for the root-admin (5-32 characters)
|
admin {read-write|read-only} <string> password <string>
|
admin |
Set the administrator parameters
|
read-write |
The read-write admin has the ability to view, set
commands and modify his or her own password, but not the ability to
reset the configuration or add, modify, and delete other admins
|
read-only |
The read-only admin has the ability to view settings
|
<string> |
Enter an admin user's name (3-20 characters)
|
password |
Set password for the user
|
<string> |
Set password for the user (5-32 characters)
|
alg {ftp|tftp|sip|dns|http} enable
|
alg |
Set ALG (Application Level Gateway) parameters
|
ftp |
Set an FTP (File Transfer Protocol) ALG
|
tftp |
Set a TFTP (Trivial File Transfer Protocol) ALG
|
sip |
Set a SIP (Session Initiation Protocol) ALG
|
dns |
Set a DNS (Domain Name System) ALG
|
http |
Set an HTTP ALG
|
enable |
Enable ALG functionality
|
alg {ftp|tftp|sip|dns} qos <number>
|
alg |
Set ALG (Application Level Gateway) parameters
|
ftp |
Set an FTP (File Transfer Protocol) ALG
|
tftp |
Set a TFTP (Trivial File Transfer Protocol) ALG
|
sip |
Set a SIP (Session Initiation Protocol) ALG
|
dns |
Set a DNS (Domain Name System) ALG
|
qos |
Set an Black Box QoS class for ALG data traffic
|
<number> |
Enter an Black Box QoS class (Default: 0 for FTP, 0 for TFTP, 6 for SIP, 0 for DNS; Range: 0-7)
|
alg {ftp|tftp|sip} inactive-data-timeout <number>
|
alg |
Set ALG (Application Level Gateway) parameters
|
ftp |
Set an FTP (File Transfer Protocol) ALG
|
tftp |
Set a TFTP (Trivial File Transfer Protocol) ALG
|
sip |
Set a SIP (Session Initiation Protocol) ALG
|
inactive-data-timeout |
Set a timeout to close an inactive gate
|
<number> |
Enter an inactive gateway timeout value in seconds (Default: 30 for FTP, 30 for TFTP, 60 for SIP; Range: 1-1800s)
|
alg {ftp|tftp|sip} max-duration <number>
|
alg |
Set ALG (Application Level Gateway) parameters
|
ftp |
Set an FTP (File Transfer Protocol) ALG
|
tftp |
Set a TFTP (Trivial File Transfer Protocol) ALG
|
sip |
Set a SIP (Session Initiation Protocol) ALG
|
max-duration |
Set the maximum duration for the ALG
|
<number> |
Enter the maximum duration in minutes (Default: 60 for FTP, 60 for TFTP, 720 for SIP; Range: 1-7200(min))
|
amrp interface <ethx> priority <number>
|
amrp |
Set AMRP (Advanced Mobility Routing Protocol) parameters
|
interface |
Set AMRP parameters per interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
priority |
Set a priority for the SmartPath AP to be elected as a DA (designated AP) on the Ethernet link to which the interface connects
|
<number> |
Enter the priority value (Range: 0-255; Default: 0;
Note: The greater the number is, the higher its priority, and the more
preferred the SmartPath AP will be during the DA election process. For
example, 100 has a higher priority than 50.)
|
amrp metric poll-interval <number>
|
amrp |
Set AMRP (Advanced Mobility Routing Protocol) parameters
|
metric |
Set route metric parameters for the backhaul link (Ethernet and wireless)
|
poll-interval |
Set the interval for polling neighbors to determine current route metrics
|
<number> |
Enter the poll-interval value (Default: 60 secs; Range: 10-300)
|
amrp metric type {aggressive|conservative|normal}
|
amrp |
Set AMRP (Advanced Mobility Routing Protocol) parameters
|
metric |
Set route metric parameters for the backhaul link (Ethernet and wireless)
|
type |
Set the type of behavior governing dynamic changes to route metrics
|
aggressive |
Change route metrics to aggressive (Default: normal)
|
conservative |
Change route metrics to conservative (Default: normal)
|
normal |
Change route metrics to normal (Default: normal)
|
amrp neighbor <mac_addr> metric min <number> max <number>
|
amrp |
Set AMRP (Advanced Mobility Routing Protocol) parameters
|
neighbor |
Specify the neighbor to which you want to set AMRP parameters
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
metric |
Set route metric parameters for the backhaul link (Ethernet and wireless) to the neighbor
|
min |
Set the minimum metric value
|
<number> |
Enter the minimum metric value (Default: 67; Range: 8-1200)
|
max |
Set the maximum metric value equal to or greater than the minimum value
|
<number> |
Enter the maximum metric value (Default: 67; Range: 8-1200)
|
amrp vpn-tunnel heartbeat interval <number> retry <number>
|
amrp |
Set AMRP (Advanced Mobility Routing Protocol) parameters
|
vpn-tunnel |
Set parameters for VPN tunneling
|
heartbeat |
Set AMRP (Advanced Mobility Routing Protocol) heartbeat parameters for VPN tunnel
|
interval |
Set the interval for sending AMRP heartbeats through the tunnel
|
<number> |
Enter the heartbeat interval in seconds (Range: 0-65535; Default: 10; Note: 0 disables AMRP heartbeats.)
|
retry |
Set the number of times to retry sending a heartbeat when it does not elicit a response
|
<number> |
Enter the number of heartbeats to retry sending (Range: 1-255; Default: 10)
|
boot-param boot-file <string>
|
boot-param |
Set parameters for the boot loader
|
boot-file |
Set the file name of the SmartPath OS image that you
want to load on the local SmartPath AP through a network connection to a
TFTP server
|
<string> |
Enter the file name (1-127 characters)
|
boot-param boot-password <string>
|
boot-param |
Set parameters for the boot loader
|
boot-password |
Set the password that a root admin must enter to interrupt the auto-boot sequence
|
<string> |
Enter the password (8-32 chars)
|
boot-param country-code <number>
|
boot-param |
Set parameters for the boot loader
|
country-code |
Set the country code used to control radio channel and power selections
|
<number> |
Enter a country code value (Default: 0; Range: 1 - 10000)
|
boot-param device <ip_addr/netmask>
|
boot-param |
Set parameters for the boot loader
|
device |
Set the IP address and netmask of the local SmartPath AP device
|
<ip_addr/netmask> |
Enter the IP address and netmask
|
boot-param device <ip_addr> <netmask>
|
boot-param |
Set parameters for the boot loader
|
device |
Set the IP address and netmask of the local SmartPath AP device
|
<ip_addr> |
Enter the IP address
|
<netmask> |
Enter the IP netmask
|
boot-param gateway <ip_addr>
|
boot-param |
Set parameters for the boot loader
|
gateway |
Set the IP address of the gateway so that the local
SmartPath AP can reach the TFTP server with the SmartPath OS image that
you want to load
|
<ip_addr> |
Enter the IP address
|
boot-param native-vlan <number>
|
boot-param |
Set parameters for the boot loader
|
native-vlan |
Set the native VLAN ID of the local SmartPath AP
|
<number> |
Enter the VLAN ID (Default: 0; Range: 0-4094)
|
boot-param netboot enable
|
boot-param |
Set parameters for the boot loader
|
netboot |
Set the SmartPath AP to boot up automatically from an external TFTP server after an application crash occurs
|
enable |
Enable the ability to boot up automatically from an external TFTP server after an application crash occurs
|
boot-param netdump dump-file [ <string> ]
|
boot-param |
Set parameters for the boot loader
|
netdump |
Set parameters for saving a core dump to the TFTP
server specified in the "boot-param server" command (Note: If the
SmartPath AP crashes, it saves a core dump file to the TFTP server in
its next rebooting phase)
|
dump-file |
Set the name of the core dump file to be saved to the TFTP server
|
<string> |
Enter the name of the core dump file(Default name: .netdump; 1-32 chars)
|
boot-param netdump enable
|
boot-param |
Set parameters for the boot loader
|
netdump |
Set parameters for saving a core dump to the TFTP
server specified in the "boot-param server" command (Note: If the
SmartPath AP crashes, it saves a core dump file to the TFTP server in
its next rebooting phase)
|
enable |
Enable the netdump feature (Default: Disabled)
|
boot-param server <ip_addr>
|
boot-param |
Set parameters for the boot loader
|
server |
Set the IP address of the TFTP server that has the SmartPath OS image file that you want to load
|
<ip_addr> |
Enter the IP address
|
boot-param vlan <number>
|
boot-param |
Set parameters for the boot loader
|
vlan |
Set the VLAN that the local SmartPath AP must use to reach the TFTP server
|
<number> |
Enter the VLAN ID (Default: 0; Range: 0-4094)
|
cac airtime-per-second <number>
|
cac |
Set CAC (Call Admission Control) parameters for regulating the admission of new VoIP calls
|
airtime-per-second |
Set airtime reserved for VoIP calls
|
<number> |
Enter the airtime for VoIP calls (Default: 500ms; Range: 100ms-1000ms)
|
cac enable
|
cac |
Set CAC (Call Admission Control) parameters for regulating the admission of new VoIP calls
|
enable |
Enable CAC protection of VoIP traffic
|
cac roaming airtime-percentage <number>
|
cac |
Set CAC (Call Admission Control) parameters for regulating the admission of new VoIP calls
|
roaming |
Set parameters for VoIP calls when a client roams
|
airtime-percentage |
Set the percentage of airtime reserved for VoIP calls during roaming
|
<number> |
Enter the percentage of reserved airtime (Default: 20; Range: 0-100)
|
capture interface <wifix> [ count <number> ] [ filter <number> ] [ promiscuous ]
|
capture |
Set packet capture parameters
|
interface |
Enable packet capturing on a radio interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
count |
Set the number of frames to capture
|
<number> |
Enter the number of frames to capture (Default: 2000; Range: 1-100000)
|
filter |
Set the packet capture filter
|
<number> |
Enter a filter ID (Range: 1-64)
|
promiscuous |
Enable the wifi interfaces to operate in promiscuous mode during packet capturing (Default: Disabled)
|
capture save interface <wifix> <string>
|
capture |
Set packet capture parameters
|
save |
Set the packet capture tool to save captured packets to a file
|
interface |
Set the packet capture tool to save captured packets to a file on a radio interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
<string> |
Enter a local file name or the remote location,
path, and file name (Format: filename or tftp://server:/path/filename;
Default: wifix.dmp)
|
capwap client HTTP proxy name <string> port <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
HTTP |
Set HTTP as the application-level protocol using TCP as the transport mode
|
proxy |
Set parameters for the HTTP proxy server
|
name |
Set the HTTP proxy server name
|
<string> |
Enter the IP address or domain name of the HTTP proxy server (1-32 chars)
|
port |
Set the HTTP proxy server port number
|
<number> |
Enter the port number (Range: 1-65535)
|
capwap client HTTP proxy user <string> password <string>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
HTTP |
Set HTTP as the application-level protocol using TCP as the transport mode
|
proxy |
Set parameters for the HTTP proxy server
|
user |
Set the user name for authenticating the SmartPath AP with the HTTP proxy server
|
<string> |
Enter the authentication user name (1-32 chars)
|
password |
Set the user password for authenticating the SmartPath AP with the HTTP proxy server
|
<string> |
Enter the password (1-32 chars)
|
capwap client default-server-name <string>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
default-server-name |
Set the default IP address or domain name for the CAPWAP server
|
<string> |
Enter IP address or name for CAPWAP server (1-32 chars)
|
capwap client discovery interval <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
discovery |
Set CAPWAP client discovery parameters
|
interval |
Set CAPWAP discovery interval
|
<number> |
Enter the CAPWAP discovery interval (Default: 5 secs; Range:1-999)
|
capwap client discovery maximum interval <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
discovery |
Set CAPWAP client discovery parameters
|
maximum |
Set the max time in seconds to wait for a response to a Discovery Request message
|
interval |
Set the max time in seconds to wait for a response to a Discovery Request message
|
<number> |
Enter the max time to wait for a response to a Discovery Request message (Default: 10 secs; Range: 2-180)
|
capwap client dtls accept-bootstrap-passphrase
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
dtls |
Set DTLS (Datagram Transport Layer Security) parameters for securing the CAPWAP connection
|
accept-bootstrap-passphrase |
Always accept the bootstrap passphrase proposed by SmartPath EMS
|
capwap client dtls bootstrap-passphrase <string>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
dtls |
Set DTLS (Datagram Transport Layer Security) parameters for securing the CAPWAP connection
|
bootstrap-passphrase |
Set a passphrase for initial and recovery CAPWAP connections
|
<string> |
Enter the bootstrap passphrase (16-32 characters)
|
capwap client dtls enable
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
dtls |
Set DTLS (Datagram Transport Layer Security) parameters for securing the CAPWAP connection
|
enable |
Enable CAPWAP client dtls feature
|
capwap client dtls handshake-wait-time <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
dtls |
Set DTLS (Datagram Transport Layer Security) parameters for securing the CAPWAP connection
|
handshake-wait-time |
Set the maximum time to wait for a DTLS handshake message from the CAPWAP server
|
<number> |
Enter the maximum wait time in seconds (Default: 60; Range: 30-120)
|
capwap client dtls hm-defined-passphrase <string> key-id <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
dtls |
Set DTLS (Datagram Transport Layer Security) parameters for securing the CAPWAP connection
|
hm-defined-passphrase |
Use the SmartPath EMS-defined passphrase to secure CAPWAP communications
|
<string> |
Enter a passphrase for the SmartPath AP to use when making a secure CAPWAP connection (16-32 characters)
|
key-id |
Set the key ID for the passphrase
|
<number> |
Enter the key ID (Range: 1-255)
|
capwap client dtls max-retries <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
dtls |
Set DTLS (Datagram Transport Layer Security) parameters for securing the CAPWAP connection
|
max-retries |
Set the maximum number of times to retry making a DTLS connection
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-65535)
|
capwap client dtls negotiation enable
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
dtls |
Set DTLS (Datagram Transport Layer Security) parameters for securing the CAPWAP connection
|
negotiation |
Set the SmartPath AP to auto-negotiate the use of DTLS with SmartPath EMS
|
enable |
Enable DTLS auto-negotiation
|
capwap client dtls psk <string>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
dtls |
Set DTLS (Datagram Transport Layer Security) parameters for securing the CAPWAP connection
|
psk |
Set the DTLS preshared key manually (instead of deriving it from a passphrase)
|
<string> |
Enter the DTLS preshared key in ASCII hex format (1-64 chars)
|
capwap client dtls session-delete-wait-time <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
dtls |
Set DTLS (Datagram Transport Layer Security) parameters for securing the CAPWAP connection
|
session-delete-wait-time |
Set the minimum time to wait for DTLS session deletion
|
<number> |
Enter the wait time in seconds (Default: 5; Range: 1-65535)
|
capwap client enable
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
enable |
Enable CAPWAP client
|
capwap client event enable
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
event |
CAPWAP report event information
|
enable |
Enable CAPWAP send event information
|
capwap client join timeout <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
join |
Set the interval that the SmartPath AP waits for a CAPWAP Join Response message
|
timeout |
Set the interval that the SmartPath AP waits for a CAPWAP Join Response message
|
<number> |
Enter join interval in seconds to wait for Join Response message (Default: 60 secs; Range: 30-999)
|
capwap client neighbor dead interval <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
neighbor |
Set CAPWAP client neighbor parameters
|
dead |
Set the dead interval for CAPWAP neighbors
|
interval |
Set the interval in seconds to wait for ping responses before considering a CAPWAP neighbor dead
|
<number> |
Enter interval to wait for responses before considering a neighbor dead (Default: 105 secs; Range: 60-240)
|
capwap client neighbor heartbeat interval <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
neighbor |
Set CAPWAP client neighbor parameters
|
heartbeat |
Set the heartbeat parameters for a CAPWAP neighbor
|
interval |
Set the heartbeat interval for a CAPWAP neighbor
|
<number> |
Enter the heartbeat interval for a CAPWAP neighbor (Default: 30; Range: 30-120)
|
capwap client pci-alert enable
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
pci-alert |
Report PCI (Payment Card Infrastructure) compliance information to SmartPath EMS
|
enable |
Enable the reporting of PCI compliance information
|
capwap client server [ {backup} ] name <string> [ connect-delay <number> ] [ via-vpn-tunnel ]
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
server |
Set parameters for communicating with the CAPWAP server
|
backup |
Set the backup CAPWAP server
|
name |
Set the IP address or domain name of the CAPWAP server
|
<string> |
Enter IP address or name for CAPWAP server (1-32 chars)
|
connect-delay |
Schedule a connection to the specified CAPWAP server at a time relative to the moment the SmartPath AP receives the command
|
<number> |
Enter the interval in seconds after which the CAPWAP client connects (Range: 0-65535)
|
via-vpn-tunnel |
Send all CAPWAP traffic through a VPN tunnel (Note:
Set this option on VPN clients when the CAPWAP server is in a different
subnet from the tunnel interface. When they are in the same subnet,
tunneling is automatic.)
|
capwap client server port <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
server |
Set parameters for communicating with the CAPWAP server
|
port |
Set the destination port number for communicating with the CAPWAP server
|
<number> |
Enter the port number (Default: 12222; Range: 1-65535)
|
capwap client silent interval <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
silent |
Set an interval to wait after failing to receive Discovery Request responses before sending more requests
|
interval |
Set an interval to wait after failing to receive Discovery Request responses before sending more requests
|
<number> |
Enter an interval to wait after failing to receive Discovery Request responses (Default: 15 secs; Range: 1-999)
|
capwap client transport HTTP
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
transport |
Set the packet transport mode for CAPWAP communications
|
HTTP |
Set HTTP as the application-level protocol using TCP as the transport mode
|
capwap client vhm-name <string>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
vhm-name |
Set the name of the virtual SmartPath EMS system
|
<string> |
Enter the name of the virtual SmartPath EMS system (1-64 chars)
|
capwap max-discoveries counter <number>
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
max-discoveries |
Set the max number of CAPWAP Discovery Request messages
|
counter |
Set the max number of CAPWAP Discovery Request messages
|
<number> |
Enter the max number of CAPWAP Discovery Request messages (Default: 3; Range: 1-999)
|
capwap ping <string> [ port <number> ] [ count <number> ] [ size <number> ] [ timeout <number> ]
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
ping |
Perform a CAPWAP ping (Note: A CAPWAP ping does not
use ICMP echo requests, but UDP packets similar to those used for CAPWAP
heartbeats.)
|
<string> |
Enter the IP address or domain name of the CAPWAP server (1-32 characters)
|
port |
Set the destination UDP port number for communicating with the CAPWAP server
|
<number> |
Enter the destination UDP port number for communicating with the CAPWAP server (Default: 12222; Range: 1-65535)
|
count |
Set the number of CAPWAP UDP packets to send
|
<number> |
Enter the number of packets to send (Default: 5; Range: 1-65535)
|
size |
Set the size of the UDP packets
|
<number> |
Enter the packet size in bytes (Default: 56; Range:1-1300)
|
timeout |
Set the length of time to wait for a response
|
<number> |
Enter the timeout in seconds (Default: 5; Range: 1-60)
|
capwap ping <string> [ port <number> ] flood <number> [ size <number> ] [ timeout <number> ]
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
ping |
Perform a CAPWAP ping (Note: A CAPWAP ping does not
use ICMP echo requests, but UDP packets similar to those used for CAPWAP
heartbeats.)
|
<string> |
Enter the IP address or domain name of the CAPWAP server (1-32 characters)
|
port |
Set the destination UDP port number for communicating with the CAPWAP server
|
<number> |
Enter the destination UDP port number for communicating with the CAPWAP server (Default: 12222; Range: 1-65535)
|
flood |
Set the number of batches, each consisting of 100 CAPWAP UDP packets, to send at one time
|
<number> |
Enter the number of batches of packets(Default: 5; Range: 1-65535)
|
size |
Set the size of the UDP packets
|
<number> |
Enter the packet size in bytes (Default: 56; Range:1-1300)
|
timeout |
Set the length of time to wait for a response
|
<number> |
Enter the timeout in seconds (Default: 5; Range: 1-60)
|
clear aaa radius-server cache [ username <string> ]
|
clear |
Clear dynamic system information or remove all web directories
|
aaa |
Clear parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Clear RADIUS server parameters
|
cache |
Clear all RADIUS server caches or one cache
|
username |
Clear the RADIUS server cache by username
|
<string> |
Enter the username (1-32 chars)
|
clear aaa radius-server-key [ {radius-server|ldap-client} ] [ <string> ]
|
clear |
Clear dynamic system information or remove all web directories
|
aaa |
Clear parameters for AAA (authentication, authorization, accounting)
|
radius-server-key |
Clear all certificates that the local SmartPath AP uses as a RADIUS server and LDAP client
|
radius-server |
Clear certificates that the local SmartPath AP uses as a RADIUS server
|
ldap-client |
Clear certificates that the local SmartPath AP uses as a LDAP client
|
<string> |
Enter the name of the certificate
|
clear arp-cache
|
clear |
Clear dynamic system information or remove all web directories
|
arp-cache |
Clear the ARP cache
|
clear auth roaming-cache mac <mac_addr> cluster-neighbors
|
clear |
Clear dynamic system information or remove all web directories
|
auth |
Clear dynamic authentication information
|
roaming-cache |
Clear all entries from the roaming cache, which
contains authentication information for stations currently connected to
neighboring cluster members
|
mac |
Set the MAC address of the station whose cached authentication information you want to clear
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
cluster-neighbors |
Clear the MAC address from the local roaming cache and from the roaming caches of neighboring cluster members
|
clear auth roaming-cache {cluster-neighbors}
|
clear |
Clear dynamic system information or remove all web directories
|
auth |
Clear dynamic authentication information
|
roaming-cache |
Clear all entries from the roaming cache, which
contains authentication information for stations currently connected to
neighboring cluster members
|
cluster-neighbors |
Clear all entries from the local roaming cache and from the roaming caches of all neighboring cluster members
|
clear auth username <string>
|
clear |
Clear dynamic system information or remove all web directories
|
auth |
Clear dynamic authentication information
|
username |
Clear dynamic authentication information by user name
|
<string> |
Enter a user name (1-32 chars)
|
clear auth {local-cache|roaming-cache|station} [ mac <mac_addr> ]
|
clear |
Clear dynamic system information or remove all web directories
|
auth |
Clear dynamic authentication information
|
local-cache |
Clear all entries from the local cache, which
contains authentication information for stations currently connected to
the local SmartPath AP
|
roaming-cache |
Clear all entries from the roaming cache, which
contains authentication information for stations currently connected to
neighboring cluster members
|
station |
Clear authentication information for a specific station
|
mac |
Set the MAC address of the station whose cached authentication information you want to clear
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear auth {local-cache|roaming-cache|station} ssid <string>
|
clear |
Clear dynamic system information or remove all web directories
|
auth |
Clear dynamic authentication information
|
local-cache |
Clear all entries from the local cache, which
contains authentication information for stations currently connected to
the local SmartPath AP
|
roaming-cache |
Clear all entries from the roaming cache, which
contains authentication information for stations currently connected to
neighboring cluster members
|
station |
Clear authentication information for a specific station
|
ssid |
Clear cached authentication information based on the SSID with which stations associated
|
<string> |
Enter a user name (1-32 chars)
|
clear cac station-airtime [ mac <mac_addr> ]
|
clear |
Clear dynamic system information or remove all web directories
|
cac |
Clear CAC (Call Admission Control) statistics
|
station-airtime |
Clear airtime statistics for a specific station
|
mac |
Set the specific destination MAC
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear capture local [ <string> ]
|
clear |
Clear dynamic system information or remove all web directories
|
capture |
Clear packet capture parameters
|
local |
Clear one or all locally stored packet capture files
|
<string> |
Enter the file name to clear
|
clear capwap client counter
|
clear |
Clear dynamic system information or remove all web directories
|
capwap |
Clear CAPWAP (Control and Provisioning of Wireless Access Points) statistics
|
client |
Clear CAPWAP client statistics
|
counter |
Clear CAPWAP client keepalive packet counters
|
clear cluster <string> counter neighbor [ <mac_addr> ]
|
clear |
Clear dynamic system information or remove all web directories
|
cluster |
Clear cluster info
|
<string> |
Enter a cluster profile name (1-32 chars)
|
counter |
Clear counters for neighboring cluster members
|
neighbor |
Clear counters for all neighbors or a specific neighbor in this cluster
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear config rollback
|
clear |
Clear dynamic system information or remove all web directories
|
config |
Clear the configuration rollback settings
|
rollback |
Clear the current configuration rollback point and related settings
|
clear
forwarding-engine counters [ interface <wifix|wifix.y|ethx|mgtx> ]
[ station <mac_addr> ] [ drop ] [ tunnel ] [ policy ]
|
clear |
Clear dynamic system information or remove all web directories
|
forwarding-engine |
Clear dynamically generated data from the forwarding engine
|
counters |
Clear forwarding engine counter statistics
|
interface |
Clear forwarding engine counter by interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
station |
Clear forwarding engine counter by station MAC
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
drop |
Clear the drop packet counter
|
tunnel |
Clear the counter on tunnels
|
policy |
Clear the counter on policies
|
clear
forwarding-engine ip-sessions [ src-ip <ip_addr> ] [ dst-ip
<ip_addr> ] [ src-port <number> ] [ dst-port <number> ]
[ protocol <number> ]
|
clear |
Clear dynamic system information or remove all web directories
|
forwarding-engine |
Clear dynamically generated data from the forwarding engine
|
ip-sessions |
Clear IP sessions
|
src-ip |
Clear IP sessions by source IP address
|
<ip_addr> |
Source IP address
|
dst-ip |
Clear IP sessions by destination IP address
|
<ip_addr> |
Destination IP address
|
src-port |
Clear IP essions by source port number
|
<number> |
source IP port (Range: 1-65535)
|
dst-port |
Clear IP sessions by destination port number
|
<number> |
destination IP port (Range: 1-65535)
|
protocol |
Clear IP sessions by protocol type
|
<number> |
source IP port (Range: 1-255)
|
clear forwarding-engine ip-sessions id <number>
|
clear |
Clear dynamic system information or remove all web directories
|
forwarding-engine |
Clear dynamically generated data from the forwarding engine
|
ip-sessions |
Clear IP sessions
|
id |
Clear IP sessions by session ID number
|
<number> |
Enter the IP session ID (Range: 1-9999)
|
clear forwarding-engine mac-sessions [ src-mac <mac_addr> ] [ dst-mac <mac_addr> ]
|
clear |
Clear dynamic system information or remove all web directories
|
forwarding-engine |
Clear dynamically generated data from the forwarding engine
|
mac-sessions |
Clear MAC sessions
|
src-mac |
Clear MAC sessions by source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Clear MAC sessions by destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear forwarding-engine mac-sessions id <number>
|
clear |
Clear dynamic system information or remove all web directories
|
forwarding-engine |
Clear dynamically generated data from the forwarding engine
|
mac-sessions |
Clear MAC sessions
|
id |
Clear MAC sessions by session ID number
|
<number> |
Enter the MAC session ID (Range: 1-9999)
|
clear gre-tunnel counters tunnel
|
clear |
Clear dynamic system information or remove all web directories
|
gre-tunnel |
Clear GRE (Generic Routing Encapsulation) tunnel information
|
counters |
Clear GRE tunnel counter statistics
|
tunnel |
Clear the counter on tunnels
|
clear interface <ethx> mac-learning dynamic <mac_addr>
|
clear |
Clear dynamic system information or remove all web directories
|
interface |
Clear interface info
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
mac-learning |
Clear entries in the MAC address learning table
|
dynamic |
Clear dynamically learned MAC address entries
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear interface <ethx> mac-learning dynamic all
|
clear |
Clear dynamic system information or remove all web directories
|
interface |
Clear interface info
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
mac-learning |
Clear entries in the MAC address learning table
|
dynamic |
Clear dynamically learned MAC address entries
|
all |
Clear all dynamically learned MAC address entries
|
clear interface <ethx|wifix|wifix.y> counter
|
clear |
Clear dynamic system information or remove all web directories
|
interface |
Clear interface info
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
counter |
Clear all counters for the interface
|
clear interface <mgtx|mgtx.y> dhcp-server lease all
|
clear |
Clear dynamic system information or remove all web directories
|
interface |
Clear interface info
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Clear the DHCP server lease
|
lease |
Clear a specific DHCP lease or all leases
|
all |
Clear all DHCP leases
|
clear interface <mgtx|mgtx.y> dhcp-server lease ip <ip_addr>
|
clear |
Clear dynamic system information or remove all web directories
|
interface |
Clear interface info
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Clear the DHCP server lease
|
lease |
Clear a specific DHCP lease or all leases
|
ip |
Clear the DHCP lease that uses a specific IP address
|
<ip_addr> |
Enter the IP address
|
clear interface <mgtx|mgtx.y> dhcp-server lease mac <mac_addr>
|
clear |
Clear dynamic system information or remove all web directories
|
interface |
Clear interface info
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Clear the DHCP server lease
|
lease |
Clear a specific DHCP lease or all leases
|
mac |
Clear the DHCP lease assigned to a client with a specific MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear interface <wifix> wlan-idp mitigate rogue-ap [ <mac_addr> ]
|
clear |
Clear dynamic system information or remove all web directories
|
interface |
Clear interface info
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
wlan-idp |
Clear rogue AP entries from the WLAN IDP (intrusion detection and prevention) table
|
mitigate |
Clear mitigated rogue APs
|
rogue-ap |
Clear all mitigated rogue APs or a specific rogue AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear lldp [ {cdp} ] table
|
clear |
Clear dynamic system information or remove all web directories
|
lldp |
Set LLDP (Link Layer Discovery Protocol) parameters
|
cdp |
Set CDP (Cisco Discovery Protocol) parameters
|
table |
Clear LLDP or CDP neighbor table
|
clear location {aeroscout|tzsp} counter
|
clear |
Clear dynamic system information or remove all web directories
|
location |
Clear parameters for location tracking
|
aeroscout |
Clear parameters for the aeroscout location processing engine
|
tzsp |
Clear parameters for the tzsp location processing engine
|
counter |
Clear statistics for location reports sent to the location processing engine
|
clear log [ {buffered|debug|flash|all} ]
|
clear |
Clear dynamic system information or remove all web directories
|
log |
Clear logging messages
|
buffered |
Clear buffered log messages
|
debug |
Clear debug log messages
|
flash |
Clear flash log messages
|
all |
Clear all log messages
|
clear qos counter
|
clear |
Clear dynamic system information or remove all web directories
|
qos |
Clear dynamic QoS information
|
counter |
Clear dynamic QoS statistics counters
|
clear service [ <string> ] counter
|
clear |
Clear dynamic system information or remove all web directories
|
service |
Clear dynamically generated information for all services or for a specific service
|
<string> |
Enter the name of the service whose counters you want to clear
|
counter |
Clear the counter statistics for all services or for a specific service
|
clear ssid <string> counter station [ <mac_addr> ]
|
clear |
Clear dynamic system information or remove all web directories
|
ssid |
Clear SSID info
|
<string> |
Enter an SSID profile name (1-32 chars)
|
counter |
Clear counters for stations (wireless clients) associated with the SSID
|
station |
Clear counters for all stations or a specific station associated with the SSID
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear user-and-group all
|
clear |
Clear dynamic system information or remove all web directories
|
user-and-group |
Clear all users and user-groups
|
all |
Clear all users and user-groups
|
clear vpn certificate-key
|
clear |
Clear dynamic system information or remove all web directories
|
vpn |
Clear VPN information
|
certificate-key |
Clear all certificates that the local SmartPath AP
uses when authenticating its identity to a VPN peer and when verifying
the identity of a VPN peer
|
clear vpn {ike|ipsec} sa
|
clear |
Clear dynamic system information or remove all web directories
|
vpn |
Clear VPN information
|
ike |
Clear IKE SA information established during IKE phase 1 negotiations
|
ipsec |
Clear IPsec SA information established during IKE phase 2 negotiations
|
sa |
Clear SA (security association) information
|
clear web-directory [ {ppsk-self-reg} ]
|
clear |
Clear dynamic system information or remove all web directories
|
web-directory |
Remove all web directories
|
ppsk-self-reg |
Remove all self-registration web directories from the private PSK server
|
clear wlan-idp mitigate [ <mac_addr> ]
|
clear |
Clear dynamic system information or remove all web directories
|
wlan-idp |
Clear rogue AP entries from the WLAN IDP (intrusion detection and prevention) table
|
mitigate |
Clear one or a list of the rogue APs against which mitigation was performed and the SmartPath APs that reported them
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
client-tracing <mac_addr>
|
client-tracing |
Test client tracing
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
clock date-time <date> <time>
|
clock |
Set the internal clock
|
date-time |
Set the date and time for the internal clock
|
<date> |
Enter the date for the internal clock, (Format: YYYY-MM-DD, Range: 1970-01-01 to 2035-12-31)
|
<time> |
Enter the time for the internal clock, (Format: hh:mm:ss, Range: hh(00-23), mm(00-59), ss(00-59)
|
clock time-zone <number> [ {30|45} ]
|
clock |
Set the internal clock
|
time-zone |
Set the time zone for the internal clock
|
<number> |
Enter the time zone for the internal clock (Default: 0; Range: from -12 to 12)
|
30 |
Add 30 minutes to the specified time zone
|
45 |
Add 45 minutes to the specified time zone
|
clock time-zone daylight-saving-time <date> <time> <date> <time>
|
clock |
Set the internal clock
|
time-zone |
Set the time zone for the internal clock
|
daylight-saving-time |
Set the daylight saving time parameters
|
<date> |
Enter the start date for the daylight saving time (Format: MM-DD, Range: 01-01 to 12-31)
|
<time> |
Enter the start time for the daylight saving time (Format: hh:mm:ss, Range: hh(00-23), mm(00-59), ss(00-59)
|
<date> |
Enter the end date for the daylight saving time (Format: MM-DD, Range: 01-01 to 12-31)
|
<time> |
Enter the end time for the daylight saving time (Format: hh:mm:ss, Range: hh(00-23), mm(00-59), ss(00-59)
|
cluster <string>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
cluster <string> frag-threshold <number>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
frag-threshold |
Set fragment threshold parameters for the cluster
|
<number> |
Enter the fragment threshold in bytes for the cluster (Default: 2346; Range: 256-2346)
|
cluster <string> manage all
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
manage |
Set management service parameters
|
all |
Enable all manageability options (ping, SNMP, SSH,
and Telnet) for mgt0 through wireless backhaul interfaces in this
cluster (Defaults: ping enabled, SNMP disabled, SSH enabled, Telnet
disabled)
|
cluster <string> manage {Telnet|SSH|SNMP|ping}
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
manage |
Set management service parameters
|
Telnet |
Enable Telnet manageability of mgt0 through wireless backhaul interfaces in this cluster (Default: Disabled)
|
SSH |
nable SSH manageability of mgt0 through wireless backhaul interfaces in this cluster (Default: Enabled)
|
SNMP |
Enable SNMP manageability of mgt0 through wireless backhaul interfaces in this cluster (Default: Disabled)
|
ping |
Enable mgt0 to respond to pings through subinterfaces bound to this SSID (Default: Enabled)
|
cluster <string> neighbor connecting-threshold <number> polling-interval <number>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
neighbor |
Set the threshold parameters for connecting wirelessly with neighboring cluster members
|
connecting-threshold |
Set the minimum signal strength threshold required for connecting with a neighboring cluster member
|
<number> |
Enter a minimum signal strength value in dBm (Default: -80; Range: -90~-55)
|
polling-interval |
Set the time interval in minutes for polling the signal strength of neighboring cluster members
|
<number> |
Enter the polling time interval (Default: 1 minute; range: 1-60)
|
cluster <string> neighbor connecting-threshold {low|medium|high} polling-interval <number>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
neighbor |
Set the threshold parameters for connecting wirelessly with neighboring cluster members
|
connecting-threshold |
Set the minimum signal strength threshold required for connecting with a neighboring cluster member
|
low |
Set a relatively low minimum signal strength threshold (-85dBm)
|
medium |
Set a relatively moderate minimum signal strength threshold (-80dBm)
|
high |
Set a relatively high minimum signal strength threshold (-75dBm)
|
polling-interval |
Set the time interval in minutes for polling the signal strength of neighboring cluster members
|
<number> |
Enter the polling time interval (Default: 1 minute; range: 1-60)
|
cluster <string> password <string>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
password |
Set a key for cluster member authentication
|
<string> |
Enter a string (8-63 chars) for cluster member authentication (Default: a default password is derived from the cluster name)
|
cluster <string> rts-threshold <number>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
rts-threshold |
Set the RTS (request to send) threshold for the cluster
|
<number> |
Enter the packet size for the RTS threshold for the cluster (Default: 2346 bytes; Range: 1-2346)
|
cluster <string> security mac-filter <string>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
security |
Set cluster security parameters
|
mac-filter |
Assign a filter for MAC addresses or OUIs (organizational unique identifiers)
|
<string> |
Enter the filter name for MAC addresses or OUIs (organizational unique identifiers)
|
cluster <string> security wlan dos station-level frame-type {assoc-req|auth|eapol} ban <number>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
security |
Set cluster security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
auth |
Specify WLAN DoS frame type auth
|
eapol |
Specify WLAN DoS frame type eapol
|
ban |
Set the period of time to ignore frames after a theshold has been crossed
|
<number> |
Enter the period of time in seconds to ignore frames after a theshold has been crossed (Default: 60; Min: 0 Max: None)
|
cluster <string> security wlan dos station-level frame-type {assoc-req|auth|eapol} ban forever
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
security |
Set cluster security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
auth |
Specify WLAN DoS frame type auth
|
eapol |
Specify WLAN DoS frame type eapol
|
ban |
Set the period of time to ignore frames after a theshold has been crossed
|
forever |
Set ban forever
|
cluster <string>
security wlan dos {cluster-level|station-level} frame-type
{probe-req|probe-resp|assoc-req|assoc-resp|disassoc|auth|deauth|eapol|all}
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
security |
Set cluster security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
cluster-level |
Set DoS parameters at cluster-level
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
probe-req |
Specify WLAN DoS frame type probe-req
|
probe-resp |
Specify WLAN DoS frame type probe-resp
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
assoc-resp |
Specify WLAN DoS frame type assoc-resp
|
disassoc |
Specify WLAN DoS frame type disassoc
|
auth |
Specify WLAN DoS frame type auth
|
deauth |
Specify WLAN DoS frame type deauth
|
eapol |
Specify WLAN DoS frame type eapol
|
all |
Specify WLAN DoS frame type all
|
cluster <string>
security wlan dos {cluster-level|station-level} frame-type
{probe-req|probe-resp|assoc-req|assoc-resp|disassoc|auth|deauth|eapol|all}
alarm <number>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
security |
Set cluster security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
cluster-level |
Set DoS parameters at cluster-level
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
probe-req |
Specify WLAN DoS frame type probe-req
|
probe-resp |
Specify WLAN DoS frame type probe-resp
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
assoc-resp |
Specify WLAN DoS frame type assoc-resp
|
disassoc |
Specify WLAN DoS frame type disassoc
|
auth |
Specify WLAN DoS frame type auth
|
deauth |
Specify WLAN DoS frame type deauth
|
eapol |
Specify WLAN DoS frame type eapol
|
all |
Specify WLAN DoS frame type all
|
alarm |
Set the interval in seconds between alarms to indicate continuous DoS conditions
|
<number> |
Enter the interval in seconds between alarms to indicate continuous DoS conditions (Default: 60 secs; Min: 0 Max: None)
|
cluster <string>
security wlan dos {cluster-level|station-level} frame-type
{probe-req|probe-resp|assoc-req|assoc-resp|disassoc|auth|deauth|eapol|all}
threshold <number>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
security |
Set cluster security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
cluster-level |
Set DoS parameters at cluster-level
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
probe-req |
Specify WLAN DoS frame type probe-req
|
probe-resp |
Specify WLAN DoS frame type probe-resp
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
assoc-resp |
Specify WLAN DoS frame type assoc-resp
|
disassoc |
Specify WLAN DoS frame type disassoc
|
auth |
Specify WLAN DoS frame type auth
|
deauth |
Specify WLAN DoS frame type deauth
|
eapol |
Specify WLAN DoS frame type eapol
|
all |
Specify WLAN DoS frame type all
|
threshold |
Set the frame threshold in ppm (packets per minute) that must be crossed to trigger an alarm
|
<number> |
Enter threshold in ppm (Default: cluster-level
probe-req 12000, probe-resp 24000, eapol 6000, auth 6000, assoc-req
6000, assoc-resp 2400, all others 1200; sta-level probe-req 1200 ppm,
probe-resp 2400, eapol 600, auth 600, assoc-req 600, assoc-resp 240, all
others 120; Min: 0 Max: None)
|
cluster <string> wlan-idp in-net-ap
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
in-net-ap |
Mitigate rogue APs and their clients only if the
rogues are in the same backhaul network as the SmartPath APs that
detected them (Default: Mitigate all rogue APs and their clients)
|
cluster <string> wlan-idp max-mitigator-num <number>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
max-mitigator-num |
Set the maximum number of detector APs that can be assigned as mitigator APs to perform mitigation on a rogue and its clients
|
<number> |
Enter the maximum number of mitigator APs (Default:
1; Range: 0-1024; 0 means all detector APs can be assigned to perform
rogue mitigation))
|
cluster <string> wlan-idp mitigation-mode {automatic|semi-automatic|manual}
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
mitigation-mode |
Set the mode for mitigating rogue APs and their clients
|
automatic |
Set the arbitrator AP to appoint a mitigator AP and start the mitigation process automatically (Default: semi-automatic)
|
semi-automatic |
Set the arbitrator AP to appoint a mitigator AP
automatically but start the mitigation process manually (Default:
semi-automatic)
|
manual |
Set the mitigator AP and start the mitigation process manually (Default: semi-automatic)
|
cluster <string> wlan-idp mitigation-mode {automatic|semi-automatic} action {mitigate|report}
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
mitigation-mode |
Set the mode for mitigating rogue APs and their clients
|
automatic |
Set the arbitrator AP to appoint a mitigator AP and start the mitigation process automatically (Default: semi-automatic)
|
semi-automatic |
Set the arbitrator AP to appoint a mitigator AP
automatically but start the mitigation process manually (Default:
semi-automatic)
|
action |
Set the action that you want detector APs to take after discovering rogue APs and their clients
|
mitigate |
Mitigate rogue APs and their clients (Default: Rogue mitigation)
|
report |
Report rogue APs and their clients (Default: Rogue mitigation)
|
cluster <string> wlan-idp mitigator-reeval-period <number>
|
cluster |
Create a cluster or set cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
mitigator-reeval-period |
Set the recurring period of time after which the arbitrator AP reevaluates which SmartPath APs to make mitigator APs
|
<number> |
Enter the period of time in minutes (Default: 5 mins; Range: 1-1440)
|
clusterui cas client server name <string>
|
clusterui |
Enable the clusterUI for defining SmartPath AP
network settings, configuring settings to connect to SmartPath EMS, and
uploading a new SmartPath OS image
|
cas |
Set client and server parameters for CAS (Central
Authentication Service) to authenticate users such as teachers accessing
Teacher View
|
client |
Set parameters for the local SmartPath AP to act as a CAS client
|
server |
Set parameters for communicating with the CAS server
|
name |
Set the IP address or resolvable domain name for the CAS server
|
<string> |
Enter the IP address or domain name (max 32 chars) of the CAS server
|
clusterui cas client server port <number>
|
clusterui |
Enable the clusterUI for defining SmartPath AP
network settings, configuring settings to connect to SmartPath EMS, and
uploading a new SmartPath OS image
|
cas |
Set client and server parameters for CAS (Central
Authentication Service) to authenticate users such as teachers accessing
Teacher View
|
client |
Set parameters for the local SmartPath AP to act as a CAS client
|
server |
Set parameters for communicating with the CAS server
|
port |
Set the destination TCP port number for the CAS server
|
<number> |
[1~65535]Enter the TCP port number (Default: 443; Range: 1-65535)
|
config rollback enable
|
config |
Set parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
rollback |
Set the current config as a rollback point to which
the SmartPath AP can return after a length of time elapses or if it
becomes disconnected from the CAPWAP server, or return the config to a
previously set rollback point immediately
|
enable |
Enable the configuration rollback feature
|
config rollback manual [ wait-time <number> ]
|
config |
Set parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
rollback |
Set the current config as a rollback point to which
the SmartPath AP can return after a length of time elapses or if it
becomes disconnected from the CAPWAP server, or return the config to a
previously set rollback point immediately
|
manual |
Perform the configuration rollback after the defined
length of time elapses regardless of its CAPWAP connectivity (Note:
This option is useful when accessing the CLI remotely and you are
concerned that some commands might cause the SmartPath AP to lose its
network connection.)
|
wait-time |
Set the length of time that the SmartPath AP must be disconnected from the CAPWAP server before rolling back the configuration
|
<number> |
Enter the length of time in minutes to wait before
rolling back the configuration (Default: 10 minutes; Range: 0-60000:
Note: 0 means that the rollback point persists indefinitely until the
'config rollback now' command is entered.)
|
config rollback now
|
config |
Set parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
rollback |
Set the current config as a rollback point to which
the SmartPath AP can return after a length of time elapses or if it
becomes disconnected from the CAPWAP server, or return the config to a
previously set rollback point immediately
|
now |
Return the configuration to a previously set rollback point immediately
|
config rollback {capwap-disconnect|next-reboot} [ wait-time <number> ]
|
config |
Set parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
rollback |
Set the current config as a rollback point to which
the SmartPath AP can return after a length of time elapses or if it
becomes disconnected from the CAPWAP server, or return the config to a
previously set rollback point immediately
|
capwap-disconnect |
Perform the configuration rollback if a CAPWAP
disconnection occurs for the defined length of time (Note: This is
useful when uploading a delta configuration, which does not require the
SmartPath AP to reboot, and you are concerned that some changes might
disrupt network connectivity for the SmartPath AP.)
|
next-reboot |
Perform the configuration rollback if a CAPWAP
disconnection occurs for the defined length of time after the SmartPath
AP reboots (Note: This is useful when uploading a full configuration,
which requires the SmartPath AP to reboot, and you are concerned that
the new config might disrupt network connectivity for the SmartPath AP.)
|
wait-time |
Set the length of time that the SmartPath AP must be disconnected from the CAPWAP server before rolling back the configuration
|
<number> |
Enter the length of time in minutes to wait before rolling back the configuration (Default: 10 minutes; Range: 2-60000)
|
config version <number>
|
config |
Set parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
version |
Set the version number for the current configuration file
|
<number> |
Enter the version number (Range: 1-4294967295)
|
console echo obscure-passwords
|
console |
Set console parameters
|
echo |
Set parameters for the echo
|
obscure-passwords |
Display passwords and sensitive networking keys as
asterisks (***) in the CLI (Default: Passwords and keys are replaced by
asterisks instead of displaying original text)
|
console page <number>
|
console |
Set console parameters
|
page |
Set console page parameter
|
<number> |
Set console page lines (Default: 22, Range: 10-100, Disable: 0)
|
console serial-port enable
|
console |
Set console parameters
|
serial-port |
Set serial port parameters
|
enable |
Enable access to the console serial port
|
console timeout <number>
|
console |
Set console parameters
|
timeout |
Set console timeout parameter
|
<number> |
Set console timeout value in minutes (Default: 10, Range: 0-60, Disable: 0)
|
data-collection collect interval <number>
|
data-collection |
Set parameters for collecting data about the types
and capabilities of devices on the network and the types of applications
and IP protocols they use
|
collect |
Set parameters for collecting data
|
interval |
Set the interval for collecting data about devices and their network usage
|
<number> |
Enter the amount of time in hours during which the SmartPath AP collects data (Default: 1; Range: 1-48)
|
data-collection enable
|
data-collection |
Set parameters for collecting data about the types
and capabilities of devices on the network and the types of applications
and IP protocols they use
|
enable |
Enable the local SmartPath AP to collect data about
types and capabilities of devices on the network and their network usage
(Default: Disabled)
|
data-collection report interval <number>
|
data-collection |
Set parameters for collecting data about the types
and capabilities of devices on the network and the types of applications
and IP protocols they use
|
report |
Set parameters for reporting data to SmartPath EMS
|
interval |
Set the interval for reporting data to SmartPath EMS
|
<number> |
Enter the amount of time in hours between data
reports to SmartPath EMS (Default: 6; Range: 0-48; Note: 0 disables
sending reports to SmartPath EMS.)
|
data-collection {max-collect} <number>
|
data-collection |
Set parameters for collecting data about the types
and capabilities of devices on the network and the types of applications
and IP protocols they use
|
max-collect |
Set the maximum number of collection times that must
elapse before clearing data that cannot be reported to SmartPath EMS
(Note: The default collection interval is 1 hour and the default report
interval is 6 hours.)
|
<number> |
Enter the maximum number of times to collect data
before clearing it if it cannot be reported to SmartPath EMS (Default:
24; Range: Range:1-48)
|
debug console [ {all} ]
|
debug |
Enable debug messages
|
console |
Show debug messages on console
|
all |
Show all messages on console
|
debug console level {emergency|alert|critical|error|warning|notification|info|debug}
|
debug |
Enable debug messages
|
console |
Show debug messages on console
|
level |
Specify a logging level
|
emergency |
Show emergency-level log entries (Default: debug)
|
alert |
Show log entries from alert to emergency levels (Default: debug)
|
critical |
Show log entries from critical to emergency levels (Default: debug)
|
error |
Show log entries from error to emergency levels (Default: debug)
|
warning |
Show log entries from warning to emergency levels (Default: debug)
|
notification |
Show log entries from notification to emergency levels (Default: debug)
|
info |
Show log entries from info to emergency levels (Default: debug)
|
debug |
Show log entries for all severity levels (Default: debug)
|
debug console timestamp
|
debug |
Enable debug messages
|
console |
Show debug messages on console
|
timestamp |
Show debug messages timestamp
|
device-group <string> [ mac-object <string> ] [ domain-object <string> ] [ os-object <string> ]
|
device-group |
Set a device group containing various objects that the SmartPath AP can use to classify client devices (Max: 64 groups)
|
<string> |
Enter a device group name (1-32 chars)
|
mac-object |
Add a MAC object to the device group
|
<string> |
Enter the MAC object name (1-32 chars)
|
domain-object |
Add a domain object to the device group
|
<string> |
Enter the domain object name (1-32 chars)
|
os-object |
Add an OS object to the device group
|
<string> |
Enter the OS object name (1-32 chars)
|
dns domain-name <string>
|
dns |
Set DNS (Domain Name System) parameters
|
domain-name |
Set the domain name suffix for the local SmartPath AP
|
<string> |
Enter the domain name suffix for the local SmartPath AP (1-32 characters)
|
dns server-ip <ip_addr> [ {second|third} ]
|
dns |
Set DNS (Domain Name System) parameters
|
server-ip |
Set the IP address of the primary, secondary, or tertiary DNS server
|
<ip_addr> |
Enter the IP address of the primary, secondary, or tertiary DNS server
|
second |
Assign the IP address to a secondary DNS server
|
third |
Assign the IP address to a tertiary DNS server
|
domain-object <string> domain <string>
|
domain-object |
Set parameters for a domain object that the
SmartPath AP can use to assign a client that belongs to a matching
device domain to a user profile (Max: 64 domain objects per SmartPath
AP)
|
<string> |
Enter a domain object name (1-32 chars; Note: The
object name is an admin-defined name and does not have to be the name of
a device domain.)
|
domain |
Add a device domain to the domain object (Note: Specify the domain to which devices in an LDAP-structured database belong.)
|
<string> |
Enter an domain name (1-64 chars)
|
exec aaa ldap-search
server-type {active-directory|ldap-server|open-directory} server
<string> basedn <string> binddn <string> password
<string> [ {attributes} [ <string> ] ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
ldap-search |
Execute a search of the LDAP database
|
server-type |
Set the type of LDAP server whose database you want to search
|
active-directory |
Set the server type as an Active Directory server
|
ldap-server |
Set the server type as an OpenLDAP server
|
open-directory |
Set the server type as an Open Directory server
|
server |
Set the IP address or resolvable domain name of the LDAP server
|
<string> |
Enter the IP address or domain name (up to 32 chars)
|
basedn |
Set a node in the LDAP tree structure as the baseDN
(distinguished name) from which to search for nodes one level below it
or for information about one or all of its attributes
|
<string> |
Enter the baseDN (up to 256 chars) (Note: If there are any spaces, enclose the whole string in quotation marks.)
|
binddn |
Set the bindDN name and password for the user that has permission to search the LDAP directory
|
<string> |
Enter the bindDN name (up to 256 chars)
|
password |
Set the bindDN password
|
<string> |
Enter the password (1-64 chars)
|
attributes |
Search for attributes of the node specified as the baseDN
|
<string> |
Enter the name of a specific attribute for which to
search (Note: To see the user group attribute of the baseDN node when
the default group attribute name is being used, do not enter anything.)
|
exec aaa ldap-search username <string> [ basedn <string> ] [ domain <string> ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
ldap-search |
Execute a search of the LDAP database
|
username |
Set the user name to search for in the LDAP database
|
<string> |
Enter a user name (1-32 chars)
|
basedn |
Set the baseDN (distinguished name) where the user profiles are located in the LDAP tree structure
|
<string> |
Enter the baseDN (1-256 chars; Note: If there are any spaces, enclose the whole string in quotation marks.)
|
domain |
Set the domain name of the domain controller
|
<string> |
Enter a NT domain name (1-64 chars)
|
exec aaa library-sip-test primary username <string> password <string>
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
library-sip-test |
Test a simulated authentication process for a library patron on a library SIP (Standard Interchange Protocol) server
|
primary |
Test the authentication process on the primary library SIP server
|
username |
Set the library patron's user name to submit to the library SIP server
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the library patron's password to submit to the library SIP server
|
<string> |
Enter the password (1-64 chars)
|
exec aaa net-ads-info <string>
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
net-ads-info |
Retrieve information from the Active Directory
server such as its IP address, Active Directory domain name, root
BaseDN, and realm name
|
<string> |
Enter the name of the realm to which the Active
Directory server belongs (Example: corp123.com; Note: The realm name is
not case sensitive; Range: 1-64 chars)
|
exec aaa net-join [ {primary|backup1|backup2|backup3} username <string> password <string> ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
net-join |
Join the local SmartPath AP RADIUS server to the domain controller
|
primary |
Join the local SmartPath AP RADIUS server to the primary domain controller
|
backup1 |
Join the local SmartPath AP RADIUS server to the backup1 domain controller
|
backup2 |
Join the local SmartPath AP RADIUS server to the backup2 domain controller
|
backup3 |
Join the local SmartPath AP RADIUS server to the backup3 domain controller
|
username |
Set the admin user name for the local SmartPath AP
RADIUS server (Note: For the SmartPath AP RADIUS server to join the
domain, its user account must have domain admin privileges or higher.)
|
<string> |
Enter a user name (1-32 chars)
|
password |
Set the password for the user name
|
<string> |
Enter a password (1-64 chars)
|
exec aaa net-join
domain <string> fullname <string> server <string>
username <string> password <string> [ computer-ou
<string> ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
net-join |
Join the local SmartPath AP RADIUS server to the domain controller
|
domain |
Set the domain name of the AD domain controller
|
<string> |
Enter the NetBIOS name of the domain (1-64 chars;
Note: The domain name cannot contain multiple-level domains delimited by
dots.)
|
fullname |
Set the full name of the domain to which the RADIUS server (local SmartPath AP) and AD server both belong
|
<string> |
Enter the full domain name (1-64 chars)
|
server |
Set the IP address or resolvable domain name for the AD server (Note: The AD server is the same as the domain controller.)
|
<string> |
Enter the IP address or domain name (up to 32 chars)
|
username |
Set the admin user name that the local SmartPath AP
RADIUS server submits to the AD server (Note: For the SmartPath AP
RADIUS server to join the domain, its user account must have domain
admin privileges or higher.)
|
<string> |
Enter a user name (1-32 chars)
|
password |
Set the password for the user name
|
<string> |
Enter a password (1-64 chars)
|
computer-ou |
Set the OU (organizational unit) used on the Active
Directory server where the SmartPath AP RADIUS server admin has
privileges to add the SmartPath AP as a computer in the domain
|
<string> |
Enter the OU (Max: 256 chars; Format:
ou/sub-ou/sub-ou; Note: If there are any spaces, enclose the entire
string in quotation marks.)
|
exec aaa ntlm-auth username <string> password <string> [ domain <string> ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
ntlm-auth |
Initiate NTLM (NT LAN Manager) authentication between the SmartPath AP RADIUS server and the domain controller
|
username |
Set the user name that the SmartPath AP RADIUS server uses when authenticating itself to the domain controller
|
<string> |
Enter a user name (1-32 chars)
|
password |
Set the password that the SmartPath AP RADIUS server uses when authenticating itself to the domain controller
|
<string> |
Enter a password (1-64 chars)
|
domain |
Set the domain name of the domain controller
|
<string> |
Enter a NT domain name (1-64 chars)
|
exec aaa radius-test <string> accounting
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-test |
Send a RADIUS Access-Request message from the
SmartPath AP to a RADIUS authentication server or an Accounting-Request
message to a RADIUS accounting server
|
<string> |
Enter the IP address or domain name of the RADIUS server (1-32 chars)
|
accounting |
Check the network connectivity status of a RADIUS
accounting server (Default: Check the status of a RADIUS authentication
server.)
|
exec aaa radius-test <string> username <string> password <string>
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-test |
Send a RADIUS Access-Request message from the
SmartPath AP to a RADIUS authentication server or an Accounting-Request
message to a RADIUS accounting server
|
<string> |
Enter the IP address or domain name of the RADIUS server (1-32 chars)
|
username |
Set the user name belonging to an account on the RADIUS server
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password that belongs to the same account as the user name on the RADIUS server
|
<string> |
Enter the password (1-64 chars)
|
exec antenna-alignment
interface <wifix> peer <mac_addr> [ count <number> ] [
interval <number> ] [ text-size <number> ]
|
exec |
Execute a command to initiate a task immediately
|
antenna-alignment |
Set parameters for aligning a directional or
sectional antenna connected to a radio in backhaul or dual (access and
backhaul) mode with a specified peer
|
interface |
Set the interface bound to the radio whose antenna you want to align with that of a peer
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
peer |
Set the MAC address of the peer to which the SmartPath AP sends antenna alignment request frames
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
count |
Set the total number of request frames to send to the peer
|
<number> |
Enter the total number of request frames (Default: 60; Range: 1-1000)
|
interval |
Set the interval between each request frame transmission
|
<number> |
Enter the interval in seconds (Default: 1; Range: 1-30)
|
text-size |
Set the amount of filler text in each request frame
|
<number> |
Enter the amount of filler text in bytes (Default: 16; Range: 16-2048)
|
exec capture
remote-sniffer [ user <string> <string> ] [ host-allowed
<string> ] [ local-port <number> ] [ promiscuous ]
|
exec |
Execute a command to initiate a task immediately
|
capture |
Initiate packet capturing
|
remote-sniffer |
Set parameters for a remote packet sniffer
|
user |
Set user name and password that the remote sniffer uses when authenticating itself to the SmartPath AP
|
<string> |
Enter the user name (1-32 chars)
|
<string> |
Enter the password (1-32 chars)
|
host-allowed |
Set the IP address or domain name of the remote packet sniffer that is allowed to connect to the SmartPath AP
|
<string> |
Enter the IP address or domain name (1-32 chars)
|
local-port |
Set the port number on which the SmartPath AP listens for connection requests from the remote sniffer
|
<number> |
Enter the port number (Default: 2002; Range: 1024-65535)
|
promiscuous |
Enable the wifi interfaces to operate in promiscuous mode during packet capturing (Default: Disabled)
|
exec client-monitor <mac_addr>
|
exec |
Execute a command to initiate a task immediately
|
client-monitor |
Monitor the activities of a client
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
exec data-collection {push|clear}
|
exec |
Execute a command to initiate a task immediately
|
data-collection |
Perform an action on the data collected about the
types and capabilities of devices on the network and the types of
applications and IP protocols they use
|
push |
Push all collected data to SmartPath EMS
|
clear |
Clear all collected data that is currently stored in the local SmartPath AP
|
exec interface <wifix> spectral-scan channel <number>
|
exec |
Execute a command to initiate a task immediately
|
interface |
Execute the command through a specific interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
spectral-scan |
Execute a spectral scan of all the channels
specified in the channel scan list and report signal frequency and
amplitude, channel utilization, and types of interference to SmartPath
EMS
|
channel |
Set the channel to be scanned
|
<number> |
Enter the channel number (Note: To create a list of
multiple channels, repeatedly enter this command with a different
channel number for each one that you want to scan.) (Range: 1-165)
|
exec interface <wifix> spectral-scan report-interval <number>
|
exec |
Execute a command to initiate a task immediately
|
interface |
Execute the command through a specific interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
spectral-scan |
Execute a spectral scan of all the channels
specified in the channel scan list and report signal frequency and
amplitude, channel utilization, and types of interference to SmartPath
EMS
|
report-interval |
Set the length of time to collect spectral data and then report it to SmartPath EMS
|
<number> |
Enter the report interval in seconds (Default: 1; Range: 1-30)
|
exec interface <wifix> spectral-scan {start|stop}
|
exec |
Execute a command to initiate a task immediately
|
interface |
Execute the command through a specific interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
spectral-scan |
Execute a spectral scan of all the channels
specified in the channel scan list and report signal frequency and
amplitude, channel utilization, and types of interference to SmartPath
EMS
|
start |
Start a spectral scan
|
stop |
Stop a spectral scan that is currently in progress
|
exec user-group <string> psk-to-pmk
|
exec |
Execute a command to initiate a task immediately
|
user-group |
Execute a user-group command
|
<string> |
Enter the user group name (1-32 chars)
|
psk-to-pmk |
Regenerate all users' PMKs (pairwise master keys) based on their PSKs (preshared keys)
|
exec wlan-idp ap-classify {rogue|friendly} <mac_addr> [ - <mac_addr> ]
|
exec |
Execute a command to initiate a task immediately
|
wlan-idp |
Execute a command relating to WLAN IDP (intrusion detection and prevention)
|
ap-classify |
Classify one or more APs as rogue or friendly by MAC address
|
rogue |
Classify APs as rogue
|
friendly |
Classify APs as friendly
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
- |
Set a range of MAC addresses
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
exec wlan-idp mitigate {rogue-ap} <mac_addr>
|
exec |
Execute a command to initiate a task immediately
|
wlan-idp |
Execute a command relating to WLAN IDP (intrusion detection and prevention)
|
mitigate |
Mitigate a specific rogue AP and its clients by sending a deauth DoS attack against them
|
rogue-ap |
Mitigate a specific rogue AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
exec wlan-idp mitigate {rogue-ap} <mac_addr> interface <wifix>
|
exec |
Execute a command to initiate a task immediately
|
wlan-idp |
Execute a command relating to WLAN IDP (intrusion detection and prevention)
|
mitigate |
Mitigate a specific rogue AP and its clients by sending a deauth DoS attack against them
|
rogue-ap |
Mitigate a specific rogue AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
interface |
Execute the command through a specific interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
exit
|
exit |
Exit from the current mode
|
filter <number>
l2 [ {data|ctl|mgmt} ] [ subtype <hex> ] [ src-mac
<mac_addr> ] [ dst-mac <mac_addr> ] [ bssid <mac_addr>
] [ tx-mac <mac_addr> ] [ rx-mac <mac_addr> ] [ error
{crc|decrypt|mic|all|no} ] [ etype <hex> ]
|
filter |
Set packet capture filter parameters
|
<number> |
Enter a filter ID (Range: 1-64)
|
l2 |
Set packet capture filter for layer 2 parameters
|
data |
Filter by data traffic
|
ctl |
Filter by ctl traffic
|
mgmt |
Filter by mgmt traffic
|
subtype |
Filter by frame subtype
|
<hex> |
Enter frame subtype value
|
src-mac |
Filter by source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Filter by destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
bssid |
Filter by BSSID
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Filter by transmitter MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
rx-mac |
Filter by receiver MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
error |
Filter by error condition
|
crc |
Filter by crc error
|
decrypt |
Filter by decrypt error
|
mic |
Filter by mic error
|
all |
Filter by all error
|
no |
Filter by no error
|
etype |
Filter by Ethernet value
|
<hex> |
Enter the value indicating an ethernet type (ARP:0806; IP:0800; IPX:8137; RARP:8035)
|
filter <number>
l3 [ src-ip <ip_addr> ] [ dst-ip <ip_addr> ] [ protocol
<number> ] [ src-port <number> ] [ dst-port <number> ]
|
filter |
Set packet capture filter parameters
|
<number> |
Enter a filter ID (Range: 1-64)
|
l3 |
Set packet capture filter for layer 3 parameters
|
src-ip |
Filter by source IP address
|
<ip_addr> |
Enter a source IP address
|
dst-ip |
Filter by destination IP address
|
<ip_addr> |
Enter a destination IP address
|
protocol |
Filter by protocol number in IP header
|
<number> |
Enter a protocol value (UDP:17; TCP:6 ICMP:1)
|
src-port |
Filter by source port filter
|
<number> |
Enter a source port number
|
dst-port |
Filter by destination port
|
<number> |
Enter a destination port number (HTTP:80; FTP:21; TELNET:23; DHCP:67; TFTP:79)
|
filter [ <number> ] [ direction bidirectional ]
|
filter |
Set packet capture filter parameters
|
<number> |
Enter a filter ID (Range: 1-64)
|
direction |
Set filter traffic flowing direction
|
bidirectional |
Filter traffic flowing in both directions
|
forwarding-engine inter-ssid-flood enable
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
inter-ssid-flood |
Forward multicast and broadcast traffic between access interfaces to protect SSIDs from flooding (Default: Enabled)
|
enable |
Enable the protection of SSIDs from multicast and broadcast flooding
|
forwarding-engine log {firewall-dropped-packets|to-self-sessions}
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
log |
Set logging parameters for packets
|
firewall-dropped-packets |
Log dropped packets that are denied by IP or MAC firewall policies (Default: Do not log dropped packets)
|
to-self-sessions |
Log the first packets of sessions destined for the SmartPath AP itself (Default: Do not log first packets)
|
forwarding-engine max-ip-sessions-per-station <number>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
max-ip-sessions-per-station |
Set the maximum number of IP sessions that can be created to or from a station
|
<number> |
Enter the maximum IP sessions number per station (Range: 1-8000; Note: By default, IP session limiting is disabled.)
|
forwarding-engine max-mac-sessions-per-station <number>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
max-mac-sessions-per-station |
Set the maximum number of MAC sessions that can be created to or from a station
|
<number> |
Enter the maximum MAC sessions number per station (Range: 1-8000; Note: By default, MAC session limiting is disabled.)
|
forwarding-engine proxy-arp enable
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
proxy-arp |
Set ARP proxying parameters
|
enable |
Enable learning MAC addresses and proxy replies to ARP requests
|
forwarding-engine static-rule <string> action drop in-if <ethx|aggx|redx> dst-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action drop in-if <ethx|aggx|redx>
src-mac <mac_addr> dst-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action drop in-if <ethx|aggx|redx>
src-oui <oui> dst-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action drop in-if <wifix.y> dst-mac
<mac_addr> tx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the
MAC address of the device on the network that forwarded the frame to the
SmartPath AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action drop in-if <wifix.y> src-mac
<mac_addr> dst-mac <mac_addr> tx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the
MAC address of the device on the network that forwarded the frame to the
SmartPath AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action drop in-if <wifix.y> src-oui
<oui> dst-mac <mac_addr> tx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the
MAC address of the device on the network that forwarded the frame to the
SmartPath AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action pass in-if <ethx|aggx|redx>
dst-mac <mac_addr> out-if <ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine
static-rule <string> action pass in-if <ethx|aggx|redx>
dst-mac <mac_addr> out-if <wifix.y> rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC
address of the device on the network to which the SmartPath AP forwards
the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action pass in-if <ethx|aggx|redx>
src-mac <mac_addr> dst-mac <mac_addr> out-if
<ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine
static-rule <string> action pass in-if <ethx|aggx|redx>
src-mac <mac_addr> dst-mac <mac_addr> out-if <wifix.y>
rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC
address of the device on the network to which the SmartPath AP forwards
the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action pass in-if <ethx|aggx|redx>
src-oui <oui> dst-mac <mac_addr> out-if
<ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine
static-rule <string> action pass in-if <ethx|aggx|redx>
src-oui <oui> dst-mac <mac_addr> out-if <wifix.y>
rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC
address of the device on the network to which the SmartPath AP forwards
the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action pass in-if <wifix.y> dst-mac
<mac_addr> tx-mac <mac_addr> out-if <ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the
MAC address of the device on the network that forwarded the frame to the
SmartPath AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine
static-rule <string> action pass in-if <wifix.y> dst-mac
<mac_addr> tx-mac <mac_addr> out-if <wifix.y> rx-mac
<mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the
MAC address of the device on the network that forwarded the frame to the
SmartPath AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC
address of the device on the network to which the SmartPath AP forwards
the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action pass in-if <wifix.y> src-mac
<mac_addr> dst-mac <mac_addr> tx-mac <mac_addr> out-if
<ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the
MAC address of the device on the network that forwarded the frame to the
SmartPath AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine
static-rule <string> action pass in-if <wifix.y> src-mac
<mac_addr> dst-mac <mac_addr> tx-mac <mac_addr> out-if
<wifix.y> rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the
MAC address of the device on the network that forwarded the frame to the
SmartPath AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC
address of the device on the network to which the SmartPath AP forwards
the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine
static-rule <string> action pass in-if <wifix.y> src-oui
<oui> dst-mac <mac_addr> tx-mac <mac_addr> out-if
<ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the
MAC address of the device on the network that forwarded the frame to the
SmartPath AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine
static-rule <string> action pass in-if <wifix.y> src-oui
<oui> dst-mac <mac_addr> tx-mac <mac_addr> out-if
<wifix.y> rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the
MAC address of the device on the network that forwarded the frame to the
SmartPath AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC
address of the device on the network to which the SmartPath AP forwards
the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine tunnel selective-multicast-forward allow-all except <ip_addr|ip_addr/mask>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
tunnel |
Set tunnel (GRE tunnel or GRE-over-IPsec tunnel) parameters
|
selective-multicast-forward |
Selective multicast forwarding through GRE tunnels
|
allow-all |
Allow the forwarding of all IP multicast traffic through tunnels except for specified IP multicast groups
|
except |
Block specific IP multicast traffic through tunnels
|
<ip_addr> |
Enter the IP address and netmask of the multicast group to block (Example: 224.1.1.1 or 224.1.1.0/24)
|
<ip_addr/netmask> |
Enter the IP address and netmask of the multicast group to block (Example: 224.1.1.1 or 224.1.1.0/24)
|
forwarding-engine tunnel selective-multicast-forward block-all
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
tunnel |
Set tunnel (GRE tunnel or GRE-over-IPsec tunnel) parameters
|
selective-multicast-forward |
Selective multicast forwarding through GRE tunnels
|
block-all |
Block the forwarding of all IP multicast traffic through tunnels except for specified IP multicast groups
|
forwarding-engine tunnel selective-multicast-forward block-all except <ip_addr|ip_addr/mask>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
tunnel |
Set tunnel (GRE tunnel or GRE-over-IPsec tunnel) parameters
|
selective-multicast-forward |
Selective multicast forwarding through GRE tunnels
|
block-all |
Block the forwarding of all IP multicast traffic through tunnels except for specified IP multicast groups
|
except |
Allow specific IP multicast traffic through tunnels
|
<ip_addr> |
Enter the IP address and netmask of the multicast group to allow (Example: 224.1.1.1 or 224.1.1.0/24)
|
<ip_addr/netmask> |
Enter the IP address and netmask of the multicast group to allow (Example: 224.1.1.1 or 224.1.1.0/24)
|
forwarding-engine tunnel tcp-mss-threshold enable
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
tunnel |
Set tunnel (GRE tunnel or GRE-over-IPsec tunnel) parameters
|
tcp-mss-threshold |
Set TCP MSS (Maximum Segment Size) parameters
|
enable |
Enable the TCP MSS threshold feature
|
forwarding-engine tunnel tcp-mss-threshold threshold-size <number>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
tunnel |
Set tunnel (GRE tunnel or GRE-over-IPsec tunnel) parameters
|
tcp-mss-threshold |
Set TCP MSS (Maximum Segment Size) parameters
|
threshold-size |
Set the TCP MSS threshold size
|
<number> |
Enter the TCP MSS size in bytes(GRE Tunnel Range: 64-1414; GRE-over-IPSec Tunnel Range: 64-1336)
|
history <number>
|
history |
Set the capacity for command history
|
<number> |
Enter the max number of commands to store in command history (Default: 20; Range: 1-50)
|
hostname <string>
|
hostname |
Set the hostname of the SmartPath AP
|
<string> |
Enter the hostname of the SmartPath AP (1-32 chars)
|
interface <ethx> allowed-vlan <number> [ - <number> ]
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
allowed-vlan |
Set a list of VLAN IDs by which traffic allowed to cross the interface can be filtered
|
<number> |
Enter the VLAN ID to be allowed (Range: 1-4094)
|
- |
Set a range of allowed VLAN IDs
|
<number> |
Enter the last VLAN ID in the range (Range: 1-4094)
|
interface <ethx> allowed-vlan {all|auto}
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
allowed-vlan |
Set a list of VLAN IDs by which traffic allowed to cross the interface can be filtered
|
all |
Allow traffic tagged with any VLAN ID
|
auto |
Allow traffic whose VLAN ID matches that of mgt0, the native vlan, or the default VLAN configured in user profiles
|
interface <ethx> duplex {full|half|auto}
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
duplex |
Set the duplex for the interface
|
full |
Set the duplex of ethernet interface to full (Default: auto)
|
half |
Set the duplex of ethernet interface to half (Default: auto)
|
auto |
Set the duplex of ethernet interface to auto (Default: auto)
|
interface <ethx> inter-station-traffic
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
inter-station-traffic |
Set the SmartPath AP to permit traffic between stations connected to one or more of its access interfaces (Default: Enabled)
|
interface <ethx> ip <ip_addr/netmask>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
ip |
Set an IP address and netmask for the interface
|
<ip_addr/netmask> |
Enter the interface IP address and netmask
|
interface <ethx> link-discovery {lldp|cdp}
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
link-discovery |
Enable the communication of network-related
information with neighboring network devices through the interface
(Default: LLDP enabled; CDP enabled)
|
lldp |
Set LLDP (Link Layer Discovery Protocol) parameters on the interface
|
cdp |
Set CDP (Cisco Discovery Protocol) parameters on the interface
|
interface <ethx> mac-learning enable
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
mac-learning |
Set parameters for MAC address learning
|
enable |
Enable MAC address learning on the Ethernet interface
|
interface <ethx> mac-learning idle-timeout <number>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
mac-learning |
Set parameters for MAC address learning
|
idle-timeout |
Set the timeout for automatically clearing an inactive dynamically learned MAC address from the MAC learning table
|
<number> |
Enter the timeout value in seconds (Default: 180; Range: 10-3600)
|
interface <ethx> mac-learning static <mac_addr>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
mac-learning |
Set parameters for MAC address learning
|
static |
Set statically defined MAC address entries
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
interface <ethx> manage {Telnet|SSH|SNMP|ping|all}
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
manage |
Set management service parameters
|
Telnet |
Enable Telnet manageability of mgt0 through this interface (Default: Disabled)
|
SSH |
Enable SSH manageability of mgt0 through this interface (Default: Enabled)
|
SNMP |
Enable SNMP manageability of mgt0 through this interface (Default: Disabled)
|
ping |
Enable mgt0 to respond to pings through this interface (Default: Enabled)
|
all |
Enable all manageability options (ping, SNMP, SSH, and Telnet) for mgt0 through this interface
|
interface <ethx> mode bridge-802.1q user-profile-attribute <number>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
mode |
Set the operation mode for the interface
|
bridge-802.1q |
Set the operation mode to bridge-802.1q for the interface (Default: backhaul)
|
user-profile-attribute |
Map a RADIUS attribute to the user profile
|
<number> |
Enter a numeric value for a single RADIUS attribute (Default:0; Range: 0-4095)
|
interface <ethx> mode bridge-access [ user-profile-attribute <number> ]
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
mode |
Set the operation mode for the interface
|
bridge-access |
Set the operation mode to bridge-access for the interface (Default: backhaul)
|
user-profile-attribute |
Map a RADIUS attribute to the user profile
|
<number> |
Enter a numeric value for a single RADIUS attribute (Default:0; Range: 0-4095)
|
interface <ethx> mode {bridge-802.1q|backhaul}
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
mode |
Set the operation mode for the interface
|
bridge-802.1q |
Set the operation mode to bridge-802.1q for the interface (Default: backhaul)
|
backhaul |
Set the operation mode to backhaul for the interface (Default: backhaul)
|
interface <ethx> native-vlan <number>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
native-vlan |
Set the native (untagged) VLAN used by the switch infrastructure in the surrounding Ethernet network
|
<number> |
Enter the native (untagged) VLAN (Range: 1-4094)
|
interface <ethx> qos-classifier <string>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
qos-classifier |
Assign a QoS classification profile (classifier) to the interface
|
<string> |
Enter the QoS classifier profile name (1 to 32 chars)
|
interface <ethx> qos-marker <string>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
qos-marker |
Assign a QoS marker profile to the interface
|
<string> |
Enter the QoS marker profile name (1 to 32 chars)
|
interface <ethx> rate-limit broadcast <number>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
rate-limit |
Set parameter for interface-based rate limiting
|
broadcast |
Set broadcast traffic rate limiting
|
<number> |
Enter the maximum rate for incoming broadcast traffic for the interface (Default: 2000 Kbps; Range: 0-20000)
|
interface <ethx> rate-limit multicast <number>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
rate-limit |
Set parameter for interface-based rate limiting
|
multicast |
Set multicast traffic rate limiting
|
<number> |
Enter the maximum rate for incoming multicast traffic for the interface (Default: 4000 Kbps; Range: 0-20000)
|
interface <ethx> rate-limit unicast <number>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
rate-limit |
Set parameter for interface-based rate limiting
|
unicast |
Set unicast traffic rate limiting
|
<number> |
Enter the maximum rate for incoming unicast traffic for the interface (Default: 100000 Kbps; Range: 0-1000000)
|
interface <ethx> rate-limit {multicast|broadcast|unicast} enable
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
rate-limit |
Set parameter for interface-based rate limiting
|
multicast |
Set multicast traffic rate limiting
|
broadcast |
Set broadcast traffic rate limiting
|
unicast |
Set unicast traffic rate limiting
|
enable |
Enable rate limiting on the interface for this type of traffic (Default: multicast/broadcast Enable,unicast Disable)
|
interface <ethx> security-object <string>
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
security-object |
Assign a security object to control network access through this interface
|
<string> |
Enter the security object name (1-32 chars)
|
interface <ethx> shutdown
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
shutdown |
Disable the interface
|
interface <ethx> speed {10|100|1000|auto}
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
speed |
Set the speed for the interface
|
10 |
Set the speed of ethernet interface to 10 Mbps (Default: auto)
|
100 |
Set the speed of ethernet interface to 100 Mbps (Default: auto)
|
1000 |
Set the speed of ethernet interface to 1000 Mbps (Default: auto)
|
auto |
Set the speed of ethernet interface to auto Mbps (Default: auto)
|
interface <mgtx.y> ip <ip_addr/netmask>
|
interface |
Set interface parameters
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
ip |
Set IP address for the virtual management interface
|
<ip_addr/netmask> |
Enter the virtual management interface IP address and netmask
|
interface <mgtx.y> manage ping
|
interface |
Set interface parameters
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
manage |
Set management service parameters
|
ping |
Enable the virtual management interface to respond to pings (Default: Enabled)
|
interface <mgtx.y> vlan <number>
|
interface |
Set interface parameters
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
vlan |
Set the VLAN ID for the interface
|
<number> |
Enter the VLAN ID (Default: 1; Range: 1-4094)
|
interface <mgtx> cluster <string>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
cluster |
Set the cluster profile to the mgt0 interface or enable/disable the wifi interface used for cluster communications
|
<string> |
Enter a cluster profile name (1-32 chars)
|
interface <mgtx> default-ip-prefix <ip_addr/netmask>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
default-ip-prefix |
Set the network address to combine with the
automatically generated host IP address to make a complete IP address
(The netmask for the default IP address is 255.255.0.0)
|
<ip_addr/netmask> |
Enter the network address/netmask (Default: 192.168.0.0/16; Note: Only 8, 16, and 24-bit netmasks are supported.)
|
interface <mgtx> default-ip-prefix <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
default-ip-prefix |
Set the network address to combine with the
automatically generated host IP address to make a complete IP address
(The netmask for the default IP address is 255.255.0.0)
|
<ip_addr> |
Enter the network address (Default: 192.168.0.0)
|
interface <mgtx> dhcp client
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
interface <mgtx> dhcp client address-only
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
address-only |
Set the SmartPath AP to use only the IP address,
netmask, and gateway received through DHCP instead of all TCP/IP
settings (Default: Use all TCP/IP settings received through DHCP)
|
interface <mgtx> dhcp client fallback-to-static-ip
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
fallback-to-static-ip |
Assign the static IP address to mgt0 when it does not receive an address through DHCP by the end of the timeout interval
|
interface <mgtx> dhcp client option custom ppsk-server <number> ip
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
option |
Set DHCP client options
|
custom |
Set DHCP client custom options
|
ppsk-server |
Set a custom DHCP option ID and ID type for a private PSK server
|
<number> |
Enter the custom DHCP option ID (ID Range: 128-254;
Default ID numbers and types: SmartPath EMS: 225 string, 226 IP; syslog
227 string, 228 IP; private PSK: 229 IP; RADIUS authentication: 230 IP;
RADIUS accounting: 231, IP)
|
ip |
Set the type of the custom DHCP option as IP
|
interface <mgtx> dhcp client option custom radius-server <number> ip
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
option |
Set DHCP client options
|
custom |
Set DHCP client custom options
|
radius-server |
Set a custom DHCP option ID and ID type for a RADIUS authentication or accounting server
|
<number> |
Enter the custom DHCP option ID for a RADIUS
authentication server (ID Range: 128-254; Default ID numbers and types:
SmartPath EMS: 225 string, 226 IP; syslog 227 string, 228 IP; private
PSK: 229 IP; RADIUS authentication: 230 IP; RADIUS accounting: 231, IP)
|
ip |
Set the type of the custom DHCP option as IP
|
interface <mgtx> dhcp client option custom radius-server accounting <number> ip
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
option |
Set DHCP client options
|
custom |
Set DHCP client custom options
|
radius-server |
Set a custom DHCP option ID and ID type for a RADIUS authentication or accounting server
|
accounting |
Set a custom DHCP option ID and ID type for a RADIUS accounting server
|
<number> |
Enter the custom DHCP option ID for a RADIUS
accounting server (ID Range: 128-254; Default ID numbers and types:
SmartPath EMS: 225 string, 226 IP; syslog 227 string, 228 IP; private
PSK: 229 IP; RADIUS authentication: 230 IP; RADIUS accounting: 231, IP)
|
ip |
Set the type of the custom DHCP option as IP
|
interface <mgtx> dhcp client option custom {syslog-server|smartpath-ems} <number> {string|ip}
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
option |
Set DHCP client options
|
custom |
Set DHCP client custom options
|
syslog-server |
Set a custom DHCP option ID and ID type for a syslog server
|
smartpath-ems |
Set a custom DHCP option ID and ID type for SmartPath EMS
|
<number> |
Enter the custom DHCP option ID (Default ID numbers
and types: SmartPath EMS = 225 string, 226 IP; Syslog server = 227
string, 228 IP)
|
string |
Set the type of the custom DHCP option as a string
|
ip |
Set the type of the custom DHCP option as an IP address
|
interface <mgtx> dhcp client prefer-subnet <ip_addr/netmask>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
prefer-subnet |
Set prefer subnet for DHCP client
|
<ip_addr/netmask> |
Enter prefer subnet for DHCP client
|
interface <mgtx> dhcp client timeout <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
timeout |
Set the interval to wait for a response from the DHCP server before applying the admin-defined or default network settings
|
<number> |
Enter the timeout value in seconds (Default: 20; Range: 0-3600)
|
interface <mgtx> dhcp keepalive enable
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
keepalive |
Set parameters for periodically checking network connectivity to DHCP servers
|
enable |
Enable the checking of network connectivity to DHCP
servers in the specified VLAN range and also in VLANs set in user
profile definitions or assigned by RADIUS servers, the native VLAN, and
the management interface VLAN (Default: Disabled)
|
interface <mgtx> dhcp keepalive interval <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
keepalive |
Set parameters for periodically checking network connectivity to DHCP servers
|
interval |
Set the interval between periodic connectivity status checks
|
<number> |
Enter the interval in seconds (Default: 300; Range: 60-3600)
|
interface <mgtx> dhcp keepalive retry <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
keepalive |
Set parameters for periodically checking network connectivity to DHCP servers
|
retry |
Set the number of times to retry sending a probe that does not elicit a response from a DHCP server
|
<number> |
Enter the retry value (Default: 1; Range: 1-10)
|
interface <mgtx> dhcp keepalive timeout <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
keepalive |
Set parameters for periodically checking network connectivity to DHCP servers
|
timeout |
Set the timeout for waiting for a response to a DHCP probe
|
<number> |
Enter the timeout value (Default: 5 secs; Range: 1-60)
|
interface <mgtx> dhcp keepalive vlan <number> [ <number> ]
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Set DHCP parameters
|
keepalive |
Set parameters for periodically checking network connectivity to DHCP servers
|
vlan |
Set the range of VLANs in which to probe for DHCP servers
|
<number> |
Enter the start of the VLAN range (Range: 1-4094)
|
<number> |
Enter the end of the VLAN range (Range: 1-4094)
|
interface <mgtx>
dhcp-probe vlan-range <number> <number> [ timeout
<number> ] [ retries <number> ]
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp-probe |
Probe for DHCP servers in one or more VLANs
|
vlan-range |
Set the range of VLANs in which to probe for a DHCP server
|
<number> |
Enter the start of the VLAN range (Range: 1-4094)
|
<number> |
Enter the end of the VLAN range (Range: 1-4094)
|
timeout |
Set the timeout for waiting for a response to a probe
|
<number> |
Enter the timeout value (Default: 3 secs; Range: 1-60)
|
retries |
Set the number of times to retry sending a probe that does not elicit a response from a DHCP server
|
<number> |
Enter the retry value (Default: 1; Range: 1-10)
|
interface <mgtx> ip <ip_addr/netmask>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
ip |
Set mgt0 IP address
|
<ip_addr/netmask> |
Enter mgt0 IP address/netmask
|
interface <mgtx> ip <ip_addr> <netmask>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
ip |
Set mgt0 IP address
|
<ip_addr> |
Enter mgt0 IP address
|
<netmask> |
Enter mgt0 netmask
|
interface <mgtx> mtu <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
mtu |
Set the MTU (maximum transmission unit) to determine when to start fragmenting packets
|
<number> |
Enter the MTU value in bytes (Default: 1500; Range: 100-1500)
|
interface <mgtx> native-vlan <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
native-vlan |
Set the native (untagged) VLAN that the switch infrastructure in the surrounding wired and wireless backhaul network uses
|
<number> |
Enter the native (untagged) VLAN (Default: 1; Range: 1-4094)
|
interface <mgtx> vlan <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
vlan |
Set the VLAN for administrative access to the
SmartPath AP, management traffic between SmartPath APs and SmartPath
EMS, and control traffic among cluster members
|
<number> |
Enter the VLAN ID for the interface (Default: 1; Range: 1-4094)
|
interface <mgtx|mgtx.y> dhcp-server enable
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
enable |
Enable the DHCP server on the interface
|
interface <mgtx|mgtx.y> dhcp-server ip-pool <ip_addr> <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
ip-pool |
Set the IP address pool from which the DHCP server draws addresses when making assignments
|
<ip_addr> |
Enter the first address in the range that makes up the IP address pool
|
<ip_addr> |
Enter the last address in the range that makes up the IP address pool
|
interface <mgtx|mgtx.y> dhcp-server options custom <number> hex <string>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
custom |
Set a custom DHCP option
|
<number> |
Enter the custom option number (Ranges: 1-224,
227-254; Note: Numbers 1-179 are standard DHCP options; use with
caution. Numbers 225 and 226 are reserved for SmartPath EMS.)
|
hex |
Set the custom option data type as a hexadecimal digit
|
<string> |
Enter the hexadecimal digit (1-32 chars; Note: For
option 46, which sets the NetBIOS over TCP/IP node type, the string must
be 1, 2, 4, or 8.)
|
interface <mgtx|mgtx.y> dhcp-server options custom <number> integer <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
custom |
Set a custom DHCP option
|
<number> |
Enter the custom option number (Ranges: 1-224,
227-254; Note: Numbers 1-179 are standard DHCP options; use with
caution. Numbers 225 and 226 are reserved for SmartPath EMS.)
|
integer |
Set the custom option data type as an integer
|
<number> |
Enter the integer (Range: 0-2147483647)
|
interface <mgtx|mgtx.y> dhcp-server options custom <number> ip <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
custom |
Set a custom DHCP option
|
<number> |
Enter the custom option number (Ranges: 1-224,
227-254; Note: Numbers 1-179 are standard DHCP options; use with
caution. Numbers 225 and 226 are reserved for SmartPath EMS.)
|
ip |
Set the custom option data type as an IP address
|
<ip_addr> |
Enter the IP address
|
interface <mgtx|mgtx.y> dhcp-server options custom <number> string <string>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
custom |
Set a custom DHCP option
|
<number> |
Enter the custom option number (Ranges: 1-224,
227-254; Note: Numbers 1-179 are standard DHCP options; use with
caution. Numbers 225 and 226 are reserved for SmartPath EMS.)
|
string |
Set the custom option data type as a string
|
<string> |
Enter the string (1-128 chars)
|
interface <mgtx|mgtx.y> dhcp-server options default-gateway <ip_addr> [ {nat-support} ]
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
default-gateway |
Set the default gateway for DHCP clients
|
<ip_addr> |
Enter the default gateway (Note: The gateway IP address cannot be the same as that of the interface.)
|
nat-support |
Enable NAT support(Note: SmartPath AP will
automatically generates ARP response for default gateway specified in
DHCP server options.)
|
interface <mgtx|mgtx.y> dhcp-server options domain-name <string>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
domain-name |
Set the domain name for DHCP clients
|
<string> |
Enter the domain name (1-32 chars)
|
interface <mgtx|mgtx.y> dhcp-server options lease-time <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
lease-time |
Set the length of the DHCP lease
|
<number> |
Enter the lease time in seconds (Default: 86400; Range: 60-86400000)
|
interface <mgtx|mgtx.y> dhcp-server options mtu <number>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
mtu |
Set the path MTU (maximum transmission unit) aging timeout option
|
<number> |
Enter the MTU value (Range: 68-8192)
|
interface <mgtx|mgtx.y> dhcp-server options netmask <netmask>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
netmask |
Set the netmask for DHCP clients
|
<netmask> |
Enter the netmask (Default: The same as the interface netmask.)
|
interface <mgtx|mgtx.y> dhcp-server options smartpath-ems <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
smartpath-ems |
Set the IP address or domain name of the SmartPath EMS that you want SmartPath APs to contact
|
<ip_addr> |
Enter the IP address (Note: Use DHCP option 226.)
|
interface <mgtx|mgtx.y> dhcp-server options smartpath-ems <string>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
smartpath-ems |
Set the IP address or domain name of the SmartPath EMS that you want SmartPath APs to contact
|
<string> |
Enter the domain name (Length: 1-64 chars; Note: Use DHCP option 225.)
|
interface <mgtx|mgtx.y> dhcp-server options {dns1|dns2|dns3} <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
dns1 |
Set the IP address of the primary DNS (Domain Name System) server that you want DHCP clients to use
|
dns2 |
Set the IP address of the secondary DNS server
|
dns3 |
Set the IP address of the tertiary DNS server
|
<ip_addr> |
Enter the IP address (Note: The DNS server IP address cannot be the same as that of the interface.)
|
interface <mgtx|mgtx.y> dhcp-server options {logsrv|pop3|smtp} <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
logsrv |
Set the IP address of the log server that is available for DHCP clients
|
pop3 |
Set the IP address of the POP3 (Post Office Protocol v3) server that you want DHCP clients to use
|
smtp |
Set the IP address of the SMTP (Simple Mail Transfer Protocol) server that you want DHCP clients to use
|
<ip_addr> |
Enter the IP address
|
interface <mgtx|mgtx.y> dhcp-server options {ntp1|ntp2} <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
ntp1 |
Set the IP address of the primary NTP (Network Time Protocol) server with which DHCP clients can synchronize their clocks
|
ntp2 |
Set the IP address of the secondary NTP (Network Time Protocol) server with which DHCP clients can synchronize their clocks
|
<ip_addr> |
Enter the IP address
|
interface <mgtx|mgtx.y> dhcp-server options {wins1|wins2} <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
wins1 |
Set the IP address of the primary WINS (Windows Internet Name Service) server for NetBIOS name-to-address resolution
|
wins2 |
Set the IP address of the secondary WINS (Windows Internet Name Service) server for NetBIOS name-to-address resolution
|
<ip_addr> |
Enter the IP address
|
interface <mgtx|mgtx.y> dhcp-server {arp-check|authoritative-flag}
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Set DHCP-server parameters
|
arp-check |
Use ARP to check that an IP address is not already
in use on the network before assigning it to a DHCP client (Default:
Enabled)
|
authoritative-flag |
Set the DHCP server as authoritative (Default:
Authoritative; Note: An authoritative DHCP server can send NAKs in
response to DHCP requests for addresses in a different subnet from those
in the configured IP pool.)
|
interface <mgtx|mgtx.y> ip-helper address <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
ip-helper |
Forward DHCP broadcast packets to a DHCP server
|
address |
Set the DHCP server IP address
|
<ip_addr> |
Enter the IP address
|
interface <wifix> cluster <string> shutdown
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
cluster |
Set the cluster profile to the mgt0 interface or enable/disable the wifi interface used for cluster communications
|
<string> |
Enter a cluster profile name (1-32 chars)
|
shutdown |
Disable the wifi subinterface used for cluster communications
|
interface <wifix> link-discovery {lldp|cdp}
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
link-discovery |
Enable the communication of network-related
information with neighboring network devices through the interface
(Default: LLDP enabled; CDP enabled)
|
lldp |
Set LLDP (Link Layer Discovery Protocol) on the interface in backhaul mode
|
cdp |
Set CDP (Cisco Discovery Protocol) on the interface in backhaul mode
|
interface <wifix> mode {access|backhaul|dual}
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
mode |
Set the operation mode for the interface
|
access |
Set the operational mode of the interface to access (Default: access (wifi0), dual (wifi1))
|
backhaul |
Set the operational mode of the interface to backhaul (Default: access (wifi0), dual (wifi1))
|
dual |
Set the operational mode of the interface to dual so
that it can provide both access and backhaul services (Default: access
(wifi0), dual (wifi1))
|
interface <wifix> radio adaptive-cca default-cca <number>
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
radio |
Set parameters for the wifi radio interface
|
adaptive-cca |
Set adaptive CCA (Clear Channel Assessment)
parameters to help select clear (available) channels and reduce channel
interference
|
default-cca |
Set default CCA value to add to the default noise
floor (-95 dBm) to calculate the CCA threshold (Note: The threshold
indicates when a radio signal is weak enough for the SmartPath AP to use
its channel. If the RF environment becomes noiser, the SmartPath AP
dynamically raises the threshold.)
|
<number> |
Enter the default CCA value in dB (Range: 15 - 65, Default: 33; Note: -95 dBm + dB = dBm. -95 dbm is the default noise floor.)
|
interface <wifix> radio adaptive-cca enable
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
radio |
Set parameters for the wifi radio interface
|
adaptive-cca |
Set adaptive CCA (Clear Channel Assessment)
parameters to help select clear (available) channels and reduce channel
interference
|
enable |
Enable adaptive CCA (Default: Enabled)
|
interface <wifix> radio adaptive-cca max-cca <number>
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
radio |
Set parameters for the wifi radio interface
|
adaptive-cca |
Set adaptive CCA (Clear Channel Assessment)
parameters to help select clear (available) channels and reduce channel
interference
|
max-cca |
Set maximum CCA value to add to the noise floor to calculate the CCA threshold
|
<number> |
Enter the maximum CCA value in dB (Range: 15 - 65; Default: 55; Note: -95 dBm + dB = dBm. -95 dbm is the default noise floor.)
|
interface <wifix> radio antenna diversity
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
radio |
Set parameters for the wifi radio interface
|
antenna |
Set the antenna parameters for the interface
|
diversity |
Set radio antenna diversity
|
interface <wifix> radio channel <string>
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
radio |
Set parameters for the wifi radio interface
|
channel |
Set the radio channel for the interface
|
<string> |
Enter the frequency with an optional suffix (G: GHz;
M: MHz; K: KHz;), or the channel number, or "auto" to allow ACSP
(Advanced Channel Selection Protocol) to select a channel automatically
(Default: auto)
|
interface <wifix> radio power <number>
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
radio |
Set parameters for the wifi radio interface
|
power |
Set the radio power for an interface
|
<number> |
Enter the radio power (in dBm) for an interface (Default: auto; Range: 1-20 dBm)
|
interface <wifix> radio power auto
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
radio |
Set parameters for the wifi radio interface
|
power |
Set the radio power for an interface
|
auto |
Set the radio power (in dBm) for an interface (Default: auto; Range: 1-20 dBm)
|
interface <wifix> radio profile <string>
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
radio |
Set parameters for the wifi radio interface
|
profile |
Set radio profile parameters for an interface
|
<string> |
Enter a radio profile name (1-32 characters)
|
interface <wifix> radio range <number>
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
radio |
Set parameters for the wifi radio interface
|
range |
Set the transmission range for the radio linked to the interface
|
<number> |
Enter the range value in meters (Default: 300; Range: 300-10000)
|
interface <wifix> ssid <string>
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
ssid |
Set SSID (Service Set Identifier) profile for the interface
|
<string> |
Enter an SSID profile name (1-32 chars)
|
interface <wifix> ssid <string> ip <ip_addr/netmask>
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
ssid |
Set SSID (Service Set Identifier) profile for the interface
|
<string> |
Enter an SSID profile name (1-32 chars)
|
ip |
Set IP address for the SSID
|
<ip_addr/netmask> |
Enter the SSID IP address
|
interface <wifix> ssid <string> shutdown
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
ssid |
Set SSID (Service Set Identifier) profile for the interface
|
<string> |
Enter an SSID profile name (1-32 chars)
|
shutdown |
Disable the subinterface to which the SSID is bound
|
interface <wifix> wlan-idp profile <string>
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Bind an IDP profile to the interface
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ip route default gateway <ip_addr> [ metric <number> ]
|
ip |
Set IP parameters
|
route |
Set a routing entry
|
default |
Set a default route entry
|
gateway |
Set the network gateway
|
<ip_addr> |
Enter the gateway IP address
|
metric |
Set metric parameter
|
<number> |
Enter a metric for an IP route (Default: 0; Range: 0-32766)
|
ip route host <ip_addr> [ gateway <ip_addr> ] [ metric <number> ]
|
ip |
Set IP parameters
|
route |
Set a routing entry
|
host |
Set a route to a host
|
<ip_addr> |
Enter target IP address
|
gateway |
Set the network gateway
|
<ip_addr> |
Enter the gateway IP address
|
metric |
Set metric parameter
|
<number> |
Enter a metric for an IP route (Default: 0; Range: 0-32766)
|
ip route net <ip_addr> <netmask> [ gateway <ip_addr> ] [ metric <number> ]
|
ip |
Set IP parameters
|
route |
Set a routing entry
|
net |
Set a route to a net
|
<ip_addr> |
Enter target IP address
|
<netmask> |
Enter target netmask
|
gateway |
Set the network gateway
|
<ip_addr> |
Enter the gateway IP address
|
metric |
Set metric parameter
|
<number> |
Enter a metric for an IP route (Default: 0; Range: 0-32766)
|
ip-policy
<string> [ id <number> ] [ {before|after} id <number> ]
[ from <ip_addr|string> [ <mask> ] ] [ to
<ip_addr|string> [ <mask> ] ] [ service <string> ] [
action {permit|deny|nat|inter-station-traffic-drop} ]
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-32 chars)
|
<string> |
Enter an IP or domain name (1-32 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-32 chars)
|
<string> |
Enter an IP or domain name (1-32 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
nat |
Set the action to translate clients' source IP
address to that of mgt0 and source port number to a dynamically chosen
number (Default: deny; Note: NAT is applied only to TCP and UDP
traffic.)
|
inter-station-traffic-drop |
Set the action to drop traffic between stations if
they are both associated with one or more members of the same cluster
(Default: deny)
|
ip-policy
<string> [ id <number> ] [ {before|after} id <number> ]
[ from <ip_addr|string> [ <mask> ] ] [ to
<ip_addr|string> [ <mask> ] ] [ service <string> ]
action deny log packet-drop
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-32 chars)
|
<string> |
Enter an IP or domain name (1-32 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-32 chars)
|
<string> |
Enter an IP or domain name (1-32 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
log |
Set logging options for packets and sessions that match the IP firewall policy
|
packet-drop |
Log dropped packets that the IP firewall policy denies
|
ip-policy
<string> [ id <number> ] [ {before|after} id <number> ]
[ from <ip_addr|string> [ <mask> ] ] [ to
<ip_addr|string> [ <mask> ] ] [ service <string> ]
action inter-station-traffic-drop log [
{initiate-session|terminate-session|packet-drop} ]
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-32 chars)
|
<string> |
Enter an IP or domain name (1-32 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-32 chars)
|
<string> |
Enter an IP or domain name (1-32 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
inter-station-traffic-drop |
Set the action to drop traffic between stations if
they are both associated with one or more members of the same cluster
(Default: deny)
|
log |
Set logging options for packets and sessions that match IP FW policy
|
initiate-session |
Log the creation of sessions that are permitted by the policy
|
terminate-session |
Log the termination of sessions that are permitted by the policy
|
packet-drop |
Log dropped packets that are denied by the policy
|
ip-policy
<string> [ id <number> ] [ {before|after} id <number> ]
[ from <ip_addr|string> [ <mask> ] ] [ to
<ip_addr|string> [ <mask> ] ] [ service <string> ]
action permit log [ {initiate-session|terminate-session} ]
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-32 chars)
|
<string> |
Enter an IP or domain name (1-32 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-32 chars)
|
<string> |
Enter an IP or domain name (1-32 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
log |
Set logging options for packets and sessions that match the IP firewall policy
|
initiate-session |
Log session details when a session is created after passing a IP firewall policy lookup
|
terminate-session |
Log session details when a session matching a IP firewall policy is terminated
|
ip-policy
<string> [ id <number> ] [ {before|after} id <number> ]
[ from <ip_addr|string> [ <mask> ] ] to local-subnet [
service <string> ] [ action
{permit|deny|nat|inter-station-traffic-drop} ]
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-32 chars)
|
<string> |
Enter an IP or domain name (1-32 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
local-subnet |
Set the subnet of the mgt0 interface as the destination
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
nat |
Set the action to translate clients' source IP
address to that of mgt0 and source port number to a dynamically chosen
number (Default: deny; Note: NAT is applied only to TCP and UDP
traffic.)
|
inter-station-traffic-drop |
Set the action to drop traffic between stations if
they are both associated with one or more members of the same cluster
(Default: deny)
|
iperf client
<ip_addr> [ {port} <number> ] [ {udp} ] [ {interval}
<number> ] [ {no-delay} ] [ {dual-test} ] [ {tradeoff} ] [
{listen-port} <number> ] [ {window} <number> ] [ {mss}
<number> ] [ {bandwidth} <number> ] [ {time} <number> ]
[ {parallel} <number> ]
|
iperf |
Set parameters for Iperf, a tool for testing and measuring network performance
|
client |
Set Iperf to run in client mode
|
<ip_addr> |
Enter the server IP address with which the SmartPath AP connects as an Iperf client
|
port |
Set the port on which the client connects to the server
|
<number> |
Enter the port number (Default: 5001; Range: 1024-65535)
|
udp |
Set the transport protocol as UDP (Default: TCP)
|
interval |
Set the interval between periodic bandwidth, jitter, and loss reports
|
<number> |
Enter the interval in seconds (Default: 0; Range: 1-60; Note: 0 means that the report is not made periodically.)
|
no-delay |
Transmit small logical packets individually without
the delay incurred by putting them in batches within a single larger
physical packet (Default: Smaller packets are transmitted without delay)
|
dual-test |
Set the Iperf tool to do bidirectional upstream and downstream performance testing between the client and server concurrently
|
tradeoff |
Set the Iperf tool to do bidirectional upstream and
downstream performance testing at different times so downstream testing
only begins after upstream testing is complete
|
listen-port |
Set the port on which the server connects to the client
|
<number> |
Enter the port number (Default: Same port on which the client connects to the server; Range: 1024-65535)
|
window |
Set the TCP window size (socket buffer size)
|
<number> |
Enter the TCP window size in kilobytes (Default: 83.5; Range: 2-65535)
|
mss |
Set the maximum TCP segment size (MTU - 40 bytes)
|
<number> |
Enter the maximum TCP segment size in bytes (Default: 4160; Range: 40-65535)
|
bandwidth |
Set the amount of UDP bandwidth to send
|
<number> |
Enter the bandwidth in megabits per second (Default: 1 Mb/sec; Range: 1-1000)
|
time |
Set the length of transmission time
|
<number> |
Enter the time in seconds (Default: 10 seconds; Range: 1-65535)
|
parallel |
Set the client to make multiple connections to the
server concurrently (Note: This option requires multiple thread support
on both the client and server.)
|
<number> |
Enter the number of parallel client threads to run (Default: 1; Range: 1-10)
|
iperf server [ {port}
<number> ] [ {udp} ] [ {single-udp} ] [ {interval} <number> ]
[ {no-delay} ] [ {window} <number> ] [ {mss} <number> ] [
{bind} <ip_addr> ]
|
iperf |
Set parameters for Iperf, a tool for testing and measuring network performance
|
server |
Set Iperf to run in server mode
|
port |
Set the port on which the server listen on
|
<number> |
Enter the port number (Default: 5001; Range: 1024-65535)
|
udp |
Set the transport protocol as UDP (Default: TCP)
|
single-udp |
Set the Iperf tool to run in single-threaded UDP mode
|
interval |
Set the interval between periodic bandwidth, jitter, and loss reports
|
<number> |
Enter the interval in seconds (Default: 0; Range: 1-60; Note: 0 means that the report is not made periodically.)
|
no-delay |
Transmit small logical packets individually without
the delay incurred by putting them in batches within a single larger
physical packet (Default: Smaller packets are transmitted without delay)
|
window |
Set the TCP window size (socket buffer size)
|
<number> |
Enter the TCP window size in kilobytes (Default: 83.5; Range: 2-65535)
|
mss |
Set the maximum TCP segment size (MTU - 40 bytes)
|
<number> |
Enter the maximum TCP segment size in bytes (Default: 4160; Range: 40-65535)
|
bind |
Bind and join the SmartPath AP to a multicast group
|
<ip_addr> |
Enter the IP address of the multicast group (Range: 224.0.0.0-239.255.255.255)
|
library-sip-policy
<string> default user-group <string> [ action
{permit|restricted|deny} ] [ additional-display-message <string> ]
|
library-sip-policy |
Set a SIP (Standard Interchange Protocol) policy to
apply a user profile, VLAN, and session length to library patrons
accessing the wireless network (Note: Set policies on a SmartPath AP
RADIUS server. Max policies: 16; Max rules per policy: 64.)
|
<string> |
Enter a library SIP policy name (1-32 chars)
|
default |
Set the default rule to apply to unregistered library patrons
|
user-group |
Set the user group to which the SmartPath AP RADIUS
authenticator assigns the user (Note: The user group includes user
profile, VLAN, and session timeout assignments.)
|
<string> |
Enter the user group name (1-32 chars)
|
action |
Set the action that the library SIP policy rule applies
|
permit |
Notify users assigned to the user group that they are permitted network access
|
restricted |
Notify users assigned to the user group that they are given restricted network access
|
deny |
Notify users assigned to the user group that they are denied network access except to websites defined in a walled garden
|
additional-display-message |
Set a message to display when a user attempts to access the network
|
<string> |
Enter a message string (up to 256 chars)
|
library-sip-policy
<string> id <number> field <string>
{equal|greater-than|less-than} <number> user-group <string> [
action {permit|restricted|deny} ] [ additional-display-message
<string> ]
|
library-sip-policy |
Set a SIP (Standard Interchange Protocol) policy to
apply a user profile, VLAN, and session length to library patrons
accessing the wireless network (Note: Set policies on a SmartPath AP
RADIUS server. Max policies: 16; Max rules per policy: 64.)
|
<string> |
Enter a library SIP policy name (1-32 chars)
|
id |
Set an ID number for a rule to add it to the library SIP policy
|
<number> |
Enter an ID number (Range: 1-64)
|
field |
Set the two-letter character code that identifies the field name of a specific library SIP value
|
<string> |
Enter the two-letter character code(2 char)
|
equal |
Check if the field value that the SIP server returns equals the number entered in the local SmartPath AP RADIUS server
|
greater-than |
Check if the field value that the SIP server returns is greater than the number entered in the local SmartPath AP RADIUS server
|
less-than |
Check if the field value that the SIP server returns is less than the number entered in the local SmartPath AP RADIUS server
|
<number> |
Enter the number that the SmartPath AP RADIUS server
uses when checking the field values that the SIP server returns (Range:
0-65535)
|
user-group |
Set the user group to which the SmartPath AP RADIUS
authenticator assigns the user (Note: The user group includes user
profile, VLAN, and session timeout assignments.)
|
<string> |
Enter the user group name (1-32 chars)
|
action |
Set the action that the library SIP policy rule applies
|
permit |
Notify users assigned to the user group that they are permitted network access
|
restricted |
Notify users assigned to the user group that they are given restricted network access
|
deny |
Notify users assigned to the user group that they are denied network access except to websites defined in a walled garden
|
additional-display-message |
Set a message to display when a user attempts to access the network
|
<string> |
Enter a message string (up to 256 chars)
|
library-sip-policy
<string> id <number> field <string>
{matches|differs-from|starts-with|occurs-after|occurs-before|contains}
<string> user-group <string> [ action
{permit|restricted|deny} ] [ additional-display-message <string> ]
|
library-sip-policy |
Set a SIP (Standard Interchange Protocol) policy to
apply a user profile, VLAN, and session length to library patrons
accessing the wireless network (Note: Set policies on a SmartPath AP
RADIUS server. Max policies: 16; Max rules per policy: 64.)
|
<string> |
Enter a library SIP policy name (1-32 chars)
|
id |
Set an ID number for a rule to add it to the library SIP policy
|
<number> |
Enter an ID number (Range: 1-64)
|
field |
Set the two-letter character code that identifies the field name of a specific library SIP value
|
<string> |
Enter the two-letter character code(2 char)
|
matches |
Check if the field value that the SIP server returns matches the string entered in the local SmartPath AP RADIUS server
|
differs-from |
Check if the field value that the SIP server returns differs-from the string entered in the local SmartPath AP RADIUS server
|
starts-with |
Check if the field value that the SIP server returns starts-with the string entered in the local SmartPath AP RADIUS server
|
occurs-after |
Check if the field value that the SIP server returns occurs-after the string entered in the local SmartPath AP RADIUS server
|
occurs-before |
Check if the field value that the SIP server returns occurs-before the string entered in the local SmartPath AP RADIUS server
|
contains |
Check if the field value that the SIP server returns contains the string entered in the local SmartPath AP RADIUS server
|
<string> |
Enter the string that the SmartPath AP RADIUS server
uses when checking the field values that the SIP server returns (1-32
chars; Note: Date format must be YYYY-MM-DD; Example: 2010-01-01.)
|
user-group |
Set the user group to which the SmartPath AP RADIUS
authenticator assigns the user (Note: The user group includes user
profile, VLAN, and session timeout assignments.)
|
<string> |
Enter the user group name (1-32 chars)
|
action |
Set the action that the library SIP policy rule applies
|
permit |
Notify users assigned to the user group that they are permitted network access
|
restricted |
Notify users assigned to the user group that they are given restricted network access
|
deny |
Notify users assigned to the user group that they are denied network access except to websites defined in a walled garden
|
additional-display-message |
Set a message to display when a user attempts to access the network
|
<string> |
Enter a message string (up to 256 chars)
|
library-sip-policy <string> id <number> {after|before} id <number>
|
library-sip-policy |
Set a SIP (Standard Interchange Protocol) policy to
apply a user profile, VLAN, and session length to library patrons
accessing the wireless network (Note: Set policies on a SmartPath AP
RADIUS server. Max policies: 16; Max rules per policy: 64.)
|
<string> |
Enter a library SIP policy name (1-32 chars)
|
id |
Set an ID number for a rule to add it to the library SIP policy
|
<number> |
Enter an ID number (Range: 1-64)
|
after |
Move the library SIP rule after another rule in the policy
|
before |
Move the library SIP rule before another rule in the policy
|
id |
Set an ID number for a rule to add it to the library SIP policy
|
<number> |
Enter an ID number (Range: 1-64)
|
lldp [ {cdp|receive-only} ]
|
lldp |
Set LLDP (Link Layer Discovery Protocol) parameters
|
cdp |
Set CDP (Cisco Discovery Protocol) parameters
|
receive-only |
Enable the SmartPath AP to receive and cache LLDP advertisements from neighboring network devices but not send them
|
lldp [ {cdp} ] max-entries <number>
|
lldp |
Set LLDP (Link Layer Discovery Protocol) parameters
|
cdp |
Set CDP (Cisco Discovery Protocol) parameters
|
max-entries |
Set the maximum number of entries to cache in the LLDP or CDP neighbor table
|
<number> |
Enter the maximum number of entries to cache (Default: 64; Range: 1-128)
|
lldp holdtime <number>
|
lldp |
Set LLDP (Link Layer Discovery Protocol) parameters
|
holdtime |
Set the length of time that the SmartPath AP instructs neighboring devices to retain the LLDP advertisements it sends them
|
<number> |
Enter the length of time that the SmartPath AP
instructs neighboring devices to hold LLDP advertisements (Default: 90
seconds; Range: 10-255)
|
lldp max-power <number>
|
lldp |
Set LLDP (Link Layer Discovery Protocol) parameters
|
max-power |
Set the maximum power that can be requested when transmitting LLDP advertisements
|
<number> |
Enter the maximum power in watts to be requested (Default: 154; Range: 1-250; Note: 154 = 15.4 watts)
|
lldp timer <number>
|
lldp |
Set LLDP (Link Layer Discovery Protocol) parameters
|
timer |
Set the interval for sending LLDP advertisements to neighboring network devices
|
<number> |
Enter the interval for sending LLDP advertisements (Default: 30 seconds; Range: 5-250)
|
load config {current|backup|bootstrap|default}
|
load |
Load a configuration file
|
config |
Specify which configuration file to load after rebooting
|
current |
Load the current configuration file after rebooting
|
backup |
Load the backup configuration file after rebooting
|
bootstrap |
Load the bootstrap configuration file after rebooting
|
default |
Load the default configuration file after rebooting
|
location black-box enable
|
location |
Set parameters for location tracking
|
black-box |
Set parameters for the Black Box location processing engine
|
enable |
Enable client location tracking (Default: Disabled)
|
location black-box list-match enable
|
location |
Set parameters for location tracking
|
black-box |
Set parameters for the Black Box location processing engine
|
list-match |
Track a station if its MAC address is in the track list
|
enable |
Enable track list checking before tracking a station (Default: Enabled)
|
location black-box mac <mac_addr>
|
location |
Set parameters for location tracking
|
black-box |
Set parameters for the Black Box location processing engine
|
mac |
Add a MAC entry to the track list
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
location black-box oui <oui>
|
location |
Set parameters for location tracking
|
black-box |
Set parameters for the Black Box location processing engine
|
oui |
Add an OUI (organizationally unique identifier) entry to the track list
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
location black-box report-interval <number>
|
location |
Set parameters for location tracking
|
black-box |
Set parameters for the Black Box location processing engine
|
report-interval |
Set the interval between reports of RSSI readings
|
<number> |
Enter the report interval in seconds (Default: 60; Range: 15-1200)
|
location black-box rssi-hold-time <number>
|
location |
Set parameters for location tracking
|
black-box |
Set parameters for the Black Box location processing engine
|
rssi-hold-time |
Set the number of times that the local SmartPath AP,
as an owner AP, can include the same client RSSI report from another
SmartPath AP in its aggregate report to SmartPath EMS before determining
the data to be stale and omitting it from future reports (Note: The
owner AP is the one to which the client is associated)
|
<number> |
Enter the number of times to reuse a client RSSI report that has not been updated (Default: 0; Range: 0-10)
|
location black-box rssi-update-threshold <number>
|
location |
Set parameters for location tracking
|
black-box |
Set parameters for the Black Box location processing engine
|
rssi-update-threshold |
Set the change in RSSI required to trigger an update
|
<number> |
Enter the update threshold in dB (Default: 3; Range: 1-5)
|
location black-box rssi-valid-period <number>
|
location |
Set parameters for location tracking
|
black-box |
Set parameters for the Black Box location processing engine
|
rssi-valid-period |
Set the period of time that an RSSI reading remains
valid (Note: After this period elapses, an updated report is generated
even if the RSSI value has not crossed the update threshold)
|
<number> |
Enter the validity period in seconds (Default: 60; Range: 15-1200)
|
location black-box suppress-report <number>
|
location |
Set parameters for location tracking
|
black-box |
Set parameters for the Black Box location processing engine
|
suppress-report |
Set the number of consecutive reports that can be suppressed when a client's RSSI has not changed significantly
|
<number> |
Enter the number of consecutive RSSI reports to suppress (Default: 0; Range: 0-80)
|
location rate-threshold {tag|station|rogue-ap} <number>
|
location |
Set parameters for location tracking
|
rate-threshold |
Set the rate limit threshold for location tracking
|
tag |
Set the rate limit threshold for tags
|
station |
Set the rate limit threshold for stations
|
rogue-ap |
Set the rate limit threshold for rogue-aps
|
<number> |
Enter the rate limit threshold in packets per second
(Default: 1000 for tags, 200 for stations, 50 for rogue APs; Range:
1-100000)
|
location {aeroscout|tzsp} enable
|
location |
Set parameters for location tracking
|
aeroscout |
Set parameters for the aeroscout location processing engine
|
tzsp |
Set parameters for the location processing engine that supports TZSP (Tazmen Sniffer Protocol) for packet encapsulation
|
enable |
Enable location tracking and reporting to the location processing engine
|
location {aeroscout} server <string>
|
location |
Set parameters for location tracking
|
aeroscout |
Set parameters for the aeroscout location processing engine
|
server |
Set the IP address or domain name of the location processing engine to which the SmartPath AP sends tracking reports
|
<string> |
Enter the IP address or domain name of the location processing engine (1-64 chars)
|
location {aeroscout} {tag|station|rogue-ap}
|
location |
Set parameters for location tracking
|
aeroscout |
Set parameters for the aeroscout location processing engine
|
tag |
rack and report the location of tags to the location processing engine
|
station |
rack and report the location of stations to the location processing engine
|
rogue-ap |
Track and report the location of rogue APs to the location processing engine
|
location {tzsp} mcast-mac <mac_addr>
|
location |
Set parameters for location tracking
|
tzsp |
Set parameters for the location processing engine that supports TZSP (Tazmen Sniffer Protocol) for packet encapsulation
|
mcast-mac |
Set the multicast MAC address to which the SmartPath
AP transmits captured multicast frames encapsulated with TZSP
(Default: 01:18:8e:00:00:00)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
location {tzsp} server-config server <string> port <number>
|
location |
Set parameters for location tracking
|
tzsp |
Set parameters for the location processing engine that supports TZSP (Tazmen Sniffer Protocol) for packet encapsulation
|
server-config |
Set the IP address or domain name and port number of
the location server to which the SmartPath AP sends TZSP-encapsulated
multicast frames captured from RFID tags
|
server |
Set the IP address or domain name of the location server
|
<string> |
Enter the IP address or domain name (1-64 chars)
|
port |
Set the port number on which the location server listens for tracking reports
|
<number> |
Enter the port number (Range: 1-65535)
|
logging buffered level {emergency|alert|critical|error|warning|notification|info|debug}
|
logging |
Set logging parameters
|
buffered |
Set logging buffer
|
level |
Set logging level
|
emergency |
Send emergency-level log entries (Default: debug)
|
alert |
Send log entries from alert to emergency levels (Default: debug)
|
critical |
Send log entries from critical to emergency levels (Default: debug)
|
error |
Send log entries from error to emergency levels (Default: debug)
|
warning |
Send log entries from warning to emergency levels (Default: debug)
|
notification |
Send log entries from notification to emergency levels (Default: debug)
|
info |
Send log entries from info to emergency levels (Default: debug)
|
debug |
Send log entries for all severity levels (Default: debug)
|
logging debug
|
logging |
Set logging parameters
|
debug |
Enable debug messages
|
logging facility {local0|local1|local2|local3|local4|local5|local6|local7|auth|authpriv|security|user}
|
logging |
Set logging parameters
|
facility |
Set logging facility
|
local0 |
Set log facility to local0 (Default: local6)
|
local1 |
Set log facility to local1 (Default: local6)
|
local2 |
Set log facility to local2 (Default: local6)
|
local3 |
Set log facility to local3 (Default: local6)
|
local4 |
Set log facility to local4 (Default: local6)
|
local5 |
Set log facility to local5 (Default: local6)
|
local6 |
Set log facility to local6 (Default: local6)
|
local7 |
Set log facility to local7 (Default: local6)
|
auth |
Set log facility to auth (Default: local6)
|
authpriv |
Set log facility to authpriv (Default: local6)
|
security |
Set log facility to security (Default: local6)
|
user |
Set log facility to user (Default: local6)
|
logging flash level {emergency|alert|critical|error|warning|notification|info|debug}
|
logging |
Set logging parameters
|
flash |
Set logging flash
|
level |
Set logging level
|
emergency |
Send emergency-level log entries (Default: error)
|
alert |
Send log entries from alert to emergency levels (Default: error)
|
critical |
Send log entries from critical to emergency levels (Default: error)
|
error |
Send log entries from error to emergency levels (Default: error)
|
warning |
Send log entries from warning to emergency levels (Default: error)
|
notification |
Send log entries from notification to emergency levels (Default: error)
|
info |
Send log entries from info to emergency levels (Default: error)
|
debug |
Send log entries for all severity levels (Default: error)
|
logging server <string> [ level {emergency|alert|critical|error|warning|notification|info|debug} ] [ {via-vpn-tunnel} ]
|
logging |
Set logging parameters
|
server |
Set parameters for a syslog server
|
<string> |
Set the IP address or domain name (1-32 characters) for the syslog server
|
level |
Set the severity level for the log messages you want to send
|
emergency |
Send emergency-level log entries
|
alert |
Send log entries from alert to emergency levels
|
critical |
Send log entries from critical to emergency levels
|
error |
Send log entries from error to emergency levels
|
warning |
Send log entries from warning to emergency levels
|
notification |
Send log entries from notification to emergency levels
|
info |
Send log entries from info to emergency levels
|
debug |
Send log entries for all severity levels
|
via-vpn-tunnel |
Send all logging traffic through a VPN tunnel
(Note: Set this option on VPN clients when the logging server is in a
different subnet from the tunnel interface. When they are in the same
subnet, tunneling is automatic.)
|
logging trap level [ {emerg|alert|crit|err|warning|notice|info} ]
|
logging |
Set logging parameters
|
trap |
Set logging trap parameters
|
level |
Set logging trap level
|
emerg |
Set logging trap level to emerg (Default: info)
|
alert |
Set logging trap level to alert (Default: info)
|
crit |
Set logging trap level to crit (Default: info)
|
err |
Set logging trap level to err (Default: info)
|
warning |
Set logging trap level to warning (Default: info)
|
notice |
Set logging trap level to notice (Default: info)
|
info |
Set logging trap level to info (Default: info)
|
login banner <string>
|
login |
Set parameters fot the CLI login
|
banner |
Set the banner that appears after logging in to the CLI
|
<string> |
Enter the banner text (Default: 'Black Box Networks
Inc.\n Copyright (C) 2006-2010\n'; Max: 256 chars; Notes: Use '\n' to
indicate a line break.)
|
mac-object <string> mac-range <mac_addr> - <mac_addr>
|
mac-object |
Set parameters for an MAC object that the SmartPath
AP can use to assign a client with a matching MAC address to a user
profile (Max: 128 MAC objects per SmartPath AP.)
|
<string> |
Enter the MAC object name (1-32 chars)
|
mac-range |
Set a range of MAC addresses for the MAC object (Max: 255 MAC address ranges per MAC object)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
- |
Set a range of MAC addresses
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
mac-policy
<string> [ id <number> ] [ {before|after} id <number> ]
[ from <mac_addr> [ <number> ] ] [ to <mac_addr> [
<number> ] ] [ action {permit|deny} ]
|
mac-policy |
Set MAC policy parameters
|
<string> |
Enter a MAC policy name (1-32 chars)
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
before |
Set the before parameters for a MAC policy
|
after |
Set the after parameters for a MAC policy
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
from |
Set the source MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
to |
Set the destination MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
action |
Set action for a MAC policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
mac-policy
<string> [ id <number> ] [ {before|after} id <number> ]
[ from <mac_addr> [ <number> ] ] [ to <mac_addr> [
<number> ] ] action deny log packet-drop
|
mac-policy |
Set MAC policy parameters
|
<string> |
Enter a MAC policy name (1-32 chars)
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
before |
Set the before parameters for a MAC policy
|
after |
Set the after parameters for a MAC policy
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
from |
Set the source MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
to |
Set the destination MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
action |
Set action for a MAC policy (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
log |
Set logging options for packets and sessions that match the MAC firewall policy
|
packet-drop |
Log dropped packets that the MAC firewall policy denies
|
mac-policy
<string> [ id <number> ] [ {before|after} id <number> ]
[ from <mac_addr> [ <number> ] ] [ to <mac_addr> [
<number> ] ] action permit log [
{initiate-session|terminate-session} ]
|
mac-policy |
Set MAC policy parameters
|
<string> |
Enter a MAC policy name (1-32 chars)
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
before |
Set the before parameters for a MAC policy
|
after |
Set the after parameters for a MAC policy
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
from |
Set the source MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
to |
Set the destination MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
action |
Set action for a MAC policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
log |
Set logging options for packets and sessions that match the MAC firewall policy
|
initiate-session |
Log session details when a session is created after passing a MAC firewall policy lookup
|
terminate-session |
Log session details when a session matching a MAC firewall policy is terminated
|
mobile-device-policy
<string> [ rule <number> ] [ original-user-profile
<string> ] device-group <string>
reassigned-user-profile-attr <number>
|
mobile-device-policy |
Set a policy that assigns a user profile to traffic
from a client based on the originally assigned user profile or the MAC
address, device domain, and OS of the user's client
|
<string> |
Enter the mobile device policy name (1-32 chars)
|
rule |
Add a rule to the mobile device policy
|
<number> |
Enter a number for the rule ID (Range: 1-65535;
Note: If you do not specify a rule ID, the SmartPath AP automatically
assigns one.)
|
original-user-profile |
Specify the user profile that the SmartPath AP first assigns to traffic before it completes the device classification process
|
<string> |
Enter the original user profile (1-32 chars)
|
device-group |
Set the device group that the policy rule references to classify the type of client device in use
|
<string> |
Enter a device group name (1-32 chars)
|
reassigned-user-profile-attr |
Reassign the client to a different user profile if
it belongs to the specified device group or was initially assigned to
the specified original user profile
|
<number> |
Enter the attribute of the user profile to assign in place of the originally assigned one (Range: 0-4095)
|
mobile-device-policy <string> apply {once|multiple-times}
|
mobile-device-policy |
Set a policy that assigns a user profile to traffic
from a client based on the originally assigned user profile or the MAC
address, device domain, and OS of the user's client
|
<string> |
Enter the mobile device policy name (1-32 chars)
|
apply |
Set the method for applying mobile device policy rules
|
once |
Apply a policy rule once if a client match is found
after finishing the complete device type classification process(Default:
Once)
|
multiple-times |
Apply a policy rule if a client match is found at
any point during the device type detection process (Default: Once)(Note:
Different rules might be applied at different times as the SmartPath AP
collects more information about a client.)
|
mobile-device-policy <string> client-classification [ {mac} ] [ {domain} ] [ {os} ]
|
mobile-device-policy |
Set a policy that assigns a user profile to traffic
from a client based on the originally assigned user profile or the MAC
address, device domain, and OS of the user's client
|
<string> |
Enter the mobile device policy name (1-32 chars)
|
client-classification |
Set the client device classification methods that you want to use
|
mac |
Use the client classification method that is based on the MAC address of the device
|
domain |
Use the client classification method that is based on the computer domain to which a client belongs in the database
|
os |
Use the client classification method that is based on the OS running on the device
|
mobile-device-policy <string> rule <number> {before|after} rule <number>
|
mobile-device-policy |
Set a policy that assigns a user profile to traffic
from a client based on the originally assigned user profile or the MAC
address, device domain, and OS of the user's client
|
<string> |
Enter the mobile device policy name (1-32 chars)
|
rule |
Add a rule to the mobile device policy
|
<number> |
Enter a number for the rule ID (Range: 1-65535;
Note: If you do not specify a rule ID, the SmartPath AP automatically
assigns one.)
|
before |
Move the mobile device policy rule before another rule in the policy
|
after |
Move the mobile device policy rule after another rule in the policy
|
rule |
Set a rule before or after another rule in the mobile device policy
|
<number> |
Enter a rule ID number (Range: 1-65535)
|
mobility-policy <string> dnxp
|
mobility-policy |
Set parameters for a mobility policy
|
<string> |
Enter a mobility policy name (1 - 32 chars)
|
dnxp |
Assign DNXP (Dynamic Network eXtension Protocol) for
the mobility policy (Default: predictive roaming support among
neighboring cluster members)
|
mobility-policy <string> dnxp nomadic-roaming
|
mobility-policy |
Set parameters for a mobility policy
|
<string> |
Enter a mobility policy name (1 - 32 chars)
|
dnxp |
Assign DNXP (Dynamic Network eXtension Protocol) for
the mobility policy (Default: predictive roaming support among
neighboring cluster members)
|
nomadic-roaming |
Enable fast roaming support on nonneighboring cluster members in different subnets (Default: predictive-roaming)
|
mobility-policy <string> dnxp unroam-threshold <number> <number>
|
mobility-policy |
Set parameters for a mobility policy
|
<string> |
Enter a mobility policy name (1 - 32 chars)
|
dnxp |
Assign DNXP (Dynamic Network eXtension Protocol) for
the mobility policy (Default: predictive roaming support among
neighboring cluster members)
|
unroam-threshold |
Set the minimum traffic level required to continue
tunneling traffic back to the original subnet of a L3 roaming client.
(Note: If the volume of client traffic dips below the threshold, it is
disassociated.)
|
<number> |
Enter the minimum number of packets/minute to and
from the client required to continue tunneling its traffic back to its
original subnet (Default: 0; Range: 0-2147483647; Note: The value "0"
disables the unroaming feature.)
|
<number> |
Enter the interval in seconds for polling traffic statistics (Default: 60 seconds; Range: 10-600)
|
mobility-policy <string> inxp gre-tunnel from <ip_addr/netmask> password <string>
|
mobility-policy |
Set parameters for a mobility policy
|
<string> |
Enter a mobility policy name (1 - 32 chars)
|
inxp |
Assign INXP (Identity Network eXtension Protocol) for the mobility policy
|
gre-tunnel |
Set the INXP gre-tunnel parameters
|
from |
Set the INXP gre-tunnel source parameters
|
<ip_addr/netmask> |
Enter subnet for INXP gre-tunnel source
|
password |
Set password for INXP gre-tunnel
|
<string> |
Enter password for INXP gre-tunnel (1 - 64 chars)
|
mobility-policy <string> inxp gre-tunnel to <ip_addr> <ip_addr> password <string>
|
mobility-policy |
Set parameters for a mobility policy
|
<string> |
Enter a mobility policy name (1 - 32 chars)
|
inxp |
Assign INXP (Identity Network eXtension Protocol) for the mobility policy
|
gre-tunnel |
Set the INXP gre-tunnel parameters
|
to |
Set the INXP gre-tunnel destination parameters
|
<ip_addr> |
Enter start IP address for INXP gre-tunnel destination
|
<ip_addr> |
Enter end IP address for INXP gre-tunnel destination
|
password |
Set password for INXP gre-tunnel
|
<string> |
Enter password for INXP gre-tunnel (1 - 64 chars)
|
mobility-policy <string> inxp gre-tunnel to <ip_addr> password <string>
|
mobility-policy |
Set parameters for a mobility policy
|
<string> |
Enter a mobility policy name (1 - 32 chars)
|
inxp |
Assign INXP (Identity Network eXtension Protocol) for the mobility policy
|
gre-tunnel |
Set the INXP gre-tunnel parameters
|
to |
Set the INXP gre-tunnel destination parameters
|
<ip_addr> |
Enter start IP address for INXP gre-tunnel destination
|
password |
Set password for INXP gre-tunnel
|
<string> |
Enter password for INXP gre-tunnel (1 - 64 chars)
|
mobility-threshold gre-tunnel permitted-load {low|medium|high}
|
mobility-threshold |
Set parameters for tunneling mobile user traffic
|
gre-tunnel |
Set the volume of traffic that the local SmartPath
AP will accept through GRE (Generic Routing Encapsulation) tunnels
(Note: Only set this option on portals.)
|
permitted-load |
Set a level determining the amount of traffic the local SmartPath AP will accept through GRE tunnels
|
low |
Accept a relatively low number of tunnels (Default: high)
|
medium |
Accept a relatively moderate number of tunnels (Default: high)
|
high |
Accept a relatively high number of tunnels (Default: high)
|
ntp enable
|
ntp |
Set NTP (Network Time Protocol) parameters
|
enable |
Enable the local SmartPath AP to act as an NTP client
|
ntp interval <number>
|
ntp |
Set NTP (Network Time Protocol) parameters
|
interval |
Set the interval for synchronizing the internal clock with an NTP server
|
<number> |
Enter the interval in minutes (Default: 1440; Range: 60-10080)
|
ntp server <string> [ {second|third|fourth} ] [ {via-vpn-tunnel} ]
|
ntp |
Set NTP (Network Time Protocol) parameters
|
server |
Set NTP server parameters
|
<string> |
Enter the IP address or domain name of an NTP server (1-32 chars)
|
second |
Set the priority of the NTP server as second
|
third |
Set its priority as third
|
fourth |
Set its priority as fourth
|
via-vpn-tunnel |
Send all NTP traffic through a VPN tunnel (Note:
Set this option on VPN clients when the NTP server is in a different
subnet from the tunnel interface. When they are in the same subnet,
tunneling is automatic.)
|
os-object <string> os-version <string>
|
os-object |
Set parameters for an OS object that the SmartPath
AP can use to assign a client running a matching OS to a user profile
(Max: 64 OS objects per SmartPath AP.)
|
<string> |
Enter an OS object name (1-32 chars; Note: The
object name is an admin-defined name and does not have to be the name of
an operating system.)
|
os-version |
Set the name and version of an operating system version (Max: 32 OS versions per OS object)
|
<string> |
Enter the exact text string that identifies an
operating system as it appears in the user agent ID field in HTTP
headers (1-32 chars; Note: Use quotation marks if spaces are required.
Examples: "Windows NT 5.1", "Mac OS X", "Linux i686")
|
performance-sentinel notification-interval <number>
|
performance-sentinel |
Set performance sentinel parameters to moderate client throughput
|
notification-interval |
Set the interval for sending SNMP traps to SmartPath EMS to update the performance sentinel log
|
<number> |
Enter the performance sentinel log update interval in seconds (Default: 600; Range: 30-1800)
|
ping <ip_addr> [ count <number> ] [ size <number> ] [ ttl <number> ] [ timeout <number> ]
|
ping |
Perform a ping
|
<ip_addr> |
Enter the destination IP address
|
count |
Stop pinging after sending the specified number of ICMP echo requests
|
<number> |
Enter a number after sending the number of ICMP echo requests the pinging stop (Default: 5, Range: 1-65535)
|
size |
Set the size of the ICMP packets
|
<number> |
Enter the packet size in bytes (Default: 56, Range: 1-1024)
|
ttl |
Set the TTL (time to live)
|
<number> |
Enter the TTL (Range: 1-255)
|
timeout |
Set the length of time to wait for a response
|
<number> |
Enter the timeout in seconds (Default: 10; Range: 1-60)
|
ping <string> [ count <number> ] [ size <number> ] [ ttl <number> ] [ timeout <number> ]
|
ping |
Perform a ping
|
<string> |
Enter the destination domain name (1-32 chars)
|
count |
Set the number of ICMP echo requests to send
|
<number> |
Enter the number of ICMP echo requests (Default: 5, Range: 1-65535)
|
size |
Set the size of the ICMP packets
|
<number> |
Enter the packet size in bytes (Default: 56, Range: 1-1024)
|
ttl |
Set the TTL (time to live)
|
<number> |
Enter the TTL (Range: 1-255)
|
timeout |
Set the length of time to wait for a response
|
<number> |
Enter the timeout in seconds (Default: 10; Range: 1-60)
|
probe
<ip_addr|mac_addr> [ size <number> ] [ src-mac
<mac_addr> ] [ wait-time <number> ] [ ttl <number> ] [
count <number> ]
|
probe |
Set the probe parameters
|
<ip_addr> |
Enter the target IP or MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
size |
Set the probe request packet size (default: 256 bytes)
|
<number> |
Enter a packet size (range: 256-1400 bytes)
|
src-mac |
Set the Source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
wait-time |
Set the timeout value (default: 1 second)
|
<number> |
Enter an timeout value (range: 1-30 seconds)
|
ttl |
Set the TTL value (default 32)
|
<number> |
Enter an TTL value (range: 1-255)
|
count |
Set probe request count (default: 5)
|
<number> |
Enter the probe request count (range: 1-64)
|
probe portal [ size
<number> ] [ src-mac <mac_addr> ] [ wait-time <number>
] [ ttl <number> ] [ count <number> ]
|
probe |
Set the probe parameters
|
portal |
Set the target of the probe as the MAC address of the SmartPath AP acting as portal
|
size |
Set the probe request packet size (default: 256 bytes)
|
<number> |
Enter a packet size (range: 256-1400 bytes)
|
src-mac |
Set the Source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
wait-time |
Set the timeout value (default: 1 second)
|
<number> |
Enter an timeout value (range: 1-30 seconds)
|
ttl |
Set the TTL value (default 32)
|
<number> |
Enter an TTL value (range: 1-255)
|
count |
Set probe request count (default: 5)
|
<number> |
Enter the probe request count (range: 1-64)
|
qos airtime enable
|
qos |
Set QoS (Quality of Service) parameters
|
airtime |
Set QoS parameters based on the amount of airtime that wireless client traffic uses
|
enable |
Enable dynamic airtime scheduling
|
qos airtime rate-preference-weight {none|moderate|high}
|
qos |
Set QoS (Quality of Service) parameters
|
airtime |
Set QoS parameters based on the amount of airtime that wireless client traffic uses
|
rate-preference-weight |
Set a preference for forwarding traffic to and from wireless clients that are capable of fast data transfer rates
|
none |
Set no preference for clients with a fast data rate (Default: high)
|
moderate |
Set a moderate preference for clients with a fast data rate (Default: high)
|
high |
Set a high preference for clients with a fast data rate (Default: high)
|
qos classifier-map 80211e <number> <number>
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-map |
Map QoS priority markers on incoming packets to Black Box QoS classes
|
80211e |
Map IEEE 802.11e user priority markers on incoming packets to Black Box QoS classes
|
<number> |
Enter IEEE 802.11e user priority (Range: 0-7)
|
<number> |
Enter Black Box QoS class (Range: 0-7)
|
qos classifier-map 8021p <number> <number>
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-map |
Map QoS priority markers on incoming packets to Black Box QoS classes
|
8021p |
Map IEEE 802.1p priority markers on incoming packets to Black Box QoS classes
|
<number> |
Enter IEEE 802.1p Priority (Range: 0-7)
|
<number> |
Enter Black Box QoS class (Range: 0-7)
|
qos classifier-map diffserv <number> <number>
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-map |
Map QoS priority markers on incoming packets to Black Box QoS classes
|
diffserv |
Map diffserv DSCP (Differentiated Services Code Point) values on incoming packets to Black Box QoS classes
|
<number> |
Enter the DSCP class (Range: 0-63)
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
qos classifier-map interface <ethx> <number>
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-map |
Map QoS priority markers on incoming packets to Black Box QoS classes
|
interface |
Map incoming Ethernet traffic to Black Box QoS classes by its ingress interface (eth0)
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
qos classifier-map oui <oui> [ qos <number> ] [ action {permit|deny|log} ] [ comment <string> ]
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-map |
Map QoS priority markers on incoming packets to Black Box QoS classes
|
oui |
Set a MAC OUI (Organizational Unique Identifier) classification table
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
qos |
Set an Black Box QoS class to the MAC
|
<number> |
Enter Black Box QoS class (Range: 0-7)
|
action |
Set an action to the MAC OUI
|
permit |
permit the packet
|
deny |
deny the packet
|
log |
log the packet
|
comment |
Add a comment to the MAC OUI
|
<string> |
Enter a comment (Maximum:32 characters) to the MAC
|
qos classifier-map service <string> [ qos <number> ] [ action {permit|deny|log} ]
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-map |
Map QoS priority markers on incoming packets to Black Box QoS classes
|
service |
Set service-based classification table
|
<string> |
Enter service name (1 - 32 chars)
|
qos |
Set an Black Box QoS class to the service
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
action |
Set the action to take when receiving a packet for this service
|
permit |
permit the packet
|
deny |
deny the packet
|
log |
log the packet
|
qos classifier-map ssid <string> <number>
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-map |
Map QoS priority markers on incoming packets to Black Box QoS classes
|
ssid |
Map incoming wireless traffic to Black Box QoS classes by SSID
|
<string> |
Enter an SSID name
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
qos classifier-profile <string> [ {interface/ssid-only|8021p|80211e|diffserv|interface/ssid|mac|service} ]
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-profile |
Set a QoS classification profile
|
<string> |
Enter a classifier profile name (1 - 32 chars)
|
interface/ssid-only |
Classify all incoming and outgoing packets using the
interface or SSID bound to this classifier profile (Note: The
interface/ssid-only method cannot be combined with other methods in the
same classifier profile or applied to more than one profile. This
profile has precedence over all others.)
|
8021p |
Classify incoming packets by 802.1p priority markers present in layer-2 frame headers
|
80211e |
Classify incoming packets by 802.11e priority markers present in wireless frame headers
|
diffserv |
Classify incoming packets by DiffServ DSCP values present in layer-3 packet headers
|
interface/ssid |
Classify packets by the interface or SSID that they
traverse (Note: If two interface/SSID classifier profiles apply to the
same session, the one providing better QoS is used.)
|
mac |
Classify packets by the OUI (organizationally unique
identifier) of the session participants (Note: If two OUI classifier
profiles apply to the same session, the one providing better QoS is
used.)
|
service |
Classify incoming packets by network service type
|
qos enable
|
qos |
Set QoS (Quality of Service) parameters
|
enable |
Enable QoS (Quality of Service)
|
qos marker-map 80211e <number> <number>
|
qos |
Set QoS (Quality of Service) parameters
|
marker-map |
Map Black Box QoS classes to QoS priority markers on outgoing packets
|
80211e |
Map Black Box QoS classes to IEEE 802.11e user priority markers on outgoing packets
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
<number> |
Enter the IEEE 802.11e user priority (Range: 0-7)
|
qos marker-map 8021p <number> <number>
|
qos |
Set QoS (Quality of Service) parameters
|
marker-map |
Map Black Box QoS classes to QoS priority markers on outgoing packets
|
8021p |
Map Black Box QoS classes to IEEE 802.1p priority markers on outgoing packets
|
<number> |
Enter Black Box QoS class (Range: 0-7)
|
<number> |
Enter IEEE 802.1p Priority (Range: 0-7)
|
qos marker-map diffserv <number> <number>
|
qos |
Set QoS (Quality of Service) parameters
|
marker-map |
Map Black Box QoS classes to QoS priority markers on outgoing packets
|
diffserv |
Map Black Box QoS classes to diffserv DSCP (Differentiated Services Code Point) values on outgoing packets
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
<number> |
Enter the DSCP class (Range: 0-63)
|
qos marker-profile <string> [ {8021p|80211e|diffserv} ]
|
qos |
Set QoS (Quality of Service) parameters
|
marker-profile |
Set a QoS marker profile
|
<string> |
Enter the marker profile name (1 - 32 chars)
|
8021p |
Set 8021p marking method
|
80211e |
Set 80211e marking method
|
diffserv |
Set diffserv marking method
|
qos policy
<string> [ user-profile <number> <number> ] [ user
<number> ] [ qos <number> {strict|wrr} <number>
<number> ]
|
qos |
Set QoS (Quality of Service) parameters
|
policy |
Set a QoS (Quality of Service) policy
|
<string> |
Enter the policy name (1 - 32 chars)
|
user-profile |
Set QoS policy parameters at the user profile level
|
<number> |
Enter the user profile rate limit in kbps (Range: 0-2000000)
|
<number> |
Enter user profile's scheduling weight (Range: 0-1000)
|
user |
Set QoS parameters at user level
|
<number> |
Enter the user rate limit in kbps (Range: 0-2000000)
|
qos |
Set QoS parameters at class level
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
strict |
Set scheduling mode to strict
|
wrr |
Set scheduling mode to wrr
|
<number> |
Enter the class rate limit in kbps (Range: 0-2000000)
|
<number> |
Enter the scheduling weight (Range: 0-1000; Note: If scheduling mode is strict, its weight must be zero.)
|
quit
|
quit |
Quit CLI (Command Line Interface)
|
radio profile <string>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
radio profile <string> acsp access channel-auto-select time-range <time> <time> [ station <number> ]
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
access |
Set access point interface parameters
|
channel-auto-select |
Set conditions for automatically selecting radio channels
|
time-range |
Set the time range when a new radio channel can be
selected (Note: During this time, the radio re-evaluates the channel in
use. It might switch to a different channel or continue using the same
channel.)
|
<time> |
Enter the start time (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
<time> |
Enter the end time (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
station |
Set the maximum number of stations that can be
connected to the SmartPath AP when selecting a channel (If more are
connected during the time range, no channel selection occurs.)
|
<number> |
Enter the station maximum (Default: 0; Range: 0-100)
|
radio profile <string> acsp all-channels-model enable
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
all-channels-model |
Set all channels from which the radio can select the optimal channel
|
enable |
Enable all channels selection
|
radio profile <string> acsp channel-model 4-channels [ <channel_g4> ]
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
channel-model |
Set the pool of channels from which the radio can select the optimal channel
|
4-channels |
Set 4-channel model (Defaults: USA: 3 channels,
01-06-11, 01-04-08-11; Europe: 4 channels, 01-05-09-13, 01-06-11; Japan:
4 channels, 01-05-09-14, 01-06-11)
|
<channel_g4> |
Enter the pool of channels from which the radio can select one to use (Format: xx-xx-xx-xx;)
|
radio profile <string> acsp channel-model {3-channels} [ <channel_g3> ]
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
channel-model |
Set the pool of channels from which the radio can select the optimal channel
|
3-channels |
Set 3-channel model (Defaults: USA: 3 channels,
01-06-11, 01-04-08-11; Europe: 4 channels, 01-05-09-13, 01-06-11; Japan:
4 channels, 01-05-09-14, 01-06-11)
|
<channel_g3> |
Enter the pool of channels from which the radio can select one to use (Format: xx-xx-xx;)
|
radio profile <string> acsp interference-switch crc-err-threshold <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
interference-switch |
Set parameters for the collection of RF interference-related data and switch channels if the threshold is reached
|
crc-err-threshold |
Set an RF interference threshold based on the rate
of CRC (cyclic redundancy check) errors (Note: If the rate of CRC errors
exceeds this threshold, the SmartPath AP switches channels)
|
<number> |
Enter the threshold as a percent (Default: 25; Range: 10-80)
|
radio profile <string> acsp interference-switch iu-threshold <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
interference-switch |
Set parameters for the collection of RF interference-related data and switch channels if the threshold is reached
|
iu-threshold |
Set an RF interference threshold based on
interference utilization (Note: If the percent of interference
utilization exceeds this value, the SmartPath AP switches channels)
|
<number> |
Enter the threshold as a percent (Default: 25; Range: 10-80)
|
radio profile <string> acsp interference-switch {enable|no-station-enable|disable}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
interference-switch |
Set parameters for the collection of RF interference-related data and switch channels if the threshold is reached
|
enable |
Enable the radio to switch channels if the RF interference threshold is reached (Default setting: no-station-enable)
|
no-station-enable |
Enable the radio to switch channels only if the RF
interference threshold is reached and no stations are connected (Default
setting: no-station-enable)
|
disable |
Disable the radio from switching channels because of RF interference-related data (Default setting: no-station-enable)
|
radio profile <string> acsp max-tx-power <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
max-tx-power |
Set radio max transmit power
|
<number> |
Enter the max transmit power (Default: 20 dBm; Range: 10-20 dBm)
|
radio profile <string> ampdu
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
ampdu |
Enable AMPDU (Aggregate MAC Protocol Data Unit) transmissions to reduce overhead when the transmission channel is busy
|
radio profile <string> backhaul failover [ trigger-time <number> ] [ hold-time <number> ]
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
backhaul |
Set parameters for failing over the backhaul link
from Ethernet to wireless (Note: Only set this command on a SmartPath AP
that acts as a portal.)
|
failover |
Enable backhaul communications to fail over to the wireless link if the Ethernet link goes down (Default: enabled)
|
trigger-time |
Set how long the Ethernet link must be down to trigger a failover to the wireless link
|
<number> |
Enter the failover trigger time in seconds (Default: 2; Range: 1-5)
|
hold-time |
Set how long the Ethernet link must be up to revert backhaul communications from wireless to Ethernet
|
<number> |
Enter the hold time in seconds (Default: 30; Range: 1-300)
|
radio profile <string> band-steering balance-band threshold <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
band-steering |
Distribute wireless clients that support both 2.4
and 5 GHz bands evenly across the two bands when an SSID is available on
both bands
|
balance-band |
Balance clients according to an approximate ratio
between 2.4 GHz and 5 GHz channels (Default: Allow four 5 GHz clients
for every one 2.4 GHz client, or 80%.)
|
threshold |
Set the minimum ratio of 5 GHz clients to 2.4 GHz
clients, expressed as a percentage (Example: Four 5-GHz stations to five
total stations is 80%.)
|
<number> |
Enter the threshold to begin balancing band usage as a percentage (Range: 0-100; Default: 80)
|
radio profile <string> band-steering enable
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
band-steering |
Distribute wireless clients that support both 2.4
and 5 GHz bands evenly across the two bands when an SSID is available on
both bands
|
enable |
Enable band steering (Default: Disabled)
|
radio profile <string> band-steering mode {balance-band|prefer-5g|force-5g}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
band-steering |
Distribute wireless clients that support both 2.4
and 5 GHz bands evenly across the two bands when an SSID is available on
both bands
|
mode |
Set the mode for band steering (Default: prefer-5g)
|
balance-band |
Balance clients according to an approximate ratio
between 2.4 GHz and 5 GHz channels (Default: Allow four 5 GHz clients
for every one 2.4 GHz client, or 80%.)
|
prefer-5g |
Encourage clients that are 5-GHz capable to move to
the 5 GHz band by ignoring requests from them on the 2.4 GHz band (Note:
If a client continues to attempt using 2.4 GHz even when offered a 5
GHz connection, the system allows it to connect at 2.4 GHz after a
specified number of attempts. The default is 5.)
|
force-5g |
Answer probe requests from 5 GHz-capable clients only on 5 GHz interfaces
|
radio profile <string> band-steering prefer-5g suppression-limit <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
band-steering |
Distribute wireless clients that support both 2.4
and 5 GHz bands evenly across the two bands when an SSID is available on
both bands
|
prefer-5g |
Encourage clients that are 5-GHz capable to move to
the 5 GHz band by ignoring requests from them on the 2.4 GHz band (Note:
If a client continues to attempt using 2.4 GHz even when offered a 5
GHz connection, the system allows it to connect at 2.4 GHz after a
specified number of attempts. The default is 5.)
|
suppression-limit |
Set a limit number to the number of probe responses the system suppresses before accepting a client on the 2.4 GHz band
|
<number> |
Enter the number of probe responses the system
suppresses before accepting client in the 2.4 GHz band (Default: 5;
Range: 1-100)
|
radio profile <string> beacon-period <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
beacon-period |
Set the period of time between beacon broadcasts
|
<number> |
Enter the beacon period in TUs (time units, a
measurement of time equal to 1024 microseconds) for the radio profile
(Default: 100, Range: 40-3500)
|
radio profile <string> benchmark phymode 11a rate {6|9|12|18|24|36|48|54} success <number> usage <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
benchmark |
Set benchmark parameters for gauging the health of client connectivity
|
phymode |
Set the physical mode for which you want to measure client connectivity
|
11a |
Set benchmark parameters for 11a mode
|
rate |
Set the transmission rate that you expect clients
with healthy connectivity to use (Note: You can set up to 3 rates for
the same phymode)
|
6 |
Enter the transmission rate
|
9 |
Enter the transmission rate
|
12 |
Enter the transmission rate
|
18 |
Enter the transmission rate
|
24 |
Enter the transmission rate
|
36 |
Enter the transmission rate
|
48 |
Enter the transmission rate
|
54 |
Enter the transmission rate
|
success |
Set the percent of packets that you expect clients with healthy connectivity to transmit successfully
|
<number> |
Enter the percent for successfully transmitted packets (Range: 1-100)
|
usage |
Set the percent of time that you expect clients with healthy connectivity to transmit at the defined rate
|
<number> |
Enter the percent of time that clients transmit at the defined rate (Range: 1-100)
|
radio profile <string> benchmark phymode 11b rate {1|2|5.5|11} success <number> usage <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
benchmark |
Set benchmark parameters for gauging the health of client connectivity
|
phymode |
Set the physical mode for which you want to measure client connectivity
|
11b |
Set benchmark parameters for 11b mode
|
rate |
Set the transmission rate that you expect clients
with healthy connectivity to use (Note: You can set up to 3 rates for
the same phymode)
|
1 |
Enter the transmission rate
|
2 |
Enter the transmission rate
|
5.5 |
Enter the transmission rate
|
11 |
Enter the transmission rate
|
success |
Set the percent of packets that you expect clients with healthy connectivity to transmit successfully
|
<number> |
Enter the percent for successfully transmitted packets (Range: 1-100)
|
usage |
Set the percent of time that you expect clients with healthy connectivity to transmit at the defined rate
|
<number> |
Enter the percent of time that clients transmit at the defined rate (Range: 1-100)
|
radio profile
<string> benchmark phymode 11g rate
{1|2|5.5|11|6|9|12|18|24|36|48|54} success <number> usage
<number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
benchmark |
Set benchmark parameters for gauging the health of client connectivity
|
phymode |
Set the physical mode for which you want to measure client connectivity
|
11g |
Set benchmark parameters for 11g mode
|
rate |
Set the transmission rate that you expect clients
with healthy connectivity to use (Note: You can set up to 3 rates for
the same phymode)
|
1 |
Enter the transmission rate
|
2 |
Enter the transmission rate
|
5.5 |
Enter the transmission rate
|
11 |
Enter the transmission rate
|
6 |
Enter the transmission rate
|
9 |
Enter the transmission rate
|
12 |
Enter the transmission rate
|
18 |
Enter the transmission rate
|
24 |
Enter the transmission rate
|
36 |
Enter the transmission rate
|
48 |
Enter the transmission rate
|
54 |
Enter the transmission rate
|
success |
Set the percent of packets that you expect clients with healthy connectivity to transmit successfully
|
<number> |
Enter the percent for successfully transmitted packets (Range: 1-100)
|
usage |
Set the percent of time that you expect clients with healthy connectivity to transmit at the defined rate
|
<number> |
Enter the percent of time that clients transmit at the defined rate (Range: 1-100)
|
radio profile
<string> benchmark phymode 11n rate
{6|9|12|18|24|36|48|54|mcs0|mcs1|mcs2|mcs3|mcs4|mcs5|mcs6|mcs7|mcs8|mcs9|mcs10|mcs11|mcs12|mcs13|mcs14|mcs15}
success <number> usage <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
benchmark |
Set benchmark parameters for gauging the health of client connectivity
|
phymode |
Set the physical mode for which you want to measure client connectivity
|
11n |
Set benchmark parameters for 11n mode
|
rate |
Set the transmission rate that you expect clients
with healthy connectivity to use (Note: You can set up to 3 rates for
the same phymode)
|
6 |
Enter the transmission rate
|
9 |
Enter the transmission rate
|
12 |
Enter the transmission rate
|
18 |
Enter the transmission rate
|
24 |
Enter the transmission rate
|
36 |
Enter the transmission rate
|
48 |
Enter the transmission rate
|
54 |
Enter the transmission rate
|
mcs0 |
Enter the transmission rate
|
mcs1 |
Enter the transmission rate
|
mcs2 |
Enter the transmission rate
|
mcs3 |
Enter the transmission rate
|
mcs4 |
Enter the transmission rate
|
mcs5 |
Enter the transmission rate
|
mcs6 |
Enter the transmission rate
|
mcs7 |
Enter the transmission rate
|
mcs8 |
Enter the transmission rate
|
mcs9 |
Enter the transmission rate
|
mcs10 |
Enter the transmission rate
|
mcs11 |
Enter the transmission rate
|
mcs12 |
Enter the transmission rate
|
mcs13 |
Enter the transmission rate
|
mcs14 |
Enter the transmission rate
|
mcs15 |
Enter the transmission rate
|
success |
Set the percent of packets that you expect clients with healthy connectivity to transmit successfully
|
<number> |
Enter the percent for successfully transmitted packets (Range: 1-100)
|
usage |
Set the percent of time that you expect clients with healthy connectivity to transmit at the defined rate
|
<number> |
Enter the percent of time that clients transmit at the defined rate (Range: 1-100)
|
radio profile <string> channel-width {20|40-above|40-below}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
channel-width |
Set the channel width and the extensive channel offset when channel width is 40 MHz
|
20 |
Enter the channel width and extensive channel offset (Default: 20 Mhz)
|
40-above |
Enter the channel width and extensive channel offset (Default: 20 Mhz)
|
40-below |
Enter the channel width and extensive channel offset (Default: 20 Mhz)
|
radio profile <string> client-load-balance crc-error-limit <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
client-load-balance |
Enable the SmartPath AP to engage in client load
balancing with neighboring cluster members and set client load balancing
parameters
|
crc-error-limit |
Set the maximum CRC (cyclic redundancy check) error
rate that the SmartPath AP will tolerate before ignoring probes and
association requests
|
<number> |
Enter the maximum CRC error rate as a percent (Default: 30; Range: 1-99)
|
radio profile <string> client-load-balance enable
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
client-load-balance |
Enable the SmartPath AP to engage in client load
balancing with neighboring cluster members and set client load balancing
parameters
|
enable |
Enable client load balancing (Default: Disabled)
|
radio profile <string> client-load-balance hold-time <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
client-load-balance |
Enable the SmartPath AP to engage in client load
balancing with neighboring cluster members and set client load balancing
parameters
|
hold-time |
Set the amount of time that a client must be
associated with a SmartPath AP before it can roam (Note: Roaming before
the hold time elapses is allowed if the client SNR is below the SNR
threshold, the owner SmartPath AP is overloaded, or the client is
experiencing a high level of interference.)
|
<number> |
Enter the hold time for clients in seconds (Default: 60; Range: 10-600)
|
radio profile <string> client-load-balance interference-limit <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
client-load-balance |
Enable the SmartPath AP to engage in client load
balancing with neighboring cluster members and set client load balancing
parameters
|
interference-limit |
Set the maximum amount of RF interference that the SmartPath AP will tolerate before ignoring probes and association requests
|
<number> |
Enter the maximum interference limit as a percent (Default: 40; Range: 1-99)
|
radio profile <string> client-load-balance mode {airtime|sta-num}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
client-load-balance |
Enable the SmartPath AP to engage in client load
balancing with neighboring cluster members and set client load balancing
parameters
|
mode |
Set the mode for balancing client load with neighboring cluster members (Default: airtime)
|
airtime |
Enable load balancing based on airtime; that is, on the amount of the wireless medium being used
|
sta-num |
Enable load balancing based on the total number of clients associated with the device
|
radio profile <string> client-load-balance neighbor-load-query-interval <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
client-load-balance |
Enable the SmartPath AP to engage in client load
balancing with neighboring cluster members and set client load balancing
parameters
|
neighbor-load-query-interval |
Set the time interval to query neighboring SmartPath APs for load information
|
<number> |
Enter the load query time interval in seconds (Range: 1-600; Default: 60)
|
radio profile <string> client-load-balance sta-mini-airtime <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
client-load-balance |
Enable the SmartPath AP to engage in client load
balancing with neighboring cluster members and set client load balancing
parameters
|
sta-mini-airtime |
Set the minimum average percent of airtime consumed
by all clients associated with the SmartPath AP before it begins
ignoring probes and association requests from new client
|
<number> |
Enter the minimum station airtime as a percent (Default: 4; Range: 1-5)
|
radio profile <string> deny-client {11b|11abg}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
deny-client |
Deny connections from wireless clients using the specified standards
|
11b |
Deny connections from wireless clients using the 802.11b standard (Default: All connections are accepted)
|
11abg |
Deny connections from wireless clients using the
802.11a/b/g standard (Default: All connections are accepted; Note: This
option is only allowed for radio profiles supporting 802.11n)
|
radio profile <string> detect-bssid-spoofing
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
detect-bssid-spoofing |
Enable the detection of spoofed BSSIDs (Default: Disabled)
|
radio profile <string> dfs
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
dfs |
Enable DFS (Dynamic Frequency Selection) so the
radio can switch channels automatically when detecting a radar signal
(Default: Disabled)
|
radio profile <string> dfs radar-detect-only
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
dfs |
Enable DFS (Dynamic Frequency Selection) so the
radio can switch channels automatically when detecting a radar signal
(Default: Disabled)
|
radar-detect-only |
Enable radar signal detection but do not change channels if it is detected (Default: Disabled)
|
radio profile <string> high-density broadcast-probe-suppress enable
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
high-density |
Set parameters to reduce management traffic and improve the processing of client traffic in a high-density RF environment
|
broadcast-probe-suppress |
Suppress the broadcast of probe responses
|
enable |
Enable the suppression of broadcast probe responses (Default: Disabled)
|
radio profile <string> high-density continuous-probe-suppress enable
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
high-density |
Set parameters to reduce management traffic and improve the processing of client traffic in a high-density RF environment
|
continuous-probe-suppress |
Suppress subsequent transmissions of probe responses
to clients that send multiple probe requests within the same beacon
interval
|
enable |
Enable the suppression of subsequent probe responses (Default: Disabled)
|
radio profile <string> high-density enable
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
high-density |
Set parameters to reduce management traffic and improve the processing of client traffic in a high-density RF environment
|
enable |
Enable high-density settings (Default: Disabled)
|
radio profile <string> high-density mgmt-frame-tx-rate {low|high}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
high-density |
Set parameters to reduce management traffic and improve the processing of client traffic in a high-density RF environment
|
mgmt-frame-tx-rate |
Set the management frame transmit bit rate as low or
high (Note: This setting also applies to broadcast and multicast data
frame bit rates and unicast data frame retry bit rates.)
|
low |
Set the basic transmit rate for a high density deployment as low (Default: Low)
|
high |
Set the basic transmit rate for a high density deployment as high (Default: Low)
|
radio profile <string> interference-map crc-err-threshold <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
interference-map |
Set parameters for the collection of RF interference-related data and the reporting of this data to SmartPath EMS
|
crc-err-threshold |
Set an RF interference threshold based on the rate
of CRC (cyclic redundancy check) errors (Note: If the rate of CRC errors
exceeds this threshold, the SmartPath AP alerts SmartPath EMS to switch
from its regular polling interval to a shorter one)
|
<number> |
Enter the threshold as a percent (Default: 20; Range: 15-60)
|
radio profile <string> interference-map cu-threshold <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
interference-map |
Set parameters for the collection of RF interference-related data and the reporting of this data to SmartPath EMS
|
cu-threshold |
Set an RF interference threshold based on channel
utilization (Note: If the percent of channel utilization exceeds this
value, the SmartPath AP alerts SmartPath EMS to switch from its regular
polling interval to a shorter one)
|
<number> |
Enter the threshold as a percent (Default: 20; Range: 15-60)
|
radio profile <string> interference-map enable
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
interference-map |
Set parameters for the collection of RF interference-related data and the reporting of this data to SmartPath EMS
|
enable |
Enable the collection and reporting of RF interference-related data to SmartPath EMS
|
radio profile <string> interference-map short-term-interval <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
interference-map |
Set parameters for the collection of RF interference-related data and the reporting of this data to SmartPath EMS
|
short-term-interval |
Set the interval during which the SmartPath AP
calculates a short-term average of channel utilization and CRC errors
(Note: The SmartPath AP calculates three averages: a running average, a
configurable short-term average, and a 60-second snapshot average)
|
<number> |
Enter the short-term interval in minutes (Default: 5; Range: 5-30)
|
radio profile <string> max-client <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
max-client |
Set radio profile's max number of clients/neighbors
|
<number> |
Enter the maximum number of clients (Range: 1-100)
|
radio profile <string> phymode {11a|11b/g|11na|11ng}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
phymode |
Set the physical mode of the radio profile
|
11a |
Set the physical mode to 11a (Default: 11b/g)
|
11b/g |
Set the physical mode to 11b/g (Default: 11b/g)
|
11na |
Set the physical mode to 11na (Default: 11b/g)
|
11ng |
Set the physical mode to 11ng (Default: 11b/g)
|
radio profile <string> receive-chain <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
receive-chain |
Set the number of receive chains for frame reception
|
<number> |
Enter the number of receive chains (Default: 2; Range: 1-2)
|
radio profile <string> safety-net enable
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
safety-net |
Enable the SmartPath AP, when it is in an overloaded
state or if the client's SNR is low, to respond to a client making
association requests after the timeout period elapses
|
enable |
Enable safety net checking (Default: Enabled)
|
radio profile <string> safety-net timeout <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
safety-net |
Enable the SmartPath AP, when it is in an overloaded
state or if the client's SNR is low, to respond to a client making
association requests after the timeout period elapses
|
timeout |
Set the maximum length of time to ignore association
requests from a client when the SmartPath AP is in an overloaded state
or if the client's SNR is low
|
<number> |
Enter the timeout in seconds (Default: 60; Range: 5-300)
|
radio profile <string> scan access
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
scan |
Enable scanning to detect neighboring APs
|
access |
Enable scanning for interfaces in access mode (Default: Enabled)
|
radio profile <string> scan access client
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
scan |
Enable scanning to detect neighboring APs
|
access |
Enable scanning for interfaces in access mode (Default: Enabled)
|
client |
Allow scanning to occur when clients are connected (Default: Allowed)
|
radio profile <string> scan access client power-save
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
scan |
Enable scanning to detect neighboring APs
|
access |
Enable scanning for interfaces in access mode (Default: Enabled)
|
client |
Allow scanning to occur when clients are connected (Default: Allowed)
|
power-save |
Allow scanning to occur when connected clients are in a power save state (Default: Disallowed)
|
radio profile <string> scan access interval <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
scan |
Enable scanning to detect neighboring APs
|
access |
Enable scanning for interfaces in access mode (Default: Enabled)
|
interval |
Set the scan interval
|
<number> |
Enter the scan interval in minutes (Default: 10 minutes; Range: 1-1440)
|
radio profile <string> scan access voice
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
scan |
Enable scanning to detect neighboring APs
|
access |
Enable scanning for interfaces in access mode (Default: Enabled)
|
voice |
Allow scanning to occur while processing voice traffic (Default: Disallowed)
|
radio profile <string> short-guard-interval
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
short-guard-interval |
Enable the short guard interval option (400ns) to
avoid inter-symbol interference and improve media throughput (Note: This
is only valid in 40-MHz channel mode.)
|
radio profile <string> short-preamble
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
short-preamble |
Set short preamble mode of radio profile
|
radio profile <string> transmit-chain <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
transmit-chain |
Set the number of transmit chains for frame transmission or configure the SmartPath AP to determine them automatically
|
<number> |
Enter the number of transmit chains (Default: 2; Range: 1-2)
|
radio profile
<string> tx-rate
{auto|1Mbps|2Mbps|5.5Mbps|6Mbps|9Mbps|11Mbps|12Mbps|18Mbps|24Mbps|36Mbps|48Mbps|54Mbps|MCS0|MCS1|MCS2|MCS3| MCS4|MCS5|MCS6|MCS7|MCS8|MCS9|MCS10|MCS11|MCS12|MCS13|MCS14|MCS15|MCS16|MCS17|MCS18|MCS19|MCS20|MCS21|MCS22|MCS23}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
tx-rate |
Set the Tx (transmission) rate for the radio profile
|
auto |
Set the radio to determine its transmission rate automatically (Default: auto; Range: 1-54 Mbps)
|
1Mbps |
Set the transmit rate as 1Mbps (Only for 802.11bg and 802.11ng)
|
2Mbps |
Set the transmit rate as 2Mbps (Only for 802.11bg and 802.11ng)
|
5.5Mbps |
Set the transmit rate as 5.5Mbps (Only for 802.11bg and 802.11ng)
|
6Mbps |
Set the transmit rate as 6Mbps
|
9Mbps |
Set the transmit rate as 9Mbps
|
11Mbps |
Set the transmit rate as 11Mbps (Only for 802.11bg and 802.11ng)
|
12Mbps |
Set the transmit rate as 12Mbps
|
18Mbps |
Set the transmit rate as 18Mbps
|
24Mbps |
Set the transmit rate as 24Mbps
|
36Mbps |
Set the transmit rate as 36Mbps
|
48Mbps |
Set the transmit rate as 48Mbps
|
54Mbps |
Set the transmit rate as 54Mbps
|
MCS0 |
Set the transmit rate as MCS0
|
MCS1 |
Set the transmit rate as MCS1
|
MCS2 |
Set the transmit rate as MCS2
|
MCS3 |
Set the transmit rate as MCS3
|
MCS4 |
Set the transmit rate as MCS4
|
MCS5 |
Set the transmit rate as MCS5
|
MCS6 |
Set the transmit rate as MCS6
|
MCS7 |
Set the transmit rate as MCS7
|
MCS8 |
Set the transmit rate as MCS8
|
MCS9 |
Set the transmit rate as MCS9
|
MCS10 |
Set the transmit rate as MCS10
|
MCS11 |
Set the transmit rate as MCS11
|
MCS12 |
Set the transmit rate as MCS12
|
MCS13 |
Set the transmit rate as MCS13
|
MCS14 |
Set the transmit rate as MCS14
|
MCS15 |
Set the transmit rate as MCS15
|
MCS16 |
Set the transmit rate as MCS16 (Only for the SmartPath AP 330 and 350)
|
MCS17 |
Set the transmit rate as MCS17 (Only for the SmartPath AP 330 and 350)
|
MCS18 |
Set the transmit rate as MCS18 (Only for the SmartPath AP 330 and 350)
|
MCS19 |
Set the transmit rate as MCS19 (Only for the SmartPath AP 330 and 350)
|
MCS20 |
Set the transmit rate as MCS20 (Only for the SmartPath AP 330 and 350)
|
MCS21 |
Set the transmit rate as MCS21 (Only for the SmartPath AP 330 and 350)
|
MCS22 |
Set the transmit rate as MCS22 (Only for the SmartPath AP 330 and 350)
|
MCS23 |
Set the transmit rate as MCS23 (Only for the SmartPath AP 330 and 350)
|
radio profile <string> weak-snr-suppress enable
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
weak-snr-suppress |
Set parameters to determine when the SNR
(signal-to-noise ratio) for a client is weak, and enable the SmartPath
AP to ignore probes and association requests from clients with weak SNRs
|
enable |
Enable the suppression of probe responses when the client SNR is weak (Default: Disabled)
|
radio profile <string> weak-snr-suppress threshold <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
weak-snr-suppress |
Set parameters to determine when the SNR
(signal-to-noise ratio) for a client is weak, and enable the SmartPath
AP to ignore probes and association requests from clients with weak SNRs
|
threshold |
Set the minium amount of SNR(signal-to-noise ratio) that the SmartPath AP will accepting probes and association requests
|
<number> |
Enter threshold of weak snr suppress in dB (Default: 15, Range: 1-100)
|
radio profile <string> wmm ac {background|best-effort|video|voice} aifs <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
wmm |
Set Wi-Fi Multimedia parameters
|
ac |
Set Access Category parameters
|
background |
Set background access category parameters
|
best-effort |
Set best-effort access category parameters
|
video |
Set video access category parameters
|
voice |
Set voice access category parameters
|
aifs |
Set AIFS (arbitration interframe space) parameters
|
<number> |
Set the AIFS value (Range: 0-15)
|
radio profile <string> wmm ac {background|best-effort|video|voice} cwmax <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
wmm |
Set Wi-Fi Multimedia parameters
|
ac |
Set Access Category parameters
|
background |
Set background access category parameters
|
best-effort |
Set best-effort access category parameters
|
video |
Set video access category parameters
|
voice |
Set voice access category parameters
|
cwmax |
Set maximal contention window parameters
|
<number> |
contention window maximal value (Range: 1-15)
|
radio profile <string> wmm ac {background|best-effort|video|voice} cwmin <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
wmm |
Set Wi-Fi Multimedia parameters
|
ac |
Set Access Category parameters
|
background |
Set background access category parameters
|
best-effort |
Set best-effort access category parameters
|
video |
Set video access category parameters
|
voice |
Set voice access category parameters
|
cwmin |
Set minimal contention window parameters
|
<number> |
Set contention window minimal value (Range: 1-15)
|
radio profile <string> wmm ac {background|best-effort|video|voice} noack
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
wmm |
Set Wi-Fi Multimedia parameters
|
ac |
Set Access Category parameters
|
background |
Set background access category parameters
|
best-effort |
Set best-effort access category parameters
|
video |
Set video access category parameters
|
voice |
Set voice access category parameters
|
noack |
Set no acknowledgments
|
radio profile <string> wmm ac {background|best-effort|video|voice} txoplimit <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 characters)
|
wmm |
Set Wi-Fi Multimedia parameters
|
ac |
Set Access Category parameters
|
background |
Set background access category parameters
|
best-effort |
Set best-effort access category parameters
|
video |
Set video access category parameters
|
voice |
Set voice access category parameters
|
txoplimit |
Set transmission opportunity limit parameters
|
<number> |
Set transmission opportunity limit value (Range: 0-8192; Note: Your input must be multiples of 64)
|
reboot
|
reboot |
Reboot the system
|
reboot date <date> time <time>
|
reboot |
Reboot the system
|
date |
Schedule the system to reboot at a specific date and time
|
<date> |
Enter the date when you want the system to reboot (Format: yyyy-mm-dd; Default: The current date provided by SmartPath OS)
|
time |
Set the time when you want the system to reboot
|
<time> |
Enter the time (Format: hh:mm:ss; Default: 00:00:00)
|
reboot offset <time>
|
reboot |
Reboot the system
|
offset |
Schedule the system to reboot at a time relative to the moment you enter the command
|
<time> |
Enter the length of time after which the system will
reboot (Maximum: 24 hours from the time you enter the command; Format:
hh:mm:ss; Default:00:00:00)
|
reboot {backup|current}
|
reboot |
Reboot the system
|
backup |
Load the backup SmartPath OS image when rebooting
(Default image to load when rebooting after saving a new image: backup;
Default image to load when rebooting at all other times: current)
|
current |
Load the currently running SmartPath OS image when rebooting
|
reboot {backup|current} date <date> time <time>
|
reboot |
Reboot the system
|
backup |
Load the backup SmartPath OS image when rebooting
(Default image to load when rebooting after saving a new image: backup;
Default image to load when rebooting at all other times: current)
|
current |
Load the currently running SmartPath OS image when rebooting
|
date |
Schedule the system to reboot at a specific date and time
|
<date> |
Enter the date when you want the system to reboot (Format: yyyy-mm-dd; Default: The current date provided by SmartPath OS)
|
time |
Set the time when you want the system to reboot
|
<time> |
Enter the time (Format: hh:mm:ss; Default: 00:00:00)
|
reboot {backup|current} offset <time>
|
reboot |
Reboot the system
|
backup |
Load the backup SmartPath OS image when rebooting
(Default image to load when rebooting after saving a new image: backup;
Default image to load when rebooting at all other times: current)
|
current |
Load the currently running SmartPath OS image when rebooting
|
offset |
Schedule the system to reboot at a time relative to the moment you enter the command
|
<time> |
Enter the length of time after which the system will
reboot (Maximum: 24 hours from the time you enter the command; Format:
hh:mm:ss; Default:00:00:00)
|
report statistic alarm-threshold client {tx-drop-rate|rx-drop-rate|tx-retry-rate|airtime-consumption} <number>
|
report |
Set the parameters for gathering traffic statistics and reporting them to SmartPath EMS
|
statistic |
Set the periodic reporting of interface-level and client-level traffic statistics
|
alarm-threshold |
Set the alarm threshold for the CRC error rate,
Tx/Rx drop rate, and Tx retry rate(Note: If the rate exceeds the
threshold, the SmartPath AP sends an alarm to SmartPath EMS.)
|
client |
Set the Tx/Rx drop rate, Tx retry rate, and airtime consumption alarm threshold of clients
|
tx-drop-rate |
Set the Tx drop rate alarm threshold for clients (Default: 40%)
|
rx-drop-rate |
Set the Rx drop rate alarm threshold for clients (Default: 40%)
|
tx-retry-rate |
Set the Tx retry rate alarm threshold for clients (Default: 40%)
|
airtime-consumption |
Set the airtime consumption (Tx airtime percentage + Rx airtime percentage) alarm threshold for clients (Default: 30%)
|
<number> |
Enter the alarm threshold (Range: 1-100)
|
report statistic
alarm-threshold interface
{crc-error-rate|tx-drop-rate|rx-drop-rate|tx-retry-rate|airtime-consumption}
<number>
|
report |
Set the parameters for gathering traffic statistics and reporting them to SmartPath EMS
|
statistic |
Set the periodic reporting of interface-level and client-level traffic statistics
|
alarm-threshold |
Set the alarm threshold for the CRC error rate,
Tx/Rx drop rate, and Tx retry rate(Note: If the rate exceeds the
threshold, the SmartPath AP sends an alarm to SmartPath EMS.)
|
interface |
Set the CRC error rate, Tx/Rx drop rate, Tx retry rate, and airtime consumption alarm threshold of wifi interfaces
|
crc-error-rate |
Set CRC error rate alarm threshold for the wifi interfaces (Default: 30%)
|
tx-drop-rate |
Set the Tx drop rate alarm threshold for the wifi interfaces (Default: 40%)
|
rx-drop-rate |
Set the Rx drop rate alarm threshold for the wifi interfaces (Default: 40%)
|
tx-retry-rate |
Set the Tx retry rate alarm threshold for the wifi interfaces (Default: 40%)
|
airtime-consumption |
Set the airtime consumption (Tx airtime percentage +
Rx airtime percentage) alarm threshold for the wifi interfaces
(Default: 50%)
|
<number> |
Enter the alarm threshold (Range: 1-100)
|
report statistic enable
|
report |
Set the parameters for gathering traffic statistics and reporting them to SmartPath EMS
|
statistic |
Set the periodic reporting of interface-level and client-level traffic statistics
|
enable |
Enable the creation of traffic statistics reports
|
report statistic period <number>
|
report |
Set the parameters for gathering traffic statistics and reporting them to SmartPath EMS
|
statistic |
Set the periodic reporting of interface-level and client-level traffic statistics
|
period |
Set the time interval for gathering traffic statistics and calculating percentages
|
<number> |
Enter the time interval (Default: 10 minutes; Range: 1-60)
|
reset config [ {bootstrap} ]
|
reset |
Return the configuration to its default settings or the files in a web directory to the default file set
|
config |
Reset the configuration to the factory default settings and reboot
|
bootstrap |
Clear bootstrap configuration
|
reset web-directory [ <string> [ {save-to-flash} ] ]
|
reset |
Return the configuration to its default settings or the files in a web directory to the default file set
|
web-directory |
Reset the files in all web directories, in a specific directory, or in directories referenced by SSIDs to the default file set
|
<string> |
Enter the web directory name to reset files in the directory to the default file set (1-32 characters)
|
save-to-flash |
Save the default set of files in the specified directory to flash memory
|
reset web-directory all-running-ssid
|
reset |
Return the configuration to its default settings or the files in a web directory to the default file set
|
web-directory |
Reset the files in all web directories, in a specific directory, or in directories referenced by SSIDs to the default file set
|
all-running-ssid |
Reset the web directories for all SSIDs to the default file set
|
reset-button reset-config-enable
|
reset-button |
Enable the reset button on the SmartPath AP chassis to reset the SmartPath AP config
|
reset-config-enable |
Enable the reset button to reset the SmartPath AP to
its factory default settings or, if set, to a bootstrap config
(Default: enabled)
|
roaming cache update-interval <number> ageout <number>
|
roaming |
Set roaming parameter
|
cache |
Set the interval between updates and the number of times to update station's roaming cache
|
update-interval |
Set the interval for sending roaming cache updates to neighbors
|
<number> |
Enter the roaming cache update interval in seconds (Default: 60; Range: 10-36000)
|
ageout |
Set how many times an entry must be absent from a neighbors updates before removing it from the roaming cache
|
<number> |
Enter the number of absences required to remove an entry (Default:60; Range: 1-1000)
|
roaming cache-broadcast neighbor-type access enable
|
roaming |
Set roaming parameter
|
cache-broadcast |
Set parameters for broadcasting roaming cache data to cluster neighbors
|
neighbor-type |
Set the type of neighbor to which you want to broadcast roaming cache data
|
access |
Broadcast roaming cache data to cluster neighbors discovered through wireless access links
|
enable |
Enable the broadcasting of roaming cache data to cluster neighbors over wireless access links (Default: Enabled)
|
roaming cache-broadcast neighbor-type backhaul enable
|
roaming |
Set roaming parameter
|
cache-broadcast |
Set parameters for broadcasting roaming cache data to cluster neighbors
|
neighbor-type |
Set the type of neighbor to which you want to broadcast roaming cache data
|
backhaul |
Broadcast roaming cache data to cluster neighbors discovered through Ethernet and wireless backhaul links
|
enable |
Enable the broadcasting of roaming cache data to cluster neighbors over backhaul links (Default: Enabled)
|
roaming hop <number>
|
roaming |
Set roaming parameter
|
hop |
Set the number of SmartPath APs away from the source SmartPath AP to which it sends station authentication information
|
<number> |
Set roaming hop value (Defaule: 1, Range: 0-16)
|
roaming neighbor exclude ip <ip_addr>
|
roaming |
Set roaming parameter
|
neighbor |
Set which SmartPath APs to include or exclude as
neighbors (Maximum number of neighbors is 32) or roaming neighbor
querying parameters
|
exclude |
Exclude dynamic roaming neighbor
|
ip |
Set IP address parameter for static roaming neighbor
|
<ip_addr> |
Enter IP address for static roaming neighbor
|
roaming neighbor include ip <ip_addr> <netmask>
|
roaming |
Set roaming parameter
|
neighbor |
Set which SmartPath APs to include or exclude as
neighbors (Maximum number of neighbors is 32) or roaming neighbor
querying parameters
|
include |
Include dynamic roaming neighbor
|
ip |
Set IP address parameter for static roaming neighbor
|
<ip_addr> |
Enter IP address for static roaming neighbor
|
<netmask> |
Enter netmask for static roaming neighbor
|
roaming neighbor query-interval <number> query-times <number>
|
roaming |
Set roaming parameter
|
neighbor |
Set which SmartPath APs to include or exclude as
neighbors (Maximum number of neighbors is 32) or roaming neighbor
querying parameters
|
query-interval |
Set roaming neighbor query interval
|
<number> |
Enter roaming neighbor query interval (Default: 10 secs; Min: 5; Max: 360000)
|
query-times |
Set roaming neighbor query times
|
<number> |
Enter roaming neighbor query times (Default: 5; Min: 2; Max: 1000)
|
roaming port <number>
|
roaming |
Set roaming parameter
|
port |
Set the port number that cluster members use when sending roaming control data to each other
|
<number> |
Enter the port number for L3 roaming control traffic
(Default: 3000; Range: 1500-65000; Note: The new setting must be at
least 50 more or 50 less than the current setting.)
|
route <mac_addr> outgoing-interface <string> next-hop <mac_addr>
|
route |
Set a MAC address route
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
outgoing-interface |
Set outgoing interface
|
<string> |
Enter interface name
|
next-hop |
Set the MAC address of the next hop in the L2 forwarding route
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
save config <location> bootstrap
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
bootstrap |
Save a configuration to the bootstrap configuration
|
save config <location> current
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
current |
Save a configuration to the current configuration
|
save config <location> current <time> [ <date> ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
current |
Save a configuration to the current configuration
|
<time> |
Enter the time that you want the system to reboot (Format: hh:mm:ss)
|
<date> |
Enter the date that you want the system to reboot (Format: yyyy-mm-dd)
|
save config <location> current now
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
current |
Save a configuration to the current configuration
|
now |
Save the configuration and reboot the system immediately
|
save config <location> current offset <time>
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
current |
Save a configuration to the current configuration
|
offset |
Set a relative time for the system to reboot
|
<time> |
Schedule the system to reboot at a relative time (Maximum: 24 hours from the time you enter the command; Format: hh:mm:ss)
|
save config
<url> bootstrap [ admin <string> password <string>
{basic|digest} ] [ proxy <string> [ proxy-admin <string>
password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
bootstrap |
Save the config file for the SmartPath AP to use as
its bootstrap configuration, which is the one it loads if it fails to
load the current and backup config files or if you enter the 'reset
config' command
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save config
<url> current <time> [ <date> ] [ admin <string>
password <string> {basic|digest} ] [ proxy <string> [
proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
current |
Save the config file for the SmartPath AP to use as its current configuration, which is the one it loads when booting u
|
<time> |
Enter the time that you want the system to reboot (Format: hh:mm:ss)
|
<date> |
Enter the date that you want the system to reboot (Format: yyyy-mm-dd)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save config
<url> current [ {now} ] [ admin <string> password
<string> {basic|digest} ] [ proxy <string> [ proxy-admin
<string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
current |
Save the config file for the SmartPath AP to use as its current configuration, which is the one it loads when booting u
|
now |
Save the configuration and reboot the system immediately
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save config
<url> current offset <time> [ admin <string> password
<string> {basic|digest} ] [ proxy <string> [ proxy-admin
<string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
current |
Save the config file for the SmartPath AP to use as its current configuration, which is the one it loads when booting u
|
offset |
Set a relative time for the system to reboot
|
<time> |
Schedule the system to reboot at a relative time (Maximum: 24 hours from the time you enter the command; Format: hh:mm:ss)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save config [ running current ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
running |
Save a configuration from the running configuration
|
current |
Save a configuration to the current configuration
|
save config bootstrap <location>
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
bootstrap |
Save the bootstrap configuration to a remote server
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
save config current <location>
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
current |
Save the current configuration to a remote server or to the bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
save config current bootstrap
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
current |
Save the current configuration to a remote server or to the bootstrap config
|
bootstrap |
Save a configuration to the bootstrap configuration
|
save config running bootstrap
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
running |
Save a configuration from the running configuration
|
bootstrap |
Save a configuration to the bootstrap configuration
|
save config users [ bootstrap ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
users |
Save private PSK user accounts to the current or bootstrap configuration
|
bootstrap |
Save private PSK user accounts to the bootstrap configuration
|
save config
{current|bootstrap} <url> [ admin <string> password
<string> {basic|digest} ] [ proxy <string> [ proxy-admin
<string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
config |
Save a configuration from the SmartPath AP to a
remote server, from a remote server to the SmartPath AP, or from DRAM to
flash as the current or bootstrap config
|
current |
Save the current configuration to a remote server or to the bootstrap config
|
bootstrap |
Save the bootstrap configuration to a remote server
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save image <location> <time> [ <date> ] [ limit <number> ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
image |
Save a SmartPath OS image to the SmartPath AP
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
<time> |
Enter the time that you want the system to reboot (Format: hh:mm:ss)
|
<date> |
Enter the date that you want the system to reboot (Format: yyyy-mm-dd)
|
limit |
Limit the amount of bandwidth used for uploading the image file
|
<number> |
Enter the bandwidth limit in Kbps (Default: maximum available bandwidth; Range:10 - 1000000)
|
save image <location> [ {now} ] [ limit <number> ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
image |
Save a SmartPath OS image to the SmartPath AP
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
now |
Save the image and reboot the system immediately
|
limit |
Limit the amount of bandwidth used for uploading the image file
|
<number> |
Enter the bandwidth limit in Kbps (Default: maximum available bandwidth; Range:10 - 1000000)
|
save image <location> offset <time> [ limit <number> ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
image |
Save a SmartPath OS image to the SmartPath AP
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
offset |
Set a relative time for the system to reboot
|
<time> |
Schedule the system to reboot at a relative time (Maximum: 24 hours from the time you enter the command; Format: hh:mm:ss)
|
limit |
Limit the amount of bandwidth used for uploading the image file
|
<number> |
Enter the bandwidth limit in Kbps (Default: maximum available bandwidth; Range:10 - 1000000)
|
save image <url>
<time> [ <date> ] [ admin <string> password
<string> {basic|digest} ] [ proxy <string> [ proxy-admin
<string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
image |
Save a SmartPath OS image to the SmartPath AP
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
<time> |
Enter the time that you want the system to reboot (Format: hh:mm:ss)
|
<date> |
Enter the date that you want the system to reboot (Format: yyyy-mm-dd)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save image <url>
[ {now} ] [ admin <string> password <string> {basic|digest}
] [ proxy <string> [ proxy-admin <string> password
<string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
image |
Save a SmartPath OS image to the SmartPath AP
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
now |
Save the image and reboot the system immediately
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save image <url>
offset <time> [ admin <string> password <string>
{basic|digest} ] [ proxy <string> [ proxy-admin <string>
password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
image |
Save a SmartPath OS image to the SmartPath AP
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
offset |
Set a relative time for the system to reboot
|
<time> |
Schedule the system to reboot at a relative time (Maximum: 24 hours from the time you enter the command; Format: hh:mm:ss)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save radius-server-key {radius-server|ldap-client} <location>
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
radius-server-key |
Save certificate files for the local SmartPath AP RADIUS server to use
|
radius-server |
Save certificates that the local SmartPath AP uses when functioning as a RADIUS server
|
ldap-client |
Save certificates that the local SmartPath AP uses when functioning as an LDAP client
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
save radius-server-key
{radius-server|ldap-client} <url> [ admin <string> password
<string> {basic|digest} ] [ proxy <string> [ proxy-admin
<string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
radius-server-key |
Save certificate files for the local SmartPath AP RADIUS server to use
|
radius-server |
Save certificates that the local SmartPath AP uses when functioning as a RADIUS server
|
ldap-client |
Save certificates that the local SmartPath AP uses when functioning as an LDAP client
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save server-files
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
server-files |
Save certificate and private key files used by the
internal web and RADIUS servers and VPN from DRAM to flash memory for
persistent storage after reboots (Note: For security reasons, these
files are saved only in DRAM by default.)
|
save users <location>
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
users |
Save private PSK (preshared key) configurations
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
save users <url>
[ admin <string> password <string> {basic|digest} ] [ proxy
<string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
users |
Save private PSK (preshared key) configurations
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save vpn
{ca-cert|ee-cert|private-key} <url> [ admin <string>
password <string> {basic|digest} ] [ proxy <string> [
proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
vpn |
Save a VPN certificate or private key file
|
ca-cert |
Save a CA (certificate authority) certificate for the SmartPath AP to verify its IKE peer's certificate
|
ee-cert |
Save an end-entity certificate for the SmartPath AP to use when authenticating itself to an IKE peer
|
private-key |
Save the private key for the SmartPath AP to use when creating its RSA signature
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save vpn {ee-cert|private-key|ca-cert} <location>
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
vpn |
Save a VPN certificate or private key file
|
ee-cert |
Save an end-entity certificate for the SmartPath AP to use when authenticating itself to an IKE peer
|
private-key |
Save the private key for the SmartPath AP to use when creating its RSA signature
|
ca-cert |
Save a CA (certificate authority) certificate for the SmartPath AP to verify its IKE peer's certificate
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
save web-page [ ppsk-self-reg ] web-directory <string> <location>
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
web-page |
Save a file for use with the internal web server
|
ppsk-self-reg |
Save a file to the private PSK self-registration web
directory (Note: The SmartPath AP, as a private PSK server, uses these
files to respond to self-registration requests.)
|
web-directory |
Save a file to a specific web directory
|
<string> |
Enter the web directory name
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
save web-page [
ppsk-self-reg ] web-directory <string> <url> [ admin
<string> password <string> {basic|digest} ] [ proxy
<string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
web-page |
Save a file for use with the internal web server
|
ppsk-self-reg |
Save a file to the private PSK self-registration web
directory (Note: The SmartPath AP, as a private PSK server, uses these
files to respond to self-registration requests.)
|
web-directory |
Save a file to a specific web directory
|
<string> |
Enter the web directory name
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save web-server-key <number> <location> [ comment <string> ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
web-server-key |
Save certificate files for the internal web server to use
|
<number> |
Enter key file index for the internal web server (Range : 0-15)
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
comment |
Enter a comment
|
<string> |
Enter a comment (max 64 characters)
|
save web-server-key
<number> <url> [ comment <string> ] [ admin
<string> password <string> {basic|digest} ] [ proxy
<string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
web-server-key |
Save certificate files for the internal web server to use
|
<number> |
Enter key file index for the internal web server (Range : 0-15)
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
comment |
Set a comment about the certificate file
|
<string> |
Enter the comment (1-64 chars)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save {capture} local <string> <location>
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
capture |
ave a packet capture file stored locally to a remote server
|
local |
Save a locally stored packet capture file to a remote server
|
<string> |
Enter the file name to upload to a remote server
|
<location> |
Enter the protocol, SCP user name, location, path,
file name, and SCP port number (Range: 1-256 chars; Default SCP port
number: 22; Format: tftp://location:path/filename,
scp://username@location:path/filename or
scp://username@location:port:path/filename)
|
save {capture} local
<string> <url> [ admin <string> password
<string> {basic|digest} ] [ proxy <string> [ proxy-admin
<string> password <string> ] ]
|
save |
Save a configuration, SmartPath OS image, RADIUS
database, or files used by the internal web, RADIUS servers, or packet
capture tool
|
capture |
ave a packet capture file stored locally to a remote server
|
local |
Save a locally stored packet capture file to a remote server
|
<string> |
Enter the file name to upload to a remote server
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
schedule
<string> once <date> <time> to <date>
<time> [ time-zone <number> ] [ comment <string> ]
|
schedule |
Set a schedule to control the application of user profiles and the availability of SSIDs
|
<string> |
Enter a schedule name (1-32 characters)
|
once |
Set a one-time schedule
|
<date> |
Enter a start date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
<time> |
Enter a start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
to |
Set a date and time range
|
<date> |
Enter an end date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
<time> |
Enter an end time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
time-zone |
Set the time zone for the schedule (Note: If you do not specify a time zone, the time zone for the local system will be used.)
|
<number> |
Enter the time zone for the schedule (Default: 0; Range: -12 to 12)
|
comment |
Write a comment about the schedule for future reference
|
<string> |
Enter a comment about the schedule (max 128 characters)
|
schedule
<string> ppsk once <date> <time> to <date>
<time> [ time-zone <number> ] [ comment <string> ]
|
schedule |
Set a schedule to control the application of user profiles and the availability of SSIDs
|
<string> |
Enter a schedule name (1-32 characters)
|
ppsk |
Set a schedule to determine the validity period for the private PSK users to which the schedule is applied
|
once |
Set a one-time schedule
|
<date> |
Enter a start date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
<time> |
Enter a start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
to |
Set a date and time range
|
<date> |
Enter an end date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
<time> |
Enter an end time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
time-zone |
Set the time zone for the schedule (Note: If you do not specify a time zone, the time zone for the local system will be used.)
|
<number> |
Enter the time zone for the schedule (Default: 0; Range: -12 to 12)
|
comment |
Write a comment about the schedule for future reference
|
<string> |
Enter a comment about the schedule (max 128 characters)
|
schedule
<string> ppsk recurrent [ date-range <date> [ to
<date> ] ] [ weekday <string> ] time-range <time> to
<time> [ time-range <time> to <time> ] [ time-zone
<number> ] [ comment <string> ]
|
schedule |
Set a schedule to control the application of user profiles and the availability of SSIDs
|
<string> |
Enter a schedule name (1-32 characters)
|
ppsk |
Set a schedule to determine the validity period for the private PSK users to which the schedule is applied
|
recurrent |
Set a recurrent schedule
|
date-range |
Set dates to mark the start and end of the schedule (If you do not want to set start and end dates, do not use this option.)
|
<date> |
Enter a start date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
to |
Set a date range (If you do not want to set an end date, do not use this option.)
|
<date> |
Enter a end date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
weekday |
Set the weekdays during which private PSK users are valid
|
<string> |
Enter one or more numbers to indicate which days the
schedule is applied (1=Sunday, 2=Monday, ... 7=Saturday; Examples:
246=Monday, Wednesday, Friday; 23456=Monday-Friday; 1234567=everyday)
|
time-range |
Set a time range during which the schedule will be applied on each scheduled day
|
<time> |
Enter a start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
to |
Set a time range
|
<time> |
Enter a end time for the schedule,(Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
time-range |
Set a second time range for the schedule
|
<time> |
Enter a second start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
to |
Set a time range
|
<time> |
Enter a second end time for the schedule,(Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
time-zone |
Set the time zone for the schedule (Note: If you do not specify a time zone, the time zone for the local system will be used.)
|
<number> |
Enter the time zone for the schedule (Default: 0; Range: -12 to 12)
|
comment |
Write a comment about the schedule for future reference
|
<string> |
Enter a comment about the schedule (max 128 characters)
|
schedule
<string> recurrent [ date-range <date> [ to <date> ] ]
[ weekday-range
{Monday|Tuesday|Wednesday|Thursday|Friday|Saturday|Sunday} [ to
{Monday|Tuesday|Wednesday|Thursday|Friday|Saturday|Sunday} ] ]
time-range <time> to <time> [ time-range <time> to
<time> ] [ time-zone <number> ] [ comment <string> ]
|
schedule |
Set a schedule to control the application of user profiles and the availability of SSIDs
|
<string> |
Enter a schedule name (1-32 characters)
|
recurrent |
Set a recurrent schedule
|
date-range |
Set dates to mark the start and end of the schedule (If you do not want to set start and end dates, do not use this option.)
|
<date> |
Enter a start date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
to |
Set a date range (If you do not want to set an end date, do not use this option.)
|
<date> |
Enter a end date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
weekday-range |
Apply the schedule on specific days of the week (To apply the schedule everyday, do not use this option.)
|
Monday |
Apply the schedule on every Monday within the date range
|
Tuesday |
Apply the schedule on every Tuesday within the date range
|
Wednesday |
Apply the schedule on every Wednesday within the date range
|
Thursday |
Apply the schedule on every Thursday within the date range
|
Friday |
Apply the schedule on every Friday within the date range
|
Saturday |
Apply the schedule on every Saturday within the date range
|
Sunday |
Apply the schedule on every Sunday within the date range
|
to |
Set a range of weekdays during which the schedule will be applied (Example: monday to friday)
|
Monday |
Apply the schedule on every Monday within the date range
|
Tuesday |
Apply the schedule on every Tuesday within the date range
|
Wednesday |
Apply the schedule on every Wednesday within the date range
|
Thursday |
Apply the schedule on every Thursday within the date range
|
Friday |
Apply the schedule on every Friday within the date range
|
Saturday |
Apply the schedule on every Saturday within the date range
|
Sunday |
Apply the schedule on every Sunday within the date range
|
time-range |
Set a time range during which the schedule will be applied on each scheduled day
|
<time> |
Enter a start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
to |
Set a time range
|
<time> |
Enter a end time for the schedule,(Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
time-range |
Set a second time range for the schedule
|
<time> |
Enter a second start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
to |
Set a time range
|
<time> |
Enter a second end time for the schedule,(Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
time-zone |
Set the time zone for the schedule (Note: If you do not specify a time zone, the time zone for the local system will be used.)
|
<number> |
Enter the time zone for the schedule (Default: 0; Range: -12 to 12)
|
comment |
Write a comment about the schedule for future reference
|
<string> |
Enter a comment about the schedule (max 128 characters)
|
security mac-filter <string> address <mac_addr> {permit|deny} [ comment <string> ]
|
security |
Set the security parameters
|
mac-filter |
Set a filter for MAC addresses or OUIs (organizationally unique identifiers)
|
<string> |
Enter the filter name for MAC addresses or OUIs (1-32 chars)
|
address |
Set MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
permit |
Set the action of the specified MAC to permit
|
deny |
Set the action of the specified MAC to deny
|
comment |
Enter a comment
|
<string> |
Enter a comment (max 64 characters)
|
security mac-filter <string> default {permit|deny}
|
security |
Set the security parameters
|
mac-filter |
Set a filter for MAC addresses or OUIs (organizationally unique identifiers)
|
<string> |
Enter the filter name for MAC addresses or OUIs (1-32 chars)
|
default |
Set MAC-filter default action
|
permit |
Set MAC-filter default action to permit (Default: permit)
|
deny |
Set MAC-filter default action to deny (Default: permit)
|
security mac-filter <string> oui <oui> {permit|deny} [ comment <string> ]
|
security |
Set the security parameters
|
mac-filter |
Set a filter for MAC addresses or OUIs (organizationally unique identifiers)
|
<string> |
Enter the filter name for MAC addresses or OUIs (1-32 chars)
|
oui |
Set the OUI used to identify a vendor
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
permit |
Set the action of the specified OUI to permit
|
deny |
Set the action of the specified OUI to deny
|
comment |
Enter a comment
|
<string> |
Enter a comment (max 64 characters)
|
security wlan-idp profile <string>
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
security wlan-idp profile <string> adhoc
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
adhoc |
Detect adhoc networks
|
security wlan-idp profile <string> ap-detection connected
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-detection |
Set attributes to note when detecting APs
|
connected |
Determine that a rogue AP is in the same backhaul
network as the local device if any MAC address within a 64-address range
of the BSSID used by the detected rogue AP appears in the MAC learning
table
|
security wlan-idp profile <string> ap-policy
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
security wlan-idp profile <string> ap-policy ap-oui
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
ap-oui |
Categorize neighboring APs as compliant by OUI (organizationally unique identifier)
|
security wlan-idp profile <string> ap-policy ap-oui entry <oui>
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
ap-oui |
Categorize neighboring APs as compliant by OUI (organizationally unique identifier)
|
entry |
Add an OUI entry
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
security wlan-idp profile <string> ap-policy short-beacon
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
short-beacon |
Categorize neighboring APs as non-compliant if their
beacon transmissions are at shorter intervals than stated in their
beacon frames
|
security wlan-idp profile <string> ap-policy short-preamble
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
short-preamble |
Categorize neighboring APs as compliant if they use short preambles
|
security wlan-idp profile <string> ap-policy ssid
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
ssid |
Categorize neighboring APs as compliant by SSID (service set identifier)
|
security wlan-idp profile <string> ap-policy ssid entry <string>
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
ssid |
Categorize neighboring APs as compliant by SSID (service set identifier)
|
entry |
Add an SSID entry
|
<string> |
Enter an SSID name
|
security wlan-idp profile <string> ap-policy ssid entry <string> encryption
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
ssid |
Categorize neighboring APs as compliant by SSID (service set identifier)
|
entry |
Add an SSID entry
|
<string> |
Enter an SSID name
|
encryption |
Set approved encryption types for the SSID
|
security wlan-idp profile <string> ap-policy ssid entry <string> encryption {open|wep|wpa}
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
ssid |
Categorize neighboring APs as compliant by SSID (service set identifier)
|
entry |
Add an SSID entry
|
<string> |
Enter an SSID name
|
encryption |
Set approved encryption types for the SSID
|
open |
Categorize a neighboring AP as compliant if its SSID uses open (Default: open)
|
wep |
Categorize a neighboring AP as compliant if its SSID uses wep (Default: open)
|
wpa |
Categorize a neighboring AP as compliant if its SSID uses wpa (Default: open)
|
security wlan-idp profile <string> ap-policy wmm
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
ap-policy |
Set an AP policy for the IDP profile
|
wmm |
Categorize neighboring APs as compliant if they apply WMM (Wi-Fi Multimedia) classifications
|
security wlan-idp profile <string> mitigate deauth-time <number>
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
mitigate |
Set rogue AP and client mitigation parameters for the IDP profile
|
deauth-time |
Set the number of consecutive periods that the
SmartPath AP sends deauth frames to mitigate clients of a rogue AP after
detecting client activity
|
<number> |
Enter the number of consecutive rogue AP and client
mitigation periods (Default: 60; Range: 0-2592000; 0 means to send
deauth frames for the entire mitigation duration)
|
security wlan-idp profile <string> mitigate duration <number> quiet-time <number>
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
mitigate |
Set rogue AP and client mitigation parameters for the IDP profile
|
duration |
Set the overall duration for detecting clients of a rogue AP and performing deauth DoS attacks against the AP and its clients
|
<number> |
Enter the duration in seconds (Default: 14400 secs; Range: 0 or 60-2592000; 0 secs means infinite)
|
quiet-time |
Set the period of time after which the mitigation process stops if no clients are connected to the rogue AP
|
<number> |
Enter the quiet time in seconds (Default: 3600 secs;
Range: 0 or 60-2592000; 0 means that the quiet time is the same length
as the mitigation duration)
|
security wlan-idp profile <string> mitigate period <number>
|
security |
Set the security parameters
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Set an IDP profile
|
<string> |
Enter an IDP profile name (1-32 chars)
|
mitigate |
Set rogue AP and client mitigation parameters for the IDP profile
|
period |
Set the interval to check periodically for clients
of a rogue AP and--if found--send deauth DoS attacks against the AP and
clients
|
<number> |
Enter the period in seconds (Default: 1 secs; Range: 1-600)
|
security-object <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security-object <string> default-user-profile-attr <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
default-user-profile-attr |
Set the attribute of the user profile to apply to user traffic by default
|
<number> |
Enter the default user profile attribute for the security object (Default: 0; Range: 0-4095)
|
security-object <string> dhcp-server lease-time <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
dhcp-server |
Set DHCP-server parameters
|
lease-time |
Set the lease time
|
<number> |
Enter the lease time in seconds (Default: 10; Range: 5-36000)
|
security-object <string> dhcp-server renewal-response {renew-nak-unicast|keep-silent}
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
dhcp-server |
Set DHCP-server parameters
|
renewal-response |
Set the response to a DHCP lease renewal request for a nonexistent lease
|
renew-nak-unicast |
Respond to a DHCP lease renewal request for a
nonexistent lease with a unicast DHCP-NAK message (Default: Broadcast a
DHCP-NAK message)
|
keep-silent |
Do not respond to a DHCP lease renewal request for a nonexistent lease (Default: Broadcast a DHCP-NAK message)
|
security-object <string> mobile-device-policy <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
mobile-device-policy |
Set a policy that assigns a user profile to traffic
from a client based on the originally assigned user profile and the MAC
OUI, domain, and OS of the user's client
|
<string> |
Enter a mobile device policy name (1-32 chars)
|
security-object <string> ppsk-web-server auth-user
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
ppsk-web-server |
Set parameters for redirecting HTTP or HTTPS traffic to the SmartPath AP hosting a private PSK web server
|
auth-user |
Send credentials submitted by users during private
PSK self-registration to a RADIUS server for authentication before
issuing private PSKs to them
|
security-object <string> ppsk-web-server bind-to-ppsk-ssid <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
ppsk-web-server |
Set parameters for redirecting HTTP or HTTPS traffic to the SmartPath AP hosting a private PSK web server
|
bind-to-ppsk-ssid |
Bind the SSID referencing this security object,
which must be set with open authentication and an external captive web
portal, to an SSID using private PSKs so the PSKs can be assigned to
users automatically
|
<string> |
Enter the name of the SSID using private PSK authentication (1-32 chars)
|
security-object <string> ppsk-web-server https
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
ppsk-web-server |
Set parameters for redirecting HTTP or HTTPS traffic to the SmartPath AP hosting a private PSK web server
|
https |
Use HTTPS for redirection from the private PSK authenticator to the private PSK server (Default: HTTP)
|
security-object <string> ppsk-web-server login-page <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
ppsk-web-server |
Set parameters for redirecting HTTP or HTTPS traffic to the SmartPath AP hosting a private PSK web server
|
login-page |
Specify the .cgi file on the private PSK web server through which the user registers (Default: ppsk-index.cgi)
|
<string> |
Enter the .cgi file name for the registration page (1-32 chars; Note: The file name cannot be index.cgi.)
|
security-object <string> ppsk-web-server login-script <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
ppsk-web-server |
Set parameters for redirecting HTTP or HTTPS traffic to the SmartPath AP hosting a private PSK web server
|
login-script |
Specify the .cgi file that the private PSK web server uses for processing user registration requests (Default: ppsk-login.cgi)
|
<string> |
Enter the script name (1-32 chars)
|
security-object <string> ppsk-web-server web-directory <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
ppsk-web-server |
Set parameters for redirecting HTTP or HTTPS traffic to the SmartPath AP hosting a private PSK web server
|
web-directory |
Set the name of the web directory containing the login page and script files that the private PSK web server uses
|
<string> |
Enter the web directory name (1-32 chars)
|
security-object <string> security aaa radius-server account-interim-interval <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
account-interim-interval |
Set the interval in seconds for sending RADIUS accounting updates
|
<number> |
Enter the interval in seconds for sending RADIUS accounting updates (Default: 20 secs; Range: 10-100000000)
|
security-object
<string> security aaa radius-server accounting
{primary|backup1|backup2|backup3} <ip_addr|string> [ shared-secret
<string> ] [ acct-port <number> ] [ via-vpn-tunnel ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
accounting |
Set parameters for a RADIUS accounting server
|
primary |
Set the RADIUS accounting server to which the SmartPath AP sends Accounting-Request packets first
|
backup1 |
Set the RADIUS accounting server to which the
SmartPath AP sends Accounting-Request packets if the primary server does
not respond
|
backup2 |
Set the RADIUS accounting server to which the
SmartPath AP sends Accounting-Request packets if the backup1 server does
not respond
|
backup3 |
Set the RADIUS accounting server to which the
SmartPath AP sends Accounting-Request packets if the backup2 server does
not respond
|
<ip_addr> |
Enter the IP address or domain name for the RADIUS accounting server (max 32 chars)
|
<string> |
Enter the IP address or domain name for the RADIUS accounting server (max 32 chars)
|
shared-secret |
Set the shared secret for securing communications with RADIUS accounting servers
|
<string> |
Enter the shared secret (1-64 chars)
|
acct-port |
Set the RADIUS accounting port number
|
<number> |
Enter the RADIUS accounting port number (Default: 1813; Range: 1-65535)
|
via-vpn-tunnel |
Send all RADIUS traffic through a VPN tunnel (Note:
Set this option on VPN clients when the RADIUS server is in a different
subnet from the tunnel interface. When they are in the same subnet,
tunneling is automatic.)
|
security-object <string> security aaa radius-server dynamic-auth-extension
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
dynamic-auth-extension |
Enable the SmartPath AP acting as a NAS to accept
unsolicited messages from the RADIUS authentication server (Default:
Disabled)
|
security-object <string> security aaa radius-server retry-interval <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
retry-interval |
Set RADIUS server retry interval
|
<number> |
Enter RADIUS server retry interval (Default: 600 secs; Range: 60-100000000)
|
security-object
<string> security aaa radius-server
{primary|backup1|backup2|backup3} <ip_addr|string> [ shared-secret
<string> ] [ auth-port <number> ] [ acct-port
<number> ] [ via-vpn-tunnel ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
primary |
Set the RADIUS server that is first queried when authenticating users
|
backup1 |
Set the RADIUS server that is queried if the primary server stops responding
|
backup2 |
Set the RADIUS server that is queried if the backup1 server stops responding
|
backup3 |
Set the RADIUS server that is queried if the backup2 server stops responding
|
<ip_addr> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
<string> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
shared-secret |
Set the shared secret for authenticating communications with a RADIUS server
|
<string> |
Enter the shared secret for authenticating communications with a RADIUS server (1-64 chars)
|
auth-port |
Set the RADIUS authentication port number
|
<number> |
Enter the RADIUS authentication port number (Default: 1812; Range: 1-65535)
|
acct-port |
Set the RADIUS accounting port number
|
<number> |
Enter the RADIUS accounting port number (Default: 0; Range: 0-65535)
|
via-vpn-tunnel |
Send all RADIUS traffic through a VPN tunnel (Note:
Set this option on VPN clients when the RADIUS server is in a different
subnet from the tunnel interface. When they are in the same subnet,
tunneling is automatic.)
|
security-object
<string> security additional-auth-method captive-web-portal [
reg-user-profile-attr <number> ] [ auth-user-profile-attr
<number> ] [ timeout <number> ] [ timer-display ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
reg-user-profile-attr |
Set the registered user profile attribute
|
<number> |
Enter the registered user profile attribute (Default: 0; Range: 0-4095)
|
auth-user-profile-attr |
Set the default authenticated user profile
|
<number> |
Enter the default authenticated user profile (Default: 0; Range: 0-4095)
|
timeout |
Set the default timeout for a registered user's
session (Note: A timeout provided by an external authentication server
overrides this setting.)
|
<number> |
Enter the timeout in minutes (Default: 720 mins; Range: 1-120960)
|
timer-display |
Enable timer-display windows to communicate login and session information
|
security-object <string> security additional-auth-method captive-web-portal auth-method [ {pap|chap|ms-chap-v2} ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
auth-method |
Set the CWP (captive web portal) user authentication method
|
pap |
Set PAP (Password Authentication Protocol) as the
method for sending authentication requests between the SmartPath AP and
RADIUS server (Default: PAP)
|
chap |
Set CHAP (Challenge-Handshake Authentication
Protocol) as the method for sending authentication requests between the
SmartPath AP and RADIUS server (Default: PAP)
|
ms-chap-v2 |
Set MS-CHAP-v2 (Microsoft CHAP Version 2) as the
method for sending authentication requests between the SmartPath AP and
RADIUS server (Default: PAP)
|
security-object
<string> security additional-auth-method captive-web-portal
external-server {primary} login-page <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
external-server |
Set parameters for the primary or backup external captive web portal server
|
primary |
Set parameters for the primary external captive web portal server
|
login-page |
Set the login page to which the SmartPath AP redirects traffic from unregistered users
|
<string> |
Enter the login page URL (1-256 chars; Format: http:///.php/; Example: http://10.1.1.20/weblogin.php/5)
|
security-object
<string> security additional-auth-method captive-web-portal
external-server {primary} password-encryption uam-basic
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
external-server |
Set parameters for the primary or backup external captive web portal server
|
primary |
Set parameters for the primary external captive web portal server
|
password-encryption |
Set the method for encrypting the user password that the SmartPath AP forwards to the RADIUS server
|
uam-basic |
Set the encryption method as UAM (User
Authentication Module)-Basic (Note: The SmartPath AP uses XOR to recover
the password encrypted by the external CWP and sends it to the RADIUS
server. PAP, CHAP, or MSCHAPv2 can be used. Default: No encryption)
|
security-object
<string> security additional-auth-method captive-web-portal
external-server {primary} password-encryption uam-shared <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
external-server |
Set parameters for the primary or backup external captive web portal server
|
primary |
Set parameters for the primary external captive web portal server
|
password-encryption |
Set the method for encrypting the user password that the SmartPath AP forwards to the RADIUS server
|
uam-shared |
Set the encryption method as UAM-Shared (Note: The
SmartPath AP sends the user password encrypted by the external CWP and
the means for the RADIUS server to perform the same operation and
validate the user's password by comparing results. CHAP must be used.
Default: No encryption)
|
<string> |
Enter the shared secret (1-128 chars)
|
security-object
<string> security additional-auth-method captive-web-portal
external-server {primary}
{success-register|no-roaming-at-login|no-radius-auth}
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
external-server |
Set parameters for the primary or backup external captive web portal server
|
primary |
Set parameters for the primary external captive web portal server
|
success-register |
Permit network access without first disconnecting
the client after it registers on the external captive web portal
(Default: Permit network access only after an initial client
disconnection)
|
no-roaming-at-login |
Disable roaming support for clients while they log in (Default: Enabled)
|
no-radius-auth |
Disable RADIUS authentication when the external
captive web portal returns an attribute indicating that the user has
already been authenticated
|
security-object
<string> security additional-auth-method captive-web-portal
failure-redirect external-page <string> [ delay <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
failure-redirect |
Set options for the page shown to a user after an unsuccessful registration attempt
|
external-page |
Display a page stored on an external web server that indicates the login attempt was unsuccessful
|
<string> |
Enter the URL for the page on the external web server (1-256 chars; Format: http:///.html or https: ///.html)
|
delay |
Set the length of time to display a message that the registration succeeded before redirecting the user to an external web page
|
<number> |
Enter the length of time in seconds that the SmartPath AP displays the message (Default: 5; Range: 5-60)
|
security-object
<string> security additional-auth-method captive-web-portal
failure-redirect login-page [ delay <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
failure-redirect |
Set options for the page shown to a user after an unsuccessful registration attempt
|
login-page |
Display the login page again
|
delay |
Set the length of time to display a message that the registration succeeded before redirecting the user to an external web page
|
<number> |
Enter the length of time that the SmartPath AP displays the message (Default: 5 seconds; Range: 5-60 seconds)
|
security-object
<string> security additional-auth-method captive-web-portal
internal-pages {no-success-page|no-failure-page}
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
internal-pages |
Set options for showing pages stored internally on the SmartPath AP
|
no-success-page |
Do not display the success page stored on the SmartPath AP when a registration attempt is successful (Default: Display)
|
no-failure-page |
Do not display the failure page stored on the SmartPath AP when a registration attempt is unsuccessful (Default: Display)
|
security-object <string> security additional-auth-method captive-web-portal internal-servers
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
internal-servers |
Enable internal servers to process unregistered users' DHCP and DNS traffic
|
security-object <string> security additional-auth-method captive-web-portal login-page-method http302
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
login-page-method |
Set the method to redirect the user to the login page
|
http302 |
Use HTTP 302 redirect code as the redirection method (Default: JavaScript)
|
security-object <string> security additional-auth-method captive-web-portal pass-through vlan <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
pass-through |
Set the captive web portal to pass DHCP, DNS, and ICMP traffic from unregistered users to external servers
|
vlan |
Set the VLAN ID to assign users before and after
registration (Note: This setting overrides any VLAN ID set locally or
received from a RADIUS server.)
|
<number> |
Enter a CWP VLAN ID (Range: 1-4094)
|
security-object <string> security additional-auth-method captive-web-portal process-sip-info
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
process-sip-info |
Enable the captive web portal to process library SIP information (Default: Enabled)
|
security-object
<string> security additional-auth-method captive-web-portal
process-sip-info block-redirect <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
process-sip-info |
Enable the captive web portal to process library SIP information (Default: Enabled)
|
block-redirect |
Set the page that appears when a library patron logs in but is denied network access because of overdue fines
|
<string> |
Enter the URL for the page to which the patron is redirected to submit payment (Max 256 chars; Format: http:///.html or https: ///.html)
|
security-object <string> security additional-auth-method captive-web-portal server-name <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
server-name |
Set a domain name for the local web server (Default
server name: IP address of the interface on which the captive web portal
will operate; Note: The authoritative DNS server must be configured to
resolve this domain name to the interface IP address.)
|
<string> |
Enter the domain name for the web server (1-32 chars)
|
security-object <string> security additional-auth-method captive-web-portal server-name cert-dn
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
server-name |
Set a domain name for the local web server (Default
server name: IP address of the interface on which the captive web portal
will operate; Note: The authoritative DNS server must be configured to
resolve this domain name to the interface IP address.)
|
cert-dn |
Set the same domain name as the CN value in the
certificate that the captive web portal uses for HTTPS (Note: The CN
must be a valid domain name that can be resolved to the IP address of
the interface hosting the portal. The CN max length is 32 chars.)
|
security-object
<string> security additional-auth-method captive-web-portal
success-redirect external-page <string> [ delay <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
success-redirect |
Set options for displaying the page shown to a user after a successful registration
|
external-page |
Display a page stored on an external web server
|
<string> |
Enter the URL for the page on the external web server (1-256 chars; Format: http:///.html or https: ///.html)
|
delay |
Set the length of time to display a message that the registration succeeded before redirecting the user to an external web page
|
<number> |
Enter the length of time in seconds that the SmartPath AP displays the message (Default: 5; Range: 5-60)
|
security-object
<string> security additional-auth-method captive-web-portal
success-redirect original-page [ delay <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
success-redirect |
Set options for displaying the page shown to a user after a successful registration
|
original-page |
Display the original page that the user requested
|
delay |
Set the length of time to display a message that the registration succeeded before redirecting the user to an external web page
|
<number> |
Enter the length of time that the SmartPath AP displays the message (Default: 5 seconds; Range: 5-60 seconds)
|
security-object <string> security additional-auth-method captive-web-portal timer-display alert <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
captive-web-portal |
Set a captive web portal for additional user authentication or registration
|
timer-display |
Enable timer-display windows to communicate login and session information
|
alert |
Notify users when their session is about to expire
|
<number> |
Enter the interval before the session expires in minutes (Default: 5 mins; Range: 1-30)
|
security-object <string> security additional-auth-method mac-based-auth [ {auth-method} {pap|chap|ms-chap-v2} ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
mac-based-auth |
Use client MAC addresses as user names and passwords for RADIUS authentication (Default: Disabled)
|
auth-method |
Set user authentication method
|
pap |
Set PAP (Password Authentication Protocol) as the
method for sending authentication requests between the SmartPath AP and
RADIUS server (Default: PAP)
|
chap |
Set CHAP (Challenge-Handshake Authentication
Protocol) as the method for sending authentication requests between the
SmartPath AP and RADIUS server (Default: PAP)
|
ms-chap-v2 |
Set MS-CHAP-v2 (Microsoft CHAP Version 2) as the
method for sending authentication requests between the SmartPath AP and
RADIUS server (Default: PAP)
|
security-object <string> security additional-auth-method mac-based-auth fallback-to-ecwp
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
additional-auth-method |
Set an additional authentication method in addition to the one in the security protocol suite
|
mac-based-auth |
Use client MAC addresses as user names and passwords for RADIUS authentication (Default: Disabled)
|
fallback-to-ecwp |
Redirect HTTP/HTTPS traffic to an external captive web portal if MAC-based authentication fails on the RADIUS server
|
security-object <string> security eap retries <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
eap |
Set parameters for exchanging EAP packets during 802.1X authentication
|
retries |
Set the number of times that the SmartPath AP will resend an EAP packet when it receives no response from a client
|
<number> |
Enter the number of retries (Default: 3; Range: 1-5)
|
security-object <string> security eap timeout <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
eap |
Set parameters for exchanging EAP packets during 802.1X authentication
|
timeout |
Set the interval that the SmartPath AP waits for a client to respond before resending an EAP packet
|
<number> |
Enter the EAP timeout in seconds (Default: 30; Range: 5-300)
|
security-object <string> security local-cache timeout <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
local-cache |
Set parameters for storing PMK (pairwise master key) entries in the local cache
|
timeout |
Set the length of time to keep PMK entries before deleting them
|
<number> |
Enter the timeout in seconds (Default: 86400; that is, 1 day; Range: 60-604800; that is, 1 minute to 7 days)
|
security-object <string> security preauth [ interface <ethx|wifix.y> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
preauth |
Set an interface to accept pre-authenticated 802.1X frames for fast roaming
|
interface |
Set an interface to accept pre-authenticated 802.1X frames for fast roaming
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
security-object <string> security private-psk
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
private-psk |
Set the parameters for creating individual user PSKs (preshared keys)
|
security-object <string> security private-psk default-psk-disabled
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
private-psk |
Set the parameters for creating individual user PSKs (preshared keys)
|
default-psk-disabled |
Disable the default PSK (Default: Enabled)
|
security-object <string> security private-psk mac-binding-enable
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
private-psk |
Set the parameters for creating individual user PSKs (preshared keys)
|
mac-binding-enable |
Enable the automatic binding of a private PSK to a MAC address (Default: Disabled)
|
security-object <string> security private-psk ppsk-server <ip_addr>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
private-psk |
Set the parameters for creating individual user PSKs (preshared keys)
|
ppsk-server |
Set the SmartPath AP private PSK server to which
other cluster members redirect users to self-register and receive
private PSK assignments automatically
|
<ip_addr> |
Enter the mgt0 IP address of the SmartPath AP private PSK server
|
security-object <string> security private-psk radius-auth [ {pap|chap|ms-chap-v2} ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
private-psk |
Set the parameters for creating individual user PSKs (preshared keys)
|
radius-auth |
Enable the SmartPath AP to forward authentication
checks for private PSKs to an external RADIUS server and set the method
for authenticating communications with it (Default: disabled)
|
pap |
Set PAP (Password Authentication Protocol) as the
method for sending authentication requests between the SmartPath AP and
RADIUS server (Default: PAP)
|
chap |
Set CHAP (Challenge-Handshake Authentication
Protocol) as the method for sending authentication requests between the
SmartPath AP and RADIUS server (Default: PAP)
|
ms-chap-v2 |
Set MS-CHAP-v2 (Microsoft CHAP Version 2) as the
method for sending authentication requests between the SmartPath AP and
RADIUS server (Default: PAP)
|
security-object <string> security private-psk same-user-limit <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
private-psk |
Set the parameters for creating individual user PSKs (preshared keys)
|
same-user-limit |
Set a limit for the number of private PSK users that can be authenticated with the same user name and PSK concurrently
|
<number> |
Enter the maximum number of private PSK users that
can use the same user name and PSK concurrently (Default: 0, which means
there is no limit; Range: 0-15)
|
security-object <string> security protocol-suite open
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
open |
Set network access as 'open', meaning that user traffic is neither authenticated nor encrypted
|
security-object <string> security protocol-suite wep-open <number> {hex-key|ascii-key} <string> [ default ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wep-open |
Set the security protocol suite as preshared-key key management, WEP40/WEP104 encryption, and open authentication
|
<number> |
Enter the index to identify one of 4 possible WEP keys (Default: 0; Range: 0-3)
|
hex-key |
Set key type to hex-key
|
ascii-key |
Set key type to ascii-key
|
<string> |
Enter key value (ascii-key: a 5(WEP40)/13(WEP104) characters key; hex-key: a 10(WEP40)/26(WEP104) digit hex key)
|
default |
Set the current key as the default WEP key
|
security-object
<string> security protocol-suite wep-shared <number>
{hex-key|ascii-key} <string> [ default ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wep-shared |
Set the security protocol suite as preshared-key key management, WEP40/WEP104 encryption, and preshared-key authentication
|
<number> |
Enter the index to identify one of 4 possible WEP keys (Range: 0-3)
|
hex-key |
Set key type to hex-key
|
ascii-key |
Set key type to ascii-key
|
<string> |
Enter key value (ascii-key: a 5(WEP40)/13(WEP104) characters key; hex-key: a 10(WEP40)/26(WEP104) digit hex key)
|
default |
Set the current key as the default WEP key
|
security-object <string> security protocol-suite wep104-8021x [ rekey-period <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wep104-8021x |
Set the security protocol suite as 104-bit WEP encryption and EAP (802.1x) authentication
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period after which a new group temporary key replaces current one (Default: 600secs; Min: 600; Max: 50000000)
|
security-object <string> security protocol-suite wep40-8021x [ rekey-period <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wep40-8021x |
Set the security protocol suite as 40-bit WEP encryption and EAP (802.1x) authentication
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period after which a new group temporary key replaces current one (Default: 600secs; Min: 600; Max: 50000000)
|
security-object
<string> security protocol-suite wpa-aes-8021x [ rekey-period
<number> ] [ {non-strict|strict} ] [ gmk-rekey-period
<number> ] [ ptk-timeout <number> ] [ ptk-retry
<number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ ptk-rekey-period <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-aes-8021x |
Set the security protocol suite as WPA-EAP (802.1x) key management, AES-CCMP encryption, and EAP (802.1x) authentication
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period in seconds after which a new group
temporary key replaces the current one (Default: 0; Range: 0 or
600-50000000, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval in seconds for rekeying GMK (Group Master Key; Default: 0; Range: 0 or 600-50000000, where 0 means disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite wpa-aes-psk {hex-key|ascii-key}
<string> [ rekey-period <number> ] [ {non-strict|strict} ] [
gmk-rekey-period <number> ] [ ptk-timeout <number> ] [
ptk-retry <number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ ptk-rekey-period <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-aes-psk |
Set the security protocol suite as WPA-PSK (preshared key) key management, AES-CCMP encryption, and open authentication
|
hex-key |
Set key type to hex-key
|
ascii-key |
Set key type to ascii-key
|
<string> |
Enter key value (ascii-key (8-63 chars); hex-key (64 hex digits))
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period in seconds after which a new group
temporary key replaces the current one (Default: 0; Range: 0 or
600-50000000, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval for rekeying GMK (Group Master
Key; Default: Disabled; Range: 0 or 600-50000000 Seconds, where 0 means
disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite wpa-auto-8021x [ rekey-period
<number> ] [ {non-strict|strict} ] [ gmk-rekey-period
<number> ] [ ptk-timeout <number> ] [ ptk-retry
<number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ roaming proactive-pmkid-response ] [ ptk-rekey-period
<number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-auto-8021x |
Set security protocol suite as WPA-/WPA2-EAP (802.1x) key management, TKIP/AES-CCMP encryption, and EAP (802.1x) authentication
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period in seconds after which a new group
temporary key replaces the current one (Default: 0; Range: 0 or
600-50000000, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval in seconds for rekeying GMK (Group Master Key; Default: 0; Range: 0 or 600-50000000, where 0 means disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
roaming |
Set roaming parameters for the protocol suite
|
proactive-pmkid-response |
Respond to a client sending an empty PMK (Pairwise Master Key) ID list with a cached PMK ID (Default: Disabled)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite wpa-auto-psk {hex-key|ascii-key}
<string> [ rekey-period <number> ] [ {non-strict|strict} ] [
gmk-rekey-period <number> ] [ ptk-timeout <number> ] [
ptk-retry <number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ ptk-rekey-period <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-auto-psk |
Set security protocol suite as WPA-/WPA2-PSK (preshared key) key management, TKIP or AES-CCMP encryption, open authentication
|
hex-key |
Set key type to hex-key
|
ascii-key |
Set key type to ascii-key
|
<string> |
Enter key value (ascii-key (8-63 chars); hex-key (64 hex digits))
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period in seconds after which a new group
temporary key replaces the current one (Default: 0; Range: 0 or
600-50000000, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval for rekeying GMK (Group Master Key; Default: 0; Range: 0 or 600-50000000 Seconds, where 0 means disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite wpa-tkip-8021x [ rekey-period
<number> ] [ {non-strict|strict} ] [ gmk-rekey-period
<number> ] [ ptk-timeout <number> ] [ ptk-retry
<number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ ptk-rekey-period <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-tkip-8021x |
Set the security protocol suite as WPA-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
rekey-period |
Set the period after which a new group temporarey key replaces the current one
|
<number> |
Enter the period in seconds after which a new group
temporary key replaces the current one (Default: 0; Range: 0 or
600-50000000, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval for rekeying GMK (Group Master Key; Default: 0; Range: 0 or 600-50000000 Seconds, where 0 means disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite wpa-tkip-psk {hex-key|ascii-key}
<string> [ rekey-period <number> ] [ {non-strict|strict} ] [
gmk-rekey-period <number> ] [ ptk-timeout <number> ] [
ptk-retry <number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ ptk-rekey-period <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-tkip-psk |
Set the security protocol suite as WPA-PSK (preshared key) key management, TKIP encryption, and open authentication
|
hex-key |
Set key type to hex-key
|
ascii-key |
Set key type to ascii-key
|
<string> |
Enter key value (ascii-key (8-63 chars); hex-key (64 hex digits))
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period in seconds after which a new group
temporary key replaces the current one (Default: 0; Range: 0 or
600-50000000, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval in seconds for rekeying GMK (Group Master Key; Default: 0; Range: 0 or 600-50000000, where 0 means disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite wpa2-aes-8021x [ rekey-period
<number> ] [ {non-strict|strict} ] [ gmk-rekey-period
<number> ] [ ptk-timeout <number> ] [ ptk-retry
<number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ roaming proactive-pmkid-response ] [ ptk-rekey-period
<number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa2-aes-8021x |
Set the security protocol suite as WPA2-EAP (802.1x) key management, AES-CCMP encryption, and EAP (802.1x) authentication
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period in seconds after which a new group
temporary key replaces the current one (Default: 0; Range: 0 or
600-50000000, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval in seconds for rekeying GMK (Group Master Key; Default: 0; Range: 0 or 600-Seconds, where 0 means disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
roaming |
Set roaming parameters for the protocol suite
|
proactive-pmkid-response |
Respond to a client sending an empty PMK (Pairwise Master Key) ID list with a cached PMK ID (Default: disabled)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite wpa2-aes-psk {hex-key|ascii-key}
<string> [ rekey-period <number> ] [ {non-strict|strict} ] [
gmk-rekey-period <number> ] [ ptk-timeout <number> ] [
ptk-retry <number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ ptk-rekey-period <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa2-aes-psk |
Set the security protocol suite as WPA2-PSK (preshared key) key management, AES-CCMP encryption, and open authentication
|
hex-key |
Set key type to hex-key
|
ascii-key |
Set key type to ascii-key
|
<string> |
Enter key value (ascii-key (8-63 chars); hex-key (64 hex digits))
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period after which a new group temporary
key replaces the current one (Default: 0; Range: 0 or 600-50000000
Seconds, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval for rekeying GMK (Group Master Key; Default: 0; Range: 0 or 600-50000000 Seconds, where 0 means disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite wpa2-tkip-8021x [ rekey-period
<number> ] [ {non-strict|strict} ] [ gmk-rekey-period
<number> ] [ ptk-timeout <number> ] [ ptk-retry
<number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ roaming proactive-pmkid-response ] [ ptk-rekey-period
<number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa2-tkip-8021x |
Set the security protocol suite as WPA2-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period in seconds after which a new group
temporary key replaces the current one (Default: 0; Range: 0 or
600-50000000, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval for rekeying GMK (Group Master Key; Default: 0; Range: 0 or 600-50000000 Seconds, where 0 means disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
roaming |
Set roaming parameters for the protocol suite
|
proactive-pmkid-response |
Respond to a client sending an empty PMK (Pairwise Master Key) ID list with a cached PMK ID (Default: Disabled)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite wpa2-tkip-psk {hex-key|ascii-key}
<string> [ rekey-period <number> ] [ {non-strict|strict} ] [
gmk-rekey-period <number> ] [ ptk-timeout <number> ] [
ptk-retry <number> ] [ gtk-timeout <number> ] [ gtk-retry
<number> ] [ ptk-rekey-period <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa2-tkip-psk |
Set the security protocol suite as WPA2-PSK (preshared key) key management, TKIP encryption, and open authentication
|
hex-key |
Enter key type hex-key
|
ascii-key |
Enter key type ascii-key
|
<string> |
Enter key value (ascii-key (8-63 chars); hex-key (64 hex digits))
|
rekey-period |
Set the period after which a new group temporary key replaces the current one
|
<number> |
Enter the period in seconds after which a new group
temporary key replaces the current one (Default: 0; Range: 0 or
600-50000000, where 0 means disabled)
|
non-strict |
Refresh the GTK whenever the rekey period elapses, regardless of whether any clients disassociate (Default: non-strict)
|
strict |
Refresh the GTK whenever a client to which the
security object settings are applied disconnects from the SmartPath AP
(Default: non-strict)
|
gmk-rekey-period |
Set GMK (Group Master Key) rekey period
|
<number> |
Enter the interval for rekeying GMK (Group Master Key; Default: 0; Range: 0 or 600-50000000 Seconds, where 0 means disabled)
|
ptk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 4-way handshake in which they derive a PTK
(pairwise transient key) for encrypting and decrypting unicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
ptk-retry |
Set the maximum number of times the SmartPath AP will retry sending PTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
gtk-timeout |
Set the interval that the SmartPath AP waits for
client replies during the 2-way handshake in which the SmartPath AP
sends a GTK (group transient key) to the client for encrypting and
decrypting multicast traffic
|
<number> |
Enter the timeout in milliseconds (Default: 4000 milliseconds; Range: 100-8000)
|
gtk-retry |
Set the maximum number of times the SmartPath AP will retry sending GTK messages
|
<number> |
Enter the maximum number of retries (Default: 3; Range: 1-10)
|
ptk-rekey-period |
Set the period after which a new PTK (pairwise transient key) replaces the current one
|
<number> |
Enter the period in seconds after which a new PTK
(pairwise transient key) replaces the current one (Default: 0; Range: 0
or 10-50000000, where 0 means disabled)
|
security-object
<string> security protocol-suite
{wpa-auto-8021x|wpa-tkip-8021x|wpa2-tkip-8021x|wpa-aes-8021x|wpa2-aes-8021x}
reauth-interval <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-auto-8021x |
Set security protocol suite as WPA-/WPA2-EAP (802.1x) key management, TKIP/AES-CCMP encryption, and EAP (802.1x) authentication
|
wpa-tkip-8021x |
Set the security protocol suite as WPA-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
wpa2-tkip-8021x |
Set the security protocol suite as WPA2-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
wpa-aes-8021x |
Set the security protocol suite as WPA-EAP (802.1x) key management, AES-CCMP encryption, and EAP (802.1x) authentication
|
wpa2-aes-8021x |
Set the security protocol suite as WPA2-EAP (802.1x) key management, AES-CCMP encryption, and EAP (802.1x) authentication
|
reauth-interval |
Set the default interval for reauthenticating users
|
<number> |
Enter the default reauth interval in seconds (Default: Disabled; Range: 600-86400)
|
security-object
<string> security protocol-suite
{wpa-auto-8021x|wpa-tkip-8021x|wpa2-tkip-8021x|wpa-auto-psk|wpa-tkip-psk|wpa2-tkip-psk|wpa-aes-psk|wpa2-aes-psk|wpa-aes-8021x|wpa2-aes-8021x}
replay-window <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-auto-8021x |
Set security protocol suite as WPA-/WPA2-EAP (802.1x) key management, TKIP/AES-CCMP encryption, and EAP (802.1x) authentication
|
wpa-tkip-8021x |
Set the security protocol suite as WPA-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
wpa2-tkip-8021x |
Set the security protocol suite as WPA2-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
wpa-auto-psk |
Set security protocol suite as WPA-/WPA2-PSK (preshared key) key management, TKIP or AES-CCMP encryption, open authentication
|
wpa-tkip-psk |
Set the security protocol suite as WPA-PSK (preshared key) key management, TKIP encryption, and open authentication
|
wpa2-tkip-psk |
Set the security protocol suite as WPA2-PSK (preshared key) key management, TKIP encryption, and open authentication
|
wpa-aes-psk |
Set the security protocol suite as WPA-PSK (preshared key) key management, AES-CCMP encryption, and open authentication
|
wpa2-aes-psk |
Set the security protocol suite as WPA2-PSK (preshared key) key management, AES-CCMP encryption, and open authentication
|
wpa-aes-8021x |
Set the security protocol suite as WPA-EAP (802.1x) key management, AES-CCMP encryption, and EAP (802.1x) authentication
|
wpa2-aes-8021x |
Set the security protocol suite as WPA2-EAP (802.1x) key management, AES-CCMP encryption, and EAP (802.1x) authentication
|
replay-window |
Set a window size within which the SmartPath AP accepts replies to previously sent messages during 4-way handshakes
|
<number> |
Enter the number of packets prior to the one most
recently sent to which the SmartPath AP will accept a reply (Default: 0;
Range: 0-10)
|
security-object
<string> security protocol-suite
{wpa-auto-8021x|wpa-tkip-8021x|wpa2-tkip-8021x|wpa-auto-psk|wpa-tkip-psk|wpa2-tkip-psk}
local-tkip-counter-measure
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-auto-8021x |
Set security protocol suite as WPA-/WPA2-EAP (802.1x) key management, TKIP/AES-CCMP encryption, and EAP (802.1x) authentication
|
wpa-tkip-8021x |
Set the security protocol suite as WPA-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
wpa2-tkip-8021x |
Set the security protocol suite as WPA2-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
wpa-auto-psk |
Set security protocol suite as WPA-/WPA2-PSK (preshared key) key management, TKIP or AES-CCMP encryption, open authentication
|
wpa-tkip-psk |
Set the security protocol suite as WPA-PSK (preshared key) key management, TKIP encryption, and open authentication
|
wpa2-tkip-psk |
Set the security protocol suite as WPA2-PSK (preshared key) key management, TKIP encryption, and open authentication
|
local-tkip-counter-measure |
Enable the deauthentication of all previously
authenticated clients when the local SmartPath AP detects MIC (message
integrity check) failures during TKIP operations (Default: enabled)
|
security-object
<string> security protocol-suite
{wpa-auto-8021x|wpa-tkip-8021x|wpa2-tkip-8021x|wpa-auto-psk|wpa-tkip-psk|wpa2-tkip-psk}
remote-tkip-counter-measure
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
protocol-suite |
Set the security protocol suite for the security object
|
wpa-auto-8021x |
Set security protocol suite as WPA-/WPA2-EAP (802.1x) key management, TKIP/AES-CCMP encryption, and EAP (802.1x) authentication
|
wpa-tkip-8021x |
Set the security protocol suite as WPA-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
wpa2-tkip-8021x |
Set the security protocol suite as WPA2-EAP (802.1x) key management, TKIP encryption, and EAP (802.1x) authentication
|
wpa-auto-psk |
Set security protocol suite as WPA-/WPA2-PSK (preshared key) key management, TKIP or AES-CCMP encryption, open authentication
|
wpa-tkip-psk |
Set the security protocol suite as WPA-PSK (preshared key) key management, TKIP encryption, and open authentication
|
wpa2-tkip-psk |
Set the security protocol suite as WPA2-PSK (preshared key) key management, TKIP encryption, and open authentication
|
remote-tkip-counter-measure |
Enable the deauthentication of all previously
authenticated clients when a client reports MIC (message integrity
check) failures during TKIP operations (Default: enabled)]
|
security-object <string> security roaming cache update-interval <number> ageout <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
security |
Set security parameters for the security object
|
roaming |
Set roaming parameters for clients to which the security object is applied
|
cache |
Set the interval between updates and the number of times to update a station's roaming cache
|
update-interval |
Set the interval for sending roaming cache updates to neighbors
|
<number> |
Enter the roaming cache update interval in seconds (Default: 60; Range: 10-36000)
|
ageout |
Set how many times an entry must be absent from a neighbor's updates before removing it from the roaming cache
|
<number> |
Enter the number of absences required to remove an entry (Default: 60; Range: 1-1000)
|
security-object <string> user-profile-allowed <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
user-profile-allowed |
Allow network access for members of all or specified user profiles bound to the security object
|
<string> |
Enter the user profile name (1 - 32 chars)
|
security-object <string> user-profile-allowed {all}
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
user-profile-allowed |
Allow network access for members of all or specified user profiles bound to the security object
|
all |
Allow network access to members of all user profiles
|
security-object <string> user-profile-deny action ban [ <number> ] [ strict ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
user-profile-deny |
Set parameters for denying network access to users if they do not belong to an allowed user profile
|
action |
Set an action which will be taken if a user profile is not allowed to access this SSID
|
ban |
Set the action to ban network access for a specified length of time
|
<number> |
Enter the action time in seconds (Default: 60; Range: 1-100000000)
|
strict |
Set the behavior to deauthenticate all connected
stations whenever a user profile bound to the security object changes
(Note: When stations reauthenticate, the user profile changes take
effect.)
|
security-object <string> user-profile-deny action {ban-forever|disconnect} [ strict ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
user-profile-deny |
Set parameters for denying network access to users if they do not belong to an allowed user profile
|
action |
Set an action which will be taken if a user profile is not allowed to access this SSID
|
ban-forever |
Set the action to ban network access indefinitely
|
disconnect |
Set the action to disconnect the station from the SmartPath AP
|
strict |
Set the behavior to deauthenticate all connected
stations whenever a user profile bound to the security object changes
(Note: When stations reauthenticate, the user profile changes take
effect.)
|
security-object
<string> user-profile-sequence
{cwp-ssid-mac|cwp-mac-ssid|ssid-cwp-mac|ssid-mac-cwp|mac-ssid-cwp|mac-cwp-ssid}
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
user-profile-sequence |
Set the sequential order to apply user profiles
when the authentication process involves multiple components referencing
different profiles (Default: mac-ssid-cwp; Note: The user profile
applied last is the one that is ultimately used.)
|
cwp-ssid-mac |
Apply the user profile for a captive web portal first, SSID second, and MAC authentication last
|
cwp-mac-ssid |
Apply the user profile for a captive web portal first, MAC authentication second, and SSID last
|
ssid-cwp-mac |
Apply the user profile for an SSID first, captive web portal second, and MAC authentication last
|
ssid-mac-cwp |
Apply the user profile for an SSID first, MAC authentication second, and captive web portal last
|
mac-ssid-cwp |
Apply the user profile for MAC authentication first, SSID second, and captive web portal last
|
mac-cwp-ssid |
Apply the user profile for MAC authentication first, captive web portal second, and SSID last
|
security-object <string> walled-garden hostname <string> [ service {all|web} ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
walled-garden |
Set the parameters for a walled garden in which
unregistered users can access specified servers (Maximum: 64 IP address
and host name entries combined)
|
hostname |
Set the host name of a server in the walled garden
|
<string> |
Enter the domain name (max 32 chars)
|
service |
Set the service permitted to reach the server (Maximum: 8 services per IP address or host name entry)
|
all |
Permit all services
|
web |
Permit HTTP and HTTPS
|
security-object <string> walled-garden hostname <string> service protocol <number> port <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
walled-garden |
Set the parameters for a walled garden in which
unregistered users can access specified servers (Maximum: 64 IP address
and host name entries combined)
|
hostname |
Set the host name of a server in the walled garden
|
<string> |
Enter the domain name (max 32 chars)
|
service |
Set the service permitted to reach the server (Maximum: 8 services per IP address or host name entry)
|
protocol |
Set the protocol of the service that you want to permit
|
<number> |
Enter the protocol number (Note: UDP: 17; TCP: 6; All: 0; Range: 0-255)
|
port |
Set the port number
|
<number> |
Enter the port number (Range: 1-65535)
|
security-object <string> walled-garden ip-address <ip_addr|ip_addr/mask> [ service {all|web} ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
walled-garden |
Set the parameters for a walled garden in which
unregistered users can access specified servers (Maximum: 64 IP address
and host name entries combined)
|
ip-address |
Set the IP address of a server or a subnet in the walled garden
|
<ip_addr> |
Enter the IP address or subnet (Note: To define a
subnet, enter the first address in the subnet, followed by a slash, and
then the routing prefix bit length. Example: 10.1.1.0/24)
|
<ip_addr/netmask> |
Enter the IP address or subnet (Note: To define a
subnet, enter the first address in the subnet, followed by a slash, and
then the routing prefix bit length. Example: 10.1.1.0/24)
|
service |
Set the service permitted to reach the server (Maximum: 8 services per IP address or host name entry)
|
all |
Permit all services
|
web |
Permit HTTP and HTTPS
|
security-object
<string> walled-garden ip-address <ip_addr|ip_addr/mask>
service protocol <number> port <number>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
walled-garden |
Set the parameters for a walled garden in which
unregistered users can access specified servers (Maximum: 64 IP address
and host name entries combined)
|
ip-address |
Set the IP address of a server or a subnet in the walled garden
|
<ip_addr> |
Enter the IP address or subnet (Note: To define a
subnet, enter the first address in the subnet, followed by a slash, and
then the routing prefix bit length. Example: 10.1.1.0/24)
|
<ip_addr/netmask> |
Enter the IP address or subnet (Note: To define a
subnet, enter the first address in the subnet, followed by a slash, and
then the routing prefix bit length. Example: 10.1.1.0/24)
|
service |
Set the service permitted to reach the server (Maximum: 8 services per IP address or host name entry)
|
protocol |
Set the protocol of the service that you want to permit
|
<number> |
Enter the protocol number (Note: UDP: 17; TCP: 6; ICMP: 1; All: 0; Range: 0-255)
|
port |
Set the port number
|
<number> |
Enter the port number (Range: 1-65535)
|
security-object <string> web-directory <string>
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
web-directory |
Enter the web directory name for the captive web portal specified in the security object
|
<string> |
Enter the web directory name for the security object
|
security-object
<string> web-server [ port <number> ] [ index-file
<string> ] [ success-file <string> ] [ failure-file
<string> ] [ ssl server-key <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
web-server |
Enable the internal web server
|
port |
Set the HTTP port number for the web server
|
<number> |
Enter the HTTP port number for the web server. Set
the port number to 0 is disable the HTTP method (Default: 80; Range:
0-65535)
|
index-file |
Specify the .html file as the default index page
|
<string> |
Enter the .html file name (Default: success.html; Range: 1-32 chars)
|
success-file |
Specify the .html file that you want to appear after a user successfully registers through the captive web portal
|
<string> |
Enter the .html file name (Default: success.html; Range: 1-32 chars)
|
failure-file |
Specify the .html file that you want to appear after a user failed registers through the captive web portal
|
<string> |
Enter the .html file name (Default: failure.html; Range: 1-32 chars)
|
ssl |
Enable the SSL (Secure Socket Layer) method
|
server-key |
Set the server key (a X509 certificate) for SSL
|
<number> |
Enter the server key index (Default: 0; Range: 0-15)
|
security-object <string> web-server web-page {mandatory-field} <number> [ optional-field <number> ]
|
security-object |
Set parameters for a security object controlling
network access through the SSIDs and Ethernet interfaces to which it is
applied
|
<string> |
Enter the security object name (1-32 chars)
|
web-server |
Enable the internal web server
|
web-page |
Set the web pages parameters
|
mandatory-field |
Set the mandatory field numbers in login web page
|
<number> |
Enter the mandatory field numbers in login web page (Default: 4; Range: 0-8)
|
optional-field |
Set the optional field numbers in login web page
|
<number> |
Enter the optional field numbers in login web page (Default: 2; Range: 0-8)
|
service <string> alg {ftp|tftp|sip|dns|http}
|
service |
Set a custom service
|
<string> |
Enter service name (1 - 32 chars)
|
alg |
Assign an ALG (Application Level Gateway) to the service
|
ftp |
Assign an FTP (File Transfer Protocol) ALG to the service
|
tftp |
Assign a TFTP (Trivial File Transfer Protocol) ALG to the service
|
sip |
Assign a SIP (Session Initiation Protocol) ALG to the service
|
dns |
Assign a DNS (Domain Name System) ALG to the service
|
http |
Assign an HTTP ALG to the service
|
service <string> protocol <number> [ port <number> ] [ timeout <number> ]
|
service |
Set a custom service
|
<string> |
Enter service name (1 - 32 chars)
|
protocol |
Set the protocol used by the custom service
|
<number> |
Enter the protocol number (Range: 1-255)
|
port |
Set the destination port number for the transport protocol
|
<number> |
Enter the port number (Range: 0-65535)
|
timeout |
Set the service session timeout
|
<number> |
Set the session timeout value in seconds (Default TCP: 300; UDP: 100; Other: 100; Range: 0-65535)
|
service <string> protocol {tcp|udp|svp} [ port <number> ] [ timeout <number> ]
|
service |
Set a custom service
|
<string> |
Enter service name (1 - 32 chars)
|
protocol |
Set the protocol used by the custom service
|
tcp |
Enter the transport protocol as tcp
|
udp |
Enter the transport protocol as udp
|
svp |
Enter the transport protocol as svp
|
port |
Set the destination port number for the transport protocol
|
<number> |
Enter the port number (Range: 0-65535)
|
timeout |
Set the service session timeout
|
<number> |
Set the session timeout value in seconds (Default TCP: 300; UDP: 100; Other: 100; Range: 0-65535)
|
show aaa
|
show |
Show settings, parameters, or dynamically generated information
|
aaa |
Show parameters for AAA (authentication, authorization, accounting)
|
show aaa radius-server
|
show |
Show settings, parameters, or dynamically generated information
|
aaa |
Show parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Show RADIUS server parameters
|
show aaa radius-server NAS [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
aaa |
Show parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Show RADIUS server parameters
|
NAS |
Show the shared keys for all RADIUS NASs
|
<string> |
Enter a RADIUS NAS name
|
show aaa radius-server cache
|
show |
Show settings, parameters, or dynamically generated information
|
aaa |
Show parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Show RADIUS server parameters
|
cache |
Show RADIUS server cache entries
|
show aaa radius-server domain
|
show |
Show settings, parameters, or dynamically generated information
|
aaa |
Show parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Show RADIUS server parameters
|
domain |
Show which Active Directory domain the SmartPath AP has joined
|
show aaa radius-server proxy [ server ]
|
show |
Show settings, parameters, or dynamically generated information
|
aaa |
Show parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Show RADIUS server parameters
|
proxy |
Show all realms parameters
|
server |
Show all RADIUS servers parameters
|
show aaa radius-server-key {radius-server|ldap-client}
|
show |
Show settings, parameters, or dynamically generated information
|
aaa |
Show parameters for AAA (authentication, authorization, accounting)
|
radius-server-key |
Show all certificates that the local SmartPath AP uses as a RADIUS server and LDAP client
|
radius-server |
Show certificates that the local SmartPath AP uses as a RADIUS server
|
ldap-client |
Show certificates that the local SmartPath AP uses as a LDAP client
|
show access-console
|
show |
Show settings, parameters, or dynamically generated information
|
access-console |
Show access console status and parameters
|
show acsp
|
show |
Show settings, parameters, or dynamically generated information
|
acsp |
Show parameters for ACSP (Advanced Channel Selection Protocol)
|
show acsp channel-info [ {detail|arbiter} ]
|
show |
Show settings, parameters, or dynamically generated information
|
acsp |
Show parameters for ACSP (Advanced Channel Selection Protocol)
|
channel-info |
Show channel information for ACSP
|
detail |
Show detailed channel information about the calculated cost of each channel and the factors used to determine that cost
|
arbiter |
Show information regarding the assignment of channels to cluster members
|
show acsp neighbor
|
show |
Show settings, parameters, or dynamically generated information
|
acsp |
Show parameters for ACSP (Advanced Channel Selection Protocol)
|
neighbor |
Show acsp neighbor list
|
show admin [ active ]
|
show |
Show settings, parameters, or dynamically generated information
|
admin |
Show admin parameters
|
active |
Show currently connected admin users
|
show admin auth
|
show |
Show settings, parameters, or dynamically generated information
|
admin |
Show admin parameters
|
auth |
Show admin authentication method
|
show admin manager-ip
|
show |
Show settings, parameters, or dynamically generated information
|
admin |
Show admin parameters
|
manager-ip |
Show IP addresses from which administrative traffic is accepted
|
show alg [ {ftp|tftp|sip|dns|http} ]
|
show |
Show settings, parameters, or dynamically generated information
|
alg |
Show ALG (Application Level Gateway) information
|
ftp |
Show FTP (File Transfer Protocol) information
|
tftp |
Show TFTP (Trivial File Transfer Protocol) information
|
sip |
Show SIP (Session Initiation Protocol) information
|
dns |
Show DNS (Domain Name System) information
|
http |
Show settings for the HTTP ALG
|
show alg sip calls [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
alg |
Show ALG (Application Level Gateway) information
|
sip |
Show SIP (Session Initiation Protocol) information
|
calls |
Show information for all currently active SIP calls
|
<string> |
Enter a call ID to show information for a specific SIP call (up to 128 chars)
|
show amrp
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
show amrp Ethlink
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
Ethlink |
Show the number of AMRP Ethernet links, and the number of cluster members and interfaces on each link
|
show amrp Ethlink <mac_addr>
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
Ethlink |
Show the number of AMRP Ethernet links, and the number of cluster members and interfaces on each link
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show amrp client [ <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
client |
Show information about currently active clients associated with all cluster members
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show amrp dnxp cache [ <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
dnxp |
Show DNXP (Dynamic Network Extension Protocol) information
|
cache |
Show the entire DNXP cache or the cached entry for a specific client
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show amrp dnxp neighbor [ <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
dnxp |
Show DNXP (Dynamic Network Extension Protocol) information
|
neighbor |
Show information about all DNXP neighbors or a
specific neighbor to which the local SmartPath AP can tunnel the traffic
of roaming clients
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show amrp interface
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
interface |
Show AMRP statistics for access interfaces reporting
client associations and backhaul interfaces exchanging route
information with other AMRP nodes
|
show amrp interface <ethx|redx|aggx> bmt-table
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
interface |
Show AMRP statistics for access interfaces reporting
client associations and backhaul interfaces exchanging route
information with other AMRP nodes
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
bmt-table |
Broadcast Master Table
|
show amrp interface <ethx|redx|aggx> mac-learning
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
interface |
Show AMRP statistics for access interfaces reporting
client associations and backhaul interfaces exchanging route
information with other AMRP nodes
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
mac-learning |
Show the MAC addresses learned on this interface
|
show amrp interface <ethx|redx|aggx|mgtx|wifix.y>
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
interface |
Show AMRP statistics for access interfaces reporting
client associations and backhaul interfaces exchanging route
information with other AMRP nodes
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
show amrp neighbor [ {Ethernet|WiFi} ]
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
neighbor |
Show AMRP neighbor information (Note: An AMRP neighbor is another cluster member that is one hop away.)
|
Ethernet |
Show AMRP neighbors that connect to the local SmartPath AP through its Ethernet interfaces
|
WiFi |
Show AMRP neighbors that connect to the local SmartPath AP through its WiFi interfaces
|
show amrp node <ip_addr|mac_addr>
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
node |
Show information about all AMRP nodes or a specific
node (Note: An AMRP node is another cluster member in the same layer-2
domain.)
|
<ip_addr> |
Enter node address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show amrp node [ all ]
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
node |
Show information about all AMRP nodes or a specific
node (Note: An AMRP node is another cluster member in the same layer-2
domain.)
|
all |
Show amrp all node detail
|
show amrp static-neighbor
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
static-neighbor |
Show AMRP information for neighbors with statically defined route metrics
|
show amrp tunnel [ <ip_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
tunnel |
Show a information about all DNXP, INXP (Identity
Network Extension Protocol), and VPN tunnels or about a tunnel to a
specific peer
|
<ip_addr> |
Enter the tunnel peer IPv4 address
|
show amrp tunnel route [ <ip_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
amrp |
Show AMRP (Advanced Mobility Routing Protocol) parameters
|
tunnel |
Show a information about all DNXP, INXP (Identity
Network Extension Protocol), and VPN tunnels or about a tunnel to a
specific peer
|
route |
Show tunneled route
|
<ip_addr> |
Enter the tunneled route IPv4 address
|
show arp-cache
|
show |
Show settings, parameters, or dynamically generated information
|
arp-cache |
Show arp cache table
|
show auth [ interface <wifix.y> ]
|
show |
Show settings, parameters, or dynamically generated information
|
auth |
Show authentication parameters per interface
|
interface |
Show authentication parameters for special interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
show auth private-psk
|
show |
Show settings, parameters, or dynamically generated information
|
auth |
Show authentication parameters per interface
|
private-psk |
Show private PSK (preshared key) entries
|
show band-steering status
|
show |
Show settings, parameters, or dynamically generated information
|
band-steering |
Show settings, parameters, or dynamically generated information
|
status |
Show parameters for band steering in the WLAN
|
show boot-param
|
show |
Show settings, parameters, or dynamically generated information
|
boot-param |
Show boot parameter information
|
show boot-param country-code
|
show |
Show settings, parameters, or dynamically generated information
|
boot-param |
Show boot parameter information
|
country-code |
Show the country code to control channel and power selections
|
show cac summary
|
show |
Show settings, parameters, or dynamically generated information
|
cac |
Show CAC (Call Admission Control) parameters
|
summary |
Show a summary of CAC settings and statistics
|
show capture interface <wifix>
|
show |
Show settings, parameters, or dynamically generated information
|
capture |
Show packet capture parameters
|
interface |
Show the status of packet capturing on a radio interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
show capture local
|
show |
Show settings, parameters, or dynamically generated information
|
capture |
Show packet capture parameters
|
local |
Show local captured files
|
show capture remote-sniffer
|
show |
Show settings, parameters, or dynamically generated information
|
capture |
Show packet capture parameters
|
remote-sniffer |
Show the status and connection settings for the remote packet sniffer
|
show capwap client
|
show |
Show settings, parameters, or dynamically generated information
|
capwap |
Show the settings and current status for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Show CAPWAP client settings and current status
|
show client-load-balance status
|
show |
Show settings, parameters, or dynamically generated information
|
client-load-balance |
Show settings, parameters, or dynamically generated information
|
status |
Show parameters for client load balancing in the WLAN
|
show clock
|
show |
Show settings, parameters, or dynamically generated information
|
clock |
Show the date, time of the internal clock
|
show cluster <string> connecting-threshold
|
show |
Show settings, parameters, or dynamically generated information
|
cluster |
Show cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
connecting-threshold |
Show cluster neighbor connecting threshold parameters
|
show cluster <string> counter neighbor [ <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
cluster |
Show cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
counter |
Show detailed statistics (counters) for neighboring cluster members
|
neighbor |
Show statistics for all neighbors or a single neighbor in this cluster
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show cluster <string> manage
|
show |
Show settings, parameters, or dynamically generated information
|
cluster |
Show cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
manage |
Show management options enabled on wireless backhaul interfaces in this cluster
|
show cluster <string> neighbor [ mac <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
cluster |
Show cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
neighbor |
Show information about all neighbors currently
associated with the cluster or about the ongoing wireless activity of a
specific neighbor
|
mac |
Show the ongoing wireless activity of a neighbor
that is currently associated with the cluster (Note: To stop the display
of output, press CTRL+C.)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show cluster <string> security wlan dos
|
show |
Show settings, parameters, or dynamically generated information
|
cluster |
Show cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
security |
Show cluster security parameters
|
wlan |
Show WLAN parameters
|
dos |
Show WLAN Dos parameters
|
show cluster [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
cluster |
Show cluster parameters
|
<string> |
Enter a cluster profile name (1-32 chars)
|
show clusterui cas client
|
show |
Show settings, parameters, or dynamically generated information
|
clusterui |
Show settings of the clusterUI on the SmartPath AP
for defining SmartPath AP network settings, configuring settings to
connect to SmartPath EMS, and uploading a new SmartPath OS image
|
cas |
Show client and server parameters for CAS (Central
Authentication Service), a protocol for authenticating users such as
teachers accessing Teacher View
|
client |
Show parameters for the local SmartPath AP to act as a CAS client
|
show cmds
|
show |
Show settings, parameters, or dynamically generated information
|
cmds |
Show CLI (Command Line Interface) commands including ones derived from optional keywords
|
show config rollback
|
show |
Show settings, parameters, or dynamically generated information
|
config |
Show parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
rollback |
Show the configuration rollback status, the
mechanism for triggering it, and the length of time to wait before
performing a rollback operation
|
show config running
|
show |
Show settings, parameters, or dynamically generated information
|
config |
Show parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
running |
Show the running configuration
|
show config running password
|
show |
Show settings, parameters, or dynamically generated information
|
config |
Show parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
running |
Show the running configuration
|
password |
Show passwords and sensitive networking keys as
obscured text strings in the output (Default: Passwords and keys are
represented by asterisks; Note: A SmartPath AP can recover an original
string from an obscured one, but not if the string is replaced with
asterisks.)
|
show config version
|
show |
Show settings, parameters, or dynamically generated information
|
config |
Show parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
version |
Show the version number of the current configuration file
|
show config {current|backup|bootstrap|default|failed}
|
show |
Show settings, parameters, or dynamically generated information
|
config |
Show parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
current |
Show the current configuration
|
backup |
Show the backup configuration
|
bootstrap |
Show the bootstrap configuration
|
default |
Show the default configuration
|
failed |
Show the failed configuration
|
show console
|
show |
Show settings, parameters, or dynamically generated information
|
console |
Show console parameter
|
show cpu [ {detail} ]
|
show |
Show settings, parameters, or dynamically generated information
|
cpu |
Show the percentage of the CPU used in total, for system operations, and for processing user traffic
|
detail |
Show CPU utilization in detail
|
show data-collection
|
show |
Show settings, parameters, or dynamically generated information
|
data-collection |
Show parameters for collecting data about the types and capabilities of devices on the network and their network usage
|
show device-group [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
device-group |
Show all device group names or the settings of an individual device group
|
<string> |
Enter a device group name (1-32 chars)
|
show dns
|
show |
Show settings, parameters, or dynamically generated information
|
dns |
Show DNS (Domain Name System) parameters
|
show domain-object [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
domain-object |
Show all domain object names or the device domains assigned to an individual domain object
|
<string> |
Enter an domain object name (1-32 chars)
|
show filter [ <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
filter |
Show capture filter parameters
|
<number> |
Enter a filter ID (Range: 1-64)
|
show forwarding-engine counters [ interface <wifix|wifix.y|ethx|mgtx> ] [ station <mac_addr> ] [ drop ]
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
counters |
Show forwarding engine counter statistics
|
interface |
Show forwarding engine counter by interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
station |
Show forwarding engine counter by station MAC
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
drop |
Show the drop packet counter
|
show forwarding-engine inter-ssid-flood
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
inter-ssid-flood |
Show status of flooding multicast or broadcast packets between access interfaces
|
show forwarding-engine ip-gates
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
ip-gates |
Show IP gates information
|
show forwarding-engine ip-sessions id <number>
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
ip-sessions |
Show IP session information
|
id |
Show a IP session by ID
|
<number> |
Enter the flow ID (Range: 1-9999)
|
show forwarding-engine mac-sessions [ src-mac <mac_addr> ] [ dst-mac <mac_addr> ] [ vlan <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
mac-sessions |
Show MAC session information
|
src-mac |
Filter by source MAC
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Filter by destination MAC
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
vlan |
Filter by VLAN ID of station
|
<number> |
VLAN ID (Range: 1-4094)
|
show forwarding-engine mac-sessions id <number>
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
mac-sessions |
Show MAC session information
|
id |
Show a MAC session by ID
|
<number> |
Enter the flow ID (Range: 1-9999)
|
show forwarding-engine max-ip-sess-per-station
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
max-ip-sess-per-station |
Show the maximum number of IP sessions that can be created to or from a station
|
show forwarding-engine max-mac-sess-per-station
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
max-mac-sess-per-station |
Show the maximum number of MAC sessions that can be created to or from a station
|
show forwarding-engine open-ports-to-self
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
open-ports-to-self |
Show permitted services destined for the SmartPath AP itself when it is set to drop all non-management traffic
|
show forwarding-engine policy
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
policy |
Show policy information
|
show forwarding-engine static-rule
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
static-rule |
Show static packet-forwarding rules that preempts dynamic forwarding decisions
|
show forwarding-engine tunnel selective-multicast-forward
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
tunnel |
Show tunnel (GRE tunnel or GRE-over-IPsec tunnel) parameters
|
selective-multicast-forward |
Show the settings for selective multicast forwarding through GRE tunnels
|
show forwarding-engine tunnel tcp-mss-threshold
|
show |
Show settings, parameters, or dynamically generated information
|
forwarding-engine |
Show forwarding engine parameters
|
tunnel |
Show tunnel (GRE tunnel or GRE-over-IPsec tunnel) parameters
|
tcp-mss-threshold |
Show TCP MSS threshold parameters
|
show gre-tunnel
|
show |
Show settings, parameters, or dynamically generated information
|
gre-tunnel |
Show GRE (Generic Routing Encapsulation) tunnel information
|
show high-density status
|
show |
Show settings, parameters, or dynamically generated information
|
high-density |
Show parameters for optimizing performance in a high-density WLAN
|
status |
Show high-density settings and the running status of operations pertaining to them on both the 2.4 and 5 GHz radio bands
|
show history
|
show |
Show settings, parameters, or dynamically generated information
|
history |
Show command history
|
show hw-info
|
show |
Show settings, parameters, or dynamically generated information
|
hw-info |
Show hardware information
|
show icsa
|
show |
Show settings, parameters, or dynamically generated information
|
icsa |
Show ICSA (International Computer Security Association) parameters
|
show interface <ethx> allowed-vlan
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
allowed-vlan |
Show all allowed VLAN IDs on the interface
|
show interface <ethx> mac-learning {static|dynamic|all}
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
mac-learning |
Show entries in the MAC address learning table
|
static |
Show statically defined MAC address entries
|
dynamic |
Show dynamically learned MAC address entries
|
all |
Show statically defined and dynamically learned MAC address entries
|
show interface <ethx> manage
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
manage |
Show management options enabled on this interface
|
show interface <ethx> qos-classifier
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
qos-classifier |
Show the QoS classification profile (classifier) assigned to the interface
|
show interface <ethx> qos-marker
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
qos-marker |
Show the QoS marker profile assigned to the interface
|
show interface <ethx> rate-limit
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
rate-limit |
Show the settings for interface-based rate limiting
|
show interface <mgtx.y> manage
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
manage |
Show management options enabled on this interface
|
show interface <mgtx> dhcp client
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Show DHCP parameters
|
client |
Show DHCP client parameters
|
show interface <mgtx> dhcp keepalive
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp |
Show DHCP parameters
|
keepalive |
Show the status for keepalives to DHCP servers in
the native VLAN, management interface VLAN, and all VLANs set in the
DHCP keepalive range
|
show interface <mgtx> dhcp-probe results-summary
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp-probe |
Show DHCP probe parameters
|
results-summary |
Show a summary of DHCP probe results
|
show interface <mgtx|mgtx.y> dhcp-server [ detail ]
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
dhcp-server |
Show the DHCP server parameters
|
detail |
Show details about the DHCP leases for currently active clients
|
show interface <mgtx|mgtx.y> ip-helper
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
ip-helper |
Show IP helper address information
|
show interface <wifix.y> multicast
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
multicast |
Show multicast settings, statistics, groups, and group members
|
show interface <wifix> channel
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
channel |
Show channel list of the radio interface
|
show interface <wifix> dfs
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
dfs |
Show DFS (Dynamic Frequency Selection) status
|
show interface <wifix> multicast
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
multicast |
Show multicast settings, statistics, groups, and group members
|
show interface <wifix> wlan-idp ap-info
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
wlan-idp |
Show WLAN IDP (intrusion detection and prevention) parameters
|
ap-info |
Show IDP AP statistics for the radio interface
|
show interface <wifix> wlan-idp ap-info compliance {compliant|non-compliant}
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
wlan-idp |
Show WLAN IDP (intrusion detection and prevention) parameters
|
ap-info |
Show IDP AP statistics for the radio interface
|
compliance |
Show one compliance type of IDP AP statistics for the radio interface
|
compliant |
Show compliant type of IDP AP statistics for the radio interface
|
non-compliant |
Show non-compliant type of IDP AP statistics for the radio interface
|
show interface <wifix> wlan-idp ap-info type {rogue|valid|external}
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
wlan-idp |
Show WLAN IDP (intrusion detection and prevention) parameters
|
ap-info |
Show IDP AP statistics for the radio interface
|
type |
Show one type of IDP AP statistics for the radio interface
|
rogue |
Show rogue type of IDP AP statistics for the radio interface
|
valid |
Show valid type of IDP AP statistics for the radio interface
|
external |
Show external type of IDP AP statistics for the radio interface
|
show interface <wifix> wlan-idp client-info
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
wlan-idp |
Show WLAN IDP (intrusion detection and prevention) parameters
|
client-info |
Show IDP client statistics for the radio interface
|
show interface <wifix> wlan-idp mitigate rogue-ap [ <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
wlan-idp |
Show WLAN IDP (intrusion detection and prevention) parameters
|
mitigate |
Show mitigated rogue APs and their clients
|
rogue-ap |
Show rogue APs currently being mitigated or clients connected to a specific rogue AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show interface <wifix|wifix.y> counter
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
counter |
Show detailed statistics (counters) for traffic traversing the interface
|
show interface [ <ethx|mgtx|mgtx.y|wifix|wifix.y|tunnelx> ]
|
show |
Show settings, parameters, or dynamically generated information
|
interface |
Show interface and subinterface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges x: 0; y: 1-16)
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
<tunnelx> |
Enter the name of the tunnel interface, where x = 0 or 1
|
show ip route
|
show |
Show settings, parameters, or dynamically generated information
|
ip |
Show IP parameters
|
route |
Show IP routing table
|
show ip-policy
|
show |
Show settings, parameters, or dynamically generated information
|
ip-policy |
Show parameters for IP policy
|
show ip-policy <string>
|
show |
Show settings, parameters, or dynamically generated information
|
ip-policy |
Show parameters for IP policy
|
<string> |
Enter an IP policy name (1-32 chars)
|
show ip-policy
user-profile <number|string> [ {from-access|to-access} ] [ from
<ip_addr|string> <mask> ] [ to <ip_addr|string>
<mask> ] [ service <string> ] [ action
{permit|deny|inter-station-traffic-drop} ] [ lines <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
ip-policy |
Show parameters for IP policy
|
user-profile |
Show parameters for a user profile
|
<number> |
Enter the user profile name or ID
|
<string> |
Enter the user profile name or ID
|
from-access |
Show IP policy for data sent from this station
|
to-access |
how IP policy for data arriving at this station
|
from |
Show the specific source IP (Default: any)
|
<ip_addr> |
Enable an IP or net address
|
<string> |
Enable an IP or net address
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
to |
Show the specific destination IP (Default: any)
|
<ip_addr> |
Enter an IP or net address
|
<string> |
Enter an IP or net address
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks
the octet where it appears (For example, the 0s in '255.0.0.255' mask
the second and third octets, applying the IP policy to all addresses
matching only the first and fourth octets.)
|
service |
Show the specific service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Show the action (Default:any)
|
permit |
Set the action
|
deny |
Set the action
|
inter-station-traffic-drop |
Set the action
|
lines |
Set the most number of IP policy to show
|
<number> |
Enter a num (Range: 1-32)
|
show library-sip-policy [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
library-sip-policy |
Display library SIP policy settings
|
<string> |
Enter a library SIP policy name (1-32 chars)
|
show license
|
show |
Show settings, parameters, or dynamically generated information
|
license |
Show license infomation
|
show lldp [ {cdp} ] [ {neighbor} ]
|
show |
Show settings, parameters, or dynamically generated information
|
lldp |
Set LLDP (Link Layer Discovery Protocol) parameters
|
cdp |
Set CDP (Cisco Discovery Protocol) parameters
|
neighbor |
Show the LLDP or CDP neighbor table
|
show location [ {aeroscout|tzsp} ]
|
show |
Show settings, parameters, or dynamically generated information
|
location |
Show parameters for location tracking
|
aeroscout |
Show parameters for the location processing engine
|
tzsp |
Show parameters for the location processing engine
|
show location black-box
|
show |
Show settings, parameters, or dynamically generated information
|
location |
Show parameters for location tracking
|
black-box |
Show parameters for the Black Box location processing engine
|
show location black-box list
|
show |
Show settings, parameters, or dynamically generated information
|
location |
Show parameters for location tracking
|
black-box |
Show parameters for the Black Box location processing engine
|
list |
Show the entries in the track list
|
show location black-box rssi
|
show |
Show settings, parameters, or dynamically generated information
|
location |
Show parameters for location tracking
|
black-box |
Show parameters for the Black Box location processing engine
|
rssi |
Show the RSSI readings of tracked stations
|
show location black-box rssi mac <mac_addr>
|
show |
Show settings, parameters, or dynamically generated information
|
location |
Show parameters for location tracking
|
black-box |
Show parameters for the Black Box location processing engine
|
rssi |
Show the RSSI readings of tracked stations
|
mac |
Show the RSSI readings of a specific tracked station as determined by its MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show location black-box rssi oui <oui>
|
show |
Show settings, parameters, or dynamically generated information
|
location |
Show parameters for location tracking
|
black-box |
Show parameters for the Black Box location processing engine
|
rssi |
Show the RSSI readings of tracked stations
|
oui |
Show the RSSI readings of specific tracked stations
as determined by the OUI (organizationally unique identifier) portion of
their MAC addresses
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
show location {aeroscout|tzsp} counter
|
show |
Show settings, parameters, or dynamically generated information
|
location |
Show parameters for location tracking
|
aeroscout |
Show parameters for the location processing engine
|
tzsp |
Show parameters for the location processing engine
|
counter |
Show statistics for location reports sent to the location processing engine
|
show logging
|
show |
Show settings, parameters, or dynamically generated information
|
logging |
Show logging information
|
show logging
{buffered|flash|debug} [ level
{emergency|alert|critical|error|warning|notification|info|debug} ] [
tail <number> ] [ date <date> ] [ time <time> ]
|
show |
Show settings, parameters, or dynamically generated information
|
logging |
Show logging information
|
buffered |
Show buffered messages
|
flash |
Show flash messages
|
debug |
Show debug messages
|
level |
Specify a logging level
|
emergency |
Show emergency-level log entries (Default: debug)
|
alert |
Show log entries from alert to emergency levels (Default: debug)
|
critical |
Show log entries from critical to emergency levels (Default: debug)
|
error |
Show log entries from error to emergency levels (Default: debug)
|
warning |
Show log entries from warning to emergency levels (Default: debug)
|
notification |
Show log entries from notification to emergency levels (Default: debug)
|
info |
Show log entries from info to emergency levels (Default: debug)
|
debug |
Show log entries for all severity levels (Default: debug)
|
tail |
Show log number
|
<number> |
Show log number (Range: 1-65535)
|
date |
Show messages start date
|
<date> |
Show messages date (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
time |
Show messages start time
|
<time> |
Show messages time (Format: hh:mm:ss)
|
show mac-object [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
mac-object |
Show all MAC object names or the parameters of an individual MAC object
|
<string> |
Enter an MAC object name (1-32 chars)
|
show mac-policy
|
show |
Show settings, parameters, or dynamically generated information
|
mac-policy |
Show parameters for MAC policy
|
show mac-policy
<string> [ from <mac_addr> [ <number> ] ] [ to
<mac_addr> [ <number> ] ] [ action {permit|deny} ] [ lines
<number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
mac-policy |
Show parameters for MAC policy
|
<string> |
Enter a MAC policy name (1-32 chars)
|
from |
Show the specific source MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
to |
Show the specific destination MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
action |
Show the specific action (Default:any)
|
permit |
Set the action
|
deny |
Set the action
|
lines |
Set the most number of MAC policy to show
|
<number> |
Enter a num (Range: 1-32)
|
show mac-policy
user-profile <number|string> [ {from-access|to-access} ] [ from
<mac_addr> [ <number> ] ] [ to <mac_addr> [
<number> ] ] [ action {permit|deny} ] [ lines <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
mac-policy |
Show parameters for MAC policy
|
user-profile |
Show parameters for a user profile
|
<number> |
Enter the user profile name or ID
|
<string> |
Enter the user profile name or ID
|
from-access |
Show MAC policy for data sent from this station
|
to-access |
how IP policy for data arriving at this station
|
from |
Show the specific source MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
to |
Show the specific destination MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
action |
Show the specific action (Default:any)
|
permit |
Set the action
|
deny |
Set the action
|
lines |
Set the most number of MAC policy to show
|
<number> |
Enter a num (Range: 1-32)
|
show memory [ {detail} ]
|
show |
Show settings, parameters, or dynamically generated information
|
memory |
Show total, free, and used system memory statistics
|
detail |
Show system memory statistics in detail
|
show min-password-length
|
show |
Show settings, parameters, or dynamically generated information
|
min-password-length |
Show the minimum password length
|
show mobile-device-policy [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
mobile-device-policy |
Show all mobile device policy names or the settings of an individual policy
|
<string> |
Enter a mobile device policy name (1-32 chars)
|
show mobility-policy [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
mobility-policy |
Show mobility policy parameters
|
<string> |
Enter a mobility policy name (1 - 32 chars)
|
show mobility-threshold gre-tunnel permitted-load
|
show |
Show settings, parameters, or dynamically generated information
|
mobility-threshold |
Show the settings for tunneling mobile user traffic
|
gre-tunnel |
Show the settings for the volume of traffic that the
local SmartPath AP accepts through GRE tunnels (Note: This only applies
to portals in a L3 roaming environment.)
|
permitted-load |
Show the level determining how much tunneled traffic from mobile users the local SmartPath AP accepts
|
show ntp
|
show |
Show settings, parameters, or dynamically generated information
|
ntp |
Show NTP (Network Time Protocol) parameters
|
show os-object [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
os-object |
Show all OS object names or the operating systems assigned to an individual OS object
|
<string> |
Enter an OS object name (1-32 chars)
|
show performance-sentinel
|
show |
Show settings, parameters, or dynamically generated information
|
performance-sentinel |
Show performance sentinel parameters
|
show ppsk schedule [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
ppsk |
Show parameters of private-PSK
|
schedule |
Show information about previously defined private-PSK schedules
|
<string> |
Enter a name to see information about a specific schedule (1-32 characters)
|
show proxy
|
show |
Show settings, parameters, or dynamically generated information
|
proxy |
Show proxy parameters
|
show qos
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
show qos classifier-map 80211e [ <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
classifier-map |
Show the mapping of QoS priority markers on incoming packets to Black Box QoS classes
|
80211e |
Show mapping of IEEE 802.11e priority markers on incoming packets to Black Box QoS classes
|
<number> |
Enter the IEEE 802.11e user priority (Range: 0-7)
|
show qos classifier-map 8021p [ <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
classifier-map |
Show the mapping of QoS priority markers on incoming packets to Black Box QoS classes
|
8021p |
Show mapping of IEEE 802.1p priority markers on incoming packets to Black Box QoS classes
|
<number> |
Enter IEEE 802.1p priority (Range: 0-7)
|
show qos classifier-map diffserv [ <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
classifier-map |
Show the mapping of QoS priority markers on incoming packets to Black Box QoS classes
|
diffserv |
Show mapping of diffserv DSCP (Differentiated Services Code Point) values on incoming packets to Black Box QoS classes
|
<number> |
Enter The DSCP class (Range: 0-63)
|
show qos classifier-map interface <ethx>
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
classifier-map |
Show the mapping of QoS priority markers on incoming packets to Black Box QoS classes
|
interface |
Show interface-based classification table
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
show qos classifier-map oui [ <oui> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
classifier-map |
Show the mapping of QoS priority markers on incoming packets to Black Box QoS classes
|
oui |
Show the MAC OUI (Organizational Unique Identifier) classification table
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or
periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link
Phone=00-17-9a; Vocera=00.09.ef.)
|
show qos classifier-map service [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
classifier-map |
Show the mapping of QoS priority markers on incoming packets to Black Box QoS classes
|
service |
Show service-based classification table
|
<string> |
Enter service name (1 - 32 chars)
|
show qos classifier-map ssid <string>
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
classifier-map |
Show the mapping of QoS priority markers on incoming packets to Black Box QoS classes
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID name
|
show qos classifier-profile [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
classifier-profile |
Show a QoS classification profile
|
<string> |
Show QoS classifier profile by name (1 - 32 chars)
|
show qos counter user [ <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
counter |
Show QoS statistics counters
|
user |
Show station QoS statistics counters
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show qos counter user-profile [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
counter |
Show QoS statistics counters
|
user-profile |
Show user profile QoS statistics counters
|
<string> |
Enter the user profile name (1 - 32 chars)
|
show qos marker-map 80211e [ <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
marker-map |
Show the mapping of Black Box QoS classes to QoS priority markers on outgoing packets
|
80211e |
Show mapping of Black Box QoS classes to IEEE 802.11e priority markers on outgoing packets
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
show qos marker-map 8021p [ <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
marker-map |
Show the mapping of Black Box QoS classes to QoS priority markers on outgoing packets
|
8021p |
Show mapping of Black Box QoS classes to IEEE 802.1p priority markers on outgoing packets
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
show qos marker-map diffserv [ <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
marker-map |
Show the mapping of Black Box QoS classes to QoS priority markers on outgoing packets
|
diffserv |
Show map of Black Box QoS classes to diffserv DSCP (Differentiated Services Code Point) values on outgoing packets
|
<number> |
Enter the Black Box QoS class (Range: 0-7)
|
show qos marker-profile [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
marker-profile |
Show a QoS marker profile
|
<string> |
Enter the marker profile name (1 - 32 chars)
|
show qos policy [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
qos |
Show QoS (Quality of Service) parameters
|
policy |
Show a QoS (Quality of Service) policy
|
<string> |
Show a QoS (Quality of Service) policy by policy name (1 - 32 chars)
|
show radio profile [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
radio |
Show radio profile parameters
|
profile |
Show radio profile parameters for an interface
|
<string> |
Enter a radio profile name
|
show reboot schedule
|
show |
Show settings, parameters, or dynamically generated information
|
reboot |
Show if the system is scheduled to reboot
|
schedule |
Show the next scheduled reboot time, if set
|
show report statistic
|
show |
Show settings, parameters, or dynamically generated information
|
report |
Show report parameters for traffic statistics
|
statistic |
Show parameters for reporting interface-level and client-level traffic statistics
|
show reset-button
|
show |
Show settings, parameters, or dynamically generated information
|
reset-button |
Show the state of reset button to reset the SmartPath AP to its factory default settings or, if set, to a bootstrap config
|
show roaming cache
|
show |
Show settings, parameters, or dynamically generated information
|
roaming |
Show the roaming cache and neighbors
|
cache |
Show the roaming cache containing MAC addresses and PMKs (Pairwise Master Keys)
|
show roaming cache mac <mac_addr>
|
show |
Show settings, parameters, or dynamically generated information
|
roaming |
Show the roaming cache and neighbors
|
cache |
Show the roaming cache containing MAC addresses and PMKs (Pairwise Master Keys)
|
mac |
Specify a station MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show roaming neighbor [ mac <mac_addr> ] [ ip <ip_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
roaming |
Show the roaming cache and neighbors
|
neighbor |
Show the neighbors to which associated stations can roam
|
mac |
Specify a station MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
ip |
Specify station IP
|
<ip_addr> |
Specify IP address
|
show route
|
show |
Show settings, parameters, or dynamically generated information
|
route |
Show route parameters
|
show running-config
|
show |
Show settings, parameters, or dynamically generated information
|
running-config |
Show Currently running configurations
|
show running-config password
|
show |
Show settings, parameters, or dynamically generated information
|
running-config |
Show Currently running configurations
|
password |
Show passwords and sensitive networking keys as
obscured text strings in the output (Default: Passwords and keys are
represented by asterisks; Note: A SmartPath AP can recover an original
string from an obscured one, but not if the string is replaced with
asterisks.)
|
show running-config users [ password ] [ all ]
|
show |
Show settings, parameters, or dynamically generated information
|
running-config |
Show Currently running configurations
|
users |
Show users configurations
|
password |
Show passwords and sensitive networking keys as
obscured text strings in the output (Default: Passwords and keys are
represented by asterisks; Note: A SmartPath AP can recover an original
string from an obscured one, but not if the string is replaced with
asterisks.)
|
all |
Show all the user configurations including temporary users
|
show schedule [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
schedule |
Show information about previously defined schedules
|
<string> |
Enter a name to see information about a specific schedule (1-32 characters)
|
show schedule-in-detail
|
show |
Show settings, parameters, or dynamically generated information
|
schedule-in-detail |
Show detailed information about all previously defined schedules
|
show security mac-filter [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
security |
Show security parameters
|
mac-filter |
Show MAC-filter parameters
|
<string> |
Specify MAC-filter name
|
show security protocol-suite
|
show |
Show settings, parameters, or dynamically generated information
|
security |
Show security parameters
|
protocol-suite |
Show predefine security protocol suites
|
show security-object <string> dhcp-server
|
show |
Show settings, parameters, or dynamically generated information
|
security-object |
Show security object names and individual parameters
|
<string> |
Enter a security object name (1-32 chars)
|
dhcp-server |
Show DHCP-server parameters
|
show security-object <string> dns-server
|
show |
Show settings, parameters, or dynamically generated information
|
security-object |
Show security object names and individual parameters
|
<string> |
Enter a security object name (1-32 chars)
|
dns-server |
Show DNS-server parameters
|
show security-object <string> mobile-device-policy
|
show |
Show settings, parameters, or dynamically generated information
|
security-object |
Show security object names and individual parameters
|
<string> |
Enter a security object name (1-32 chars)
|
mobile-device-policy |
Show the mobile device policy to which the security object is bound
|
show security-object <string> security aaa
|
show |
Show settings, parameters, or dynamically generated information
|
security-object |
Show security object names and individual parameters
|
<string> |
Enter a security object name (1-32 chars)
|
security |
Show security settings
|
aaa |
Show AAA (authentication, authorization, and accounting) settings
|
show security-object <string> security protocol-suite
|
show |
Show settings, parameters, or dynamically generated information
|
security-object |
Show security object names and individual parameters
|
<string> |
Enter a security object name (1-32 chars)
|
security |
Show security settings
|
protocol-suite |
Show the security protocol suite
|
show security-object <string> walled-garden
|
show |
Show settings, parameters, or dynamically generated information
|
security-object |
Show security object names and individual parameters
|
<string> |
Enter a security object name (1-32 chars)
|
walled-garden |
Show the list of walled gardens
|
show security-object <string> web-server
|
show |
Show settings, parameters, or dynamically generated information
|
security-object |
Show security object names and individual parameters
|
<string> |
Enter a security object name (1-32 chars)
|
web-server |
Show the internal web server configuration in the interface
|
show security-object [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
security-object |
Show security object names and individual parameters
|
<string> |
Enter a security object name (1-32 chars)
|
show service [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
service |
Show details or counters about predefined and custom services
|
<string> |
Show the transport protocol, port, and timeout for a specific service
|
show service [ <string> ] counter
|
show |
Show settings, parameters, or dynamically generated information
|
service |
Show details or counters about predefined and custom services
|
<string> |
Show the transport protocol, port, and timeout for a specific service
|
counter |
Show counter statistics for all services or for a specific service
|
show smartpath-ems
|
show |
Show settings, parameters, or dynamically generated information
|
smartpath-ems |
Show SmartPath EMS parameters
|
show snmp [ {v3-admin} ]
|
show |
Show settings, parameters, or dynamically generated information
|
snmp |
Show SNMP (Simple Network Management Protocol) parameters
|
v3-admin |
Show parameters for SNMP v3 administrators
|
show snmp community [ {read-only} ]
|
show |
Show settings, parameters, or dynamically generated information
|
snmp |
Show SNMP (Simple Network Management Protocol) parameters
|
community |
Show previously defined SNMP communities and their parameters
|
read-only |
Enter a community privilege to show previously defined SNMP communities parameters
|
show snmp contact
|
show |
Show settings, parameters, or dynamically generated information
|
snmp |
Show SNMP (Simple Network Management Protocol) parameters
|
contact |
Show SNMP contact information
|
show snmp location
|
show |
Show settings, parameters, or dynamically generated information
|
snmp |
Show SNMP (Simple Network Management Protocol) parameters
|
location |
Show the SmartPath AP location for SNMP
|
show snmp trap-host
|
show |
Show settings, parameters, or dynamically generated information
|
snmp |
Show SNMP (Simple Network Management Protocol) parameters
|
trap-host |
Show parameters for SNMP trap host
|
show ssh-tunnel
|
show |
Show settings, parameters, or dynamically generated information
|
ssh-tunnel |
Show SSH (Secure Shell) tunnel parameters
|
show ssid <string> counter station [ <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
counter |
Show detailed statistics (counters) for stations (wireless clients) associated with the SSID
|
station |
Show statistics for all stations or a specific station associated with the SSID
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show ssid <string> manage
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
manage |
Show management options enabled on subinterfaces bound to the SSID
|
show ssid <string> multicast
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names
|
<string> |
Enter an SSID profile name (1-32 chars)
|
multicast |
Show multicast settings
|
show ssid <string> qos-classifier
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
qos-classifier |
Show the QoS classification profile (classifier) assigned to the interface
|
show ssid <string> qos-marker
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
qos-marker |
Show the QoS marker profile assigned to the interface
|
show ssid <string> schedule [ detail ]
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
schedule |
Show all schedules bound to the SSID
|
detail |
Show detailed information about all schedules bound to the SSID
|
show ssid <string> security screening [ detail ]
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Show SSID security parameters
|
screening |
Show SSID security screening parameters
|
detail |
Show more information
|
show ssid <string> security wlan dos
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Show SSID security parameters
|
wlan |
Show SSID WLAN parameters
|
dos |
Show SSID DoS parameters
|
show ssid <string> station [ mac <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
station |
Show information about all stations currently
associated with the SSID or about the ongoing wireless activity of a
specific station
|
mac |
Show the ongoing wireless activity of a station that
is currently associated with the SSID (Note: To stop the display of
output, press CTRL+C.)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show ssid <string> user-group
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
user-group |
Show SSID bind user-groups
|
show ssid [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
ssid |
Show SSID (Service Set Identifier) profile names and individual profile parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
show ssid-schedule
|
show |
Show settings, parameters, or dynamically generated information
|
ssid-schedule |
Show the status of all SSID schedules
|
show station [ <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
station |
Show information about all stations or about the ongoing wireless activity of a specific station
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show station [ <mac_addr> ] counter
|
show |
Show settings, parameters, or dynamically generated information
|
station |
Show information about all stations or about the ongoing wireless activity of a specific station
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
counter |
Show detailed statistics (counters) for stations (wireless clients) associated with the SmartPath AP
|
show system
|
show |
Show settings, parameters, or dynamically generated information
|
system |
Show system information
|
show system disk-info
|
show |
Show settings, parameters, or dynamically generated information
|
system |
Show system information
|
disk-info |
Show disk information
|
show system led
|
show |
Show settings, parameters, or dynamically generated information
|
system |
Show system information
|
led |
Show LED configuration parameters and current status
|
show system processes [ state ]
|
show |
Show settings, parameters, or dynamically generated information
|
system |
Show system information
|
processes |
Show processes information
|
state |
Show processes running state
|
show teacher-view resource-map
|
show |
Show settings, parameters, or dynamically generated information
|
teacher-view |
Show parameters for Teacher View, a tool for controlling student access to the network and monitoring their activity
|
resource-map |
Show all previously defined mappings of network resources to IP addresses and port numbers
|
show tech
|
show |
Show settings, parameters, or dynamically generated information
|
tech |
Show the output of many "show" commands that display
all the important SmartPath AP settings (cluster, interface, ssid...)
and runtime data (amrp neighbor, capwap client, roaming cache...)
|
show tech <url> [
admin <string> password <string> {basic|digest} ] [ proxy
<string> [ proxy-admin <string> password <string> ] ]
|
show |
Show settings, parameters, or dynamically generated information
|
tech |
Show the output of many "show" commands that display
all the important SmartPath AP settings (cluster, interface, ssid...)
and runtime data (amrp neighbor, capwap client, roaming cache...)
|
<url> |
Enter the HTTP protocol, remote server domain name,
port, directory path, and file name (Default port: 80; 1-256 chars;
Format: http://domain/path/file, http://domain:port/path/file; Note: You
can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which
appends a user name and password encoded with the Base64 algorithm to
the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest,
which appends an MD5 checksum of the username, password, and other
values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally,
the port number for the HTTP proxy server (Max length: 64 chars;
Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
show time-zone
|
show |
Show settings, parameters, or dynamically generated information
|
time-zone |
Show time zone
|
show track [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
track |
Show IP tracking information
|
<string> |
Show IP tracking information for the group (1-32 chars)
|
show user
|
show |
Show settings, parameters, or dynamically generated information
|
user |
Show all user
|
show user-group <string> psk-digest [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
user-group |
Show a user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
psk-digest |
Show the digest string for the auto-PSK
|
<string> |
Enter the user name (1-32 chars)
|
show user-group [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
user-group |
Show a user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
show user-profile <string> cac airtime-percentage
|
show |
Show settings, parameters, or dynamically generated information
|
user-profile |
Show parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
cac |
Show CAC (Call Admission Control) parameters and statistics
|
airtime-percentage |
Show the percentage of airtime for VoIP calls
|
show user-profile <string> schedule [ detail ]
|
show |
Show settings, parameters, or dynamically generated information
|
user-profile |
Show parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
schedule |
Show all schedules bound to the user profile
|
detail |
Show detailed information about all schedules bound to the user profile
|
show user-profile [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
user-profile |
Show parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
show user-profile-schedule
|
show |
Show settings, parameters, or dynamically generated information
|
user-profile-schedule |
Show the status of all user profile schedules
|
show version [ {detail} ]
|
show |
Show settings, parameters, or dynamically generated information
|
version |
Show information about the current and backup SmartPath OS versions on the SmartPath AP and the SmartPath AP platform type
|
detail |
Show detailed information about the current and
backup SmartPath OS versions on the SmartPath AP and the SmartPath AP
platform type
|
show vpn gre-tunnel
|
show |
Show settings, parameters, or dynamically generated information
|
vpn |
Show VPN information and VPN objects
|
gre-tunnel |
Show GRE (Generic Routing Encapsulation) tunnel information
|
show vpn ike configuration
|
show |
Show settings, parameters, or dynamically generated information
|
vpn |
Show VPN information and VPN objects
|
ike |
Show IKE information
|
configuration |
Show VPN configuration settings
|
show vpn ike {sa|event}
|
show |
Show settings, parameters, or dynamically generated information
|
vpn |
Show VPN information and VPN objects
|
ike |
Show IKE information
|
sa |
Show the cookies and creation times of IKE phase1 security associations
|
event |
Show the most recent IKE events (Note: You can see up to a maximum of 32 IKE events.)
|
show vpn ike {sp}
|
show |
Show settings, parameters, or dynamically generated information
|
vpn |
Show VPN information and VPN objects
|
ike |
Show IKE information
|
sp |
Show IPsec security policies
|
show vpn ipsec sa
|
show |
Show settings, parameters, or dynamically generated information
|
vpn |
Show VPN information and VPN objects
|
ipsec |
Show IPSec information
|
sa |
Show IKE phase 2 IPsec security associations
|
show vpn ipsec-tunnel
|
show |
Show settings, parameters, or dynamically generated information
|
vpn |
Show VPN information and VPN objects
|
ipsec-tunnel |
Show IPSec tunnel information
|
show vpn tunnel-id [ <number> ]
|
show |
Show settings, parameters, or dynamically generated information
|
vpn |
Show VPN information and VPN objects
|
tunnel-id |
Show VPN tunnel destination parameters and status,
or show detailed information about a specific tunnel by entering its ID
number
|
<number> |
Enter the tunnel ID number (Range: 1-2147483647)
|
show vpn tunnel-policy
|
show |
Show settings, parameters, or dynamically generated information
|
vpn |
Show VPN information and VPN objects
|
tunnel-policy |
Show tunnel policy information
|
show web-directory [ ppsk-self-reg ] [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
web-directory |
Show the files in a web directory
|
ppsk-self-reg |
Show the files in the private PSK self-registration web directory
|
<string> |
Enter the web directory name
|
show web-server-key
|
show |
Show settings, parameters, or dynamically generated information
|
web-server-key |
Show web server key files information
|
show wlan-idp mitigate [ <mac_addr> ]
|
show |
Show settings, parameters, or dynamically generated information
|
wlan-idp |
Show WLAN IDP (intrusion detection and prevention) parameters
|
mitigate |
Show one or a list of rogue APs against which
mitigation was performed, the SmartPath APs that reported them, and
those that attacked them
|
<mac_addr> |
Enter a MAC address (Note: You can use colons,
dashes, or periods to format the address. Examples: 1111:1111:1111,
11-11-11-11-11-11, 1111.1111.1111 ...)
|
show wlan-idp profile [ <string> ]
|
show |
Show settings, parameters, or dynamically generated information
|
wlan-idp |
Show WLAN IDP (intrusion detection and prevention) parameters
|
profile |
Show IDP profile parameters
|
<string> |
Enter an IDP profile name (1-32 chars)
|
snmp contact <string>
|
snmp |
Set SNMP (Simple Network Management Protocol) parameters
|
contact |
Set SNMP contact information
|
<string> |
Enter SNMP contact information (1-32 characters)
|
snmp location <string>
|
snmp |
Set SNMP (Simple Network Management Protocol) parameters
|
location |
Set the SmartPath AP location for SNMP
|
<string> |
Enter the SNMP location string (1-255 chars; Default: change-me)
|
snmp reader version v3
admin <string> [ auth {md5|sha} password <string> ] [
encryption {aes|des} password <string> ]
|
snmp |
Set SNMP (Simple Network Management Protocol) parameters
|
reader |
Set the SNMP community mode as read-only (Note: This
setting allows the NMS, or network management station, to read MIB data
on the SmartPath AP but not receive traps from it.)
|
version |
Set the SNMP community version
|
v3 |
Set the SNMP community version as SNMP v3
|
admin |
Set the admin with read-only privileges for viewing MIB data
|
<string> |
Enter the admin name (1-32 chars)
|
auth |
Set the algorithm for authenticating communications between the SNMP agent on the SmartPath AP and the NMS
|
md5 |
Set the authentication algorithm as MD5 (Message Digest Algorithm 5)
|
sha |
Set the authentication algorithm as SHA-1 (Secure Hash Algorithm 1)
|
password |
Set the password used during the authentication process
|
<string> |
Enter the authentication password (8-64 chars)
|
encryption |
Set the algorithm for encrypting communications between the SNMP agent on the SmartPath AP and the NMS
|
aes |
Set the encryption algorithm as AES (Advanced Encryption Standard)
|
des |
Set the encryption algorithm as DES (Data Encryption Standard)
|
password |
Set the password used during the encryption process
|
<string> |
Enter the password (8-64 chars)
|
snmp reader version {v1|v2c|any} community <string> [ <string> ]
|
snmp |
Set SNMP (Simple Network Management Protocol) parameters
|
reader |
Set the SNMP community mode as read-only (Note: This
setting allows the NMS, or network management station, to read MIB data
on the SmartPath AP but not receive traps from it.)
|
version |
Set the SNMP community version
|
v1 |
Set the community version as SNMP v1
|
v2c |
Set the community version as SNMP v2c
|
any |
Set the community version to support both SNMP v1 and v2c
|
community |
Set SNMP community parameters
|
<string> |
Set the SNMP community string for authenticating
communications between the SNMP agent on the SmartPath AP and the NMS
(Note: This string acts like a password or a shared secret.)
|
<string> |
Enter the domain name (1-32 characters) or the IP address and netmask for the NMS
|
snmp trap-host {v1|v2c} <ip_addr|string> [ port <number> ] [ {via-vpn-tunnel} ] [ community <string> ]
|
snmp |
Set SNMP (Simple Network Management Protocol) parameters
|
trap-host |
Set parameters for the SNMP trap host (Note: This is
an NMS, or network management station, that can receive SNMP traps from
the SmartPath AP.)
|
v1 |
Set the trap format for SNMP v1
|
v2c |
Set the trap format for SNMP v2c
|
<ip_addr> |
Enter the domain name (1-32 characters) or the IP address for the NMS
|
<string> |
Enter the domain name (1-32 characters) or the IP address for the NMS
|
port |
Set the port number on which the NMS listens for traps that the SmartPath AP sends it
|
<number> |
Enter the port number (Default: 162, Range: 1-65535)
|
via-vpn-tunnel |
Send all SNMP traps through a VPN tunnel (Note: Set
this option on VPN clients when the NMS is in a different subnet from
the tunnel interface. When they are in the same subnet, tunneling is
automatic.)
|
community |
Set the community string for authenticating
communications between the SmartPath AP and NMS (Note: This string acts
like a password or a shared secret.)
|
<string> |
Enter the community string (1-32 characters; Default: clustercommunity)
|
snmp trap-host {v3} <ip_addr|string> [ port <number> ] [ {via-vpn-tunnel} ] admin <string>
|
snmp |
Set SNMP (Simple Network Management Protocol) parameters
|
trap-host |
Set parameters for the SNMP trap host (Note: This is
an NMS, or network management station, that can receive SNMP traps from
the SmartPath AP.)
|
v3 |
Set the trap format for SNMP v3
|
<ip_addr> |
Enter the domain name (1-32 characters) or the IP address for the NMS
|
<string> |
Enter the domain name (1-32 characters) or the IP address for the NMS
|
port |
Set the port number on which the NMS listens for traps that the SmartPath AP sends it
|
<number> |
Enter the port number (Default: 162, Range: 1-65535)
|
via-vpn-tunnel |
Send all SNMP traps through a VPN tunnel (Note: Set
this option on VPN clients when the NMS is in a different subnet from
the tunnel interface. When they are in the same subnet, tunneling is
automatic.)
|
admin |
Set the name of the SNMP admin that can receive traps from SmartPath AP
|
<string> |
Enter the admin name (1-32 chars)
|
snmp trap-host {v3}
admin <string> auth {md5|sha} password <string> [ encryption
{aes|des} password <string> ]
|
snmp |
Set SNMP (Simple Network Management Protocol) parameters
|
trap-host |
Set parameters for the SNMP trap host (Note: This is
an NMS, or network management station, that can receive SNMP traps from
the SmartPath AP.)
|
v3 |
Set the trap format for SNMP v3
|
admin |
Set the admin with privileges for receiving traps
|
<string> |
Enter the admin name (1-32 chars)
|
auth |
Set the algorithm for authenticating communications between the SNMP agent on the SmartPath AP and the NMS
|
md5 |
Set the authentication algorithm as md5 (Message Digest Algorithm 5)
|
sha |
Set the authentication algorithm as SHA-1 (Secure Hash Algorithm 1)
|
password |
Set the password used during the authentication process
|
<string> |
Enter the authentication password (8-64 chars)
|
encryption |
Set the algorithm for encrypting communications between the SNMP agent on the SmartPath AP and the NMS
|
aes |
Set the encryption algorithm as AES (Advanced Encryption Standard)
|
des |
Set the encryption algorithm as DES (Data Encryption Standard)
|
password |
Set the password used during the encryption process
|
<string> |
Enter the password (8-64 chars)
|
snmp trap-info {over-snmp|over-capwap}
|
snmp |
Set SNMP (Simple Network Management Protocol) parameters
|
trap-info |
Set parameters for the delivery of SNMP trap information
|
over-snmp |
Send trap inion over SNMP (Default: Disabled)
|
over-capwap |
Send trap information over CAPWAP (Default: Enabled)
|
ssh-tunnel server
<string> tunnel-port <number> user <string> password
<string> [ timeout <number> ]
|
ssh-tunnel |
Set SSH (Secure Shell) tunnel parameters so that Black Box Technical Support can access the SmartPath AP remotely
|
server |
Set the domain name or IP address of the Black Box SSH server and, optionally, its port number
|
<string> |
Enter the domain name (1-64 characters) or IP
address and, optionally, the port number (Default port: 22; Range:
1025-65535; Format: name:port or ip:port)
|
tunnel-port |
Set the port number that the SSH server uses to identify the tunnel
|
<number> |
Enter the port for identifying the SSH tunnel (Range: 1025-65535)
|
user |
Set the user name for logging in to the SSH server
|
<string> |
Enter the user name (1-32 characters)
|
password |
Set password for logging in to the SSH server
|
<string> |
Enter the password (1-32 characters)
|
timeout |
Set the length of time during which the tunnel between the SmartPath AP and the Black Box SSH server will be up
|
<number> |
Enter the tunnel timeout value in minutes (Range: 0-6000, Default: 0 (disable))
|
ssid <string>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
ssid <string>
11a-rate-set [ {6|6-basic} ] [ {9|9-basic} ] [ {12|12-basic} ] [
{18|18-basic} ] [ {24|24-basic} ] [ {36|36-basic} ] [ {48|48-basic} ] [
{54|54-basic} ]
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
11a-rate-set |
Set the basic (mandatory) and optional 11a data
rates for the radio (Default rates in Mbps: basic=6, 12, 24, opt=9, 18,
36, 48, 54)
|
6 |
Set 6 Mbps as a basic (mandatory) or optional data rate
|
6-basic |
Set 6 Mbps as a basic (mandatory) or optional data rate
|
9 |
Set 9 Mbps as a basic (mandatory) or optional data rate
|
9-basic |
Set 9 Mbps as a basic (mandatory) or optional data rate
|
12 |
Set 12 Mbps as a basic (mandatory) or optional data rate
|
12-basic |
Set 12 Mbps as a basic (mandatory) or optional data rate
|
18 |
Set 18 Mbps as a basic (mandatory) or optional data rate
|
18-basic |
Set 18 Mbps as a basic (mandatory) or optional data rate
|
24 |
Set 24 Mbps as a basic (mandatory) or optional data rate
|
24-basic |
Set 24 Mbps as a basic (mandatory) or optional data rate
|
36 |
Set 36 Mbps as a basic (mandatory) or optional data rate
|
36-basic |
Set 36 Mbps as a basic (mandatory) or optional data rate
|
48 |
Set 48 Mbps as a basic (mandatory) or optional data rate
|
48-basic |
Set 48 Mbps as a basic (mandatory) or optional data rate
|
54 |
Set 54 Mbps as a basic (mandatory) or optional data rate
|
54-basic |
Set 54 Mbps as a basic (mandatory) or optional data rate
|
ssid <string>
11g-rate-set [ {1|1-basic} ] [ {2|2-basic} ] [ {5.5|5.5-basic} ] [
{11|11-basic} ] [ {6|6-basic} ] [ {9|9-basic} ] [ {12|12-basic} ] [
{18|18-basic} ] [ {24|24-basic} ] [ {36|36-basic} ] [ {48|48-basic} ] [
{54|54-basic} ]
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
11g-rate-set |
Set the basic (mandatory) and optional 11g data
rates for the radio (Default rates in Mbps: basic=1, 2, 5.5, 11, opt=6,
9, 12, 18, 24, 36, 48, 54)
|
1 |
Set 1 Mbps as a basic (mandatory) or optional data rate
|
1-basic |
Set 1 Mbps as a basic (mandatory) or optional data rate
|
2 |
Set 2 Mbps as a basic (mandatory) or optional data rate
|
2-basic |
Set 2 Mbps as a basic (mandatory) or optional data rate
|
5.5 |
Set 5.5 Mbps as a basic (mandatory) or optional data rate
|
5.5-basic |
Set 5.5 Mbps as a basic (mandatory) or optional data rate
|
11 |
Set 11 Mbps as a basic (mandatory) or optional data rate
|
11-basic |
Set 11 Mbps as a basic (mandatory) or optional data rate
|
6 |
Set 6 Mbps as a basic (mandatory) or optional data rate
|
6-basic |
Set 6 Mbps as a basic (mandatory) or optional data rate
|
9 |
Set 9 Mbps as a basic (mandatory) or optional data rate
|
9-basic |
Set 9 Mbps as a basic (mandatory) or optional data rate
|
12 |
Set 12 Mbps as a basic (mandatory) or optional data rate
|
12-basic |
Set 12 Mbps as a basic (mandatory) or optional data rate
|
18 |
Set 18 Mbps as a basic (mandatory) or optional data rate
|
18-basic |
Set 18 Mbps as a basic (mandatory) or optional data rate
|
24 |
Set 24 Mbps as a basic (mandatory) or optional data rate
|
24-basic |
Set 24 Mbps as a basic (mandatory) or optional data rate
|
36 |
Set 36 Mbps as a basic (mandatory) or optional data rate
|
36-basic |
Set 36 Mbps as a basic (mandatory) or optional data rate
|
48 |
Set 48 Mbps as a basic (mandatory) or optional data rate
|
48-basic |
Set 48 Mbps as a basic (mandatory) or optional data rate
|
54 |
Set 54 Mbps as a basic (mandatory) or optional data rate
|
54-basic |
Set 54 Mbps as a basic (mandatory) or optional data rate
|
ssid <string> 11n-mcs-expand-rate-set [ <string> ]
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
11n-mcs-expand-rate-set |
Set the 802.11n MCS rate indexes for which the SSID
advertizes its support(By default, all MCS rates for three spatial
streams on the SmartPath AP 330 and 350 are supported: 0-23. On the
SmartPath AP 110, 120, 320, and 340, which support a maximum of two
spatial streams, use the 11n-mcs-rate-set option instead.)
|
<string> |
Enter specific MCS rates (Range: 1-64 chars; Format: Use commas as separators. Example: 2,5,17,20)
|
ssid <string> client-age-out <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
client-age-out |
Set the length of time to age out inactive clients and automatically disassociate them
|
<number> |
Enter the client age-out time in minutes (Default: 5; Range: 1-30)
|
ssid <string> dtim-period <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
dtim-period |
Set the DTIM (delivery traffic indication message) period
|
<number> |
Set the number of beacons between DTIM frames (Default: 1; Range: 1-255)
|
ssid <string> frag-threshold <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
frag-threshold |
Set the fragment threshold for the SSID
|
<number> |
Enter the fragment threshold in bytes for the SSID (Default: 2346; Range: 256-2346)
|
ssid <string> hide-ssid
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
hide-ssid |
Hide the SSID in beacons and ignore broadcast probe requests
|
ssid <string> ignore-broadcast-probe
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
ignore-broadcast-probe |
Ignore broadcasted probe requests
|
ssid <string> inter-station-traffic
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
inter-station-traffic |
Set the SmartPath AP to permit traffic between stations connected to one or more of its access interfaces (Default: Enabled)
|
ssid <string> manage all
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
manage |
Set management service parameters
|
all |
all_service::Enable all manageability options (ping,
SNMP, SSH, and Telnet) for mgt0 through subinterfaces bound to the SSID
(Defaults: ping enabled, SNMP disabled, SSH enabled, Telnet disabled)
|
ssid <string> manage {Telnet|SSH|SNMP|ping}
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
manage |
Set management service parameters
|
Telnet |
Enable Telnet manageability of mgt0 through subinterfaces bound to the SSID (Default: Disabled)
|
SSH |
Enable SSH manageability of mgt0 through subinterfaces bound to the SSID (Default: Enabled)
|
SNMP |
Enable SNMP manageability of mgt0 through subinterfaces bound to the SSID (Default: Disabled)
|
ping |
Enable mgt0 to respond to pings through subinterfaces bound to the SSID (Default: Enabled)
|
ssid <string> max-client <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
max-client |
Set the maximum number of clients that can associate with the SSID
|
<number> |
Enter the maximum number of clients that can
associate (Default: 100; Range: 1-100; Note: A radio profile can support
a maximum of 100 clients by default, and there can be a maximum of 16
SSIDs per radio.)
|
ssid <string> mode compliance
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
mode |
Set SSID mode parameter
|
compliance |
Set SSID mode compliance with 11n standard
|
ssid <string> mode legacy
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
mode |
Set SSID mode parameter
|
legacy |
Set this mode to disable the advertisement of
802.11n capabilities when there are legacy 802.11a/b/g clients that
cannot support 802.11n IEs (information elements) in management frames
|
ssid <string> multicast conversion-to-unicast {auto|always|disable}
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
multicast |
Set parameters for sending IP datagrams to a group of interested receivers in a single transmission
|
conversion-to-unicast |
Set the method for converting multicast frames to unicast frames (Default: Disabled)
|
auto |
Convert from multicast to unicast automatically
whenever the channel utilization or multicast group membership count is
below their respective thresholds
|
always |
Always convert from multicast to unicast regardless of channel utilization and group membership numbers
|
disable |
Disable convert from multicast to unicast
|
ssid <string> multicast cu-threshold <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
multicast |
Set parameters for sending IP datagrams to a group of interested receivers in a single transmission
|
cu-threshold |
Set the channel utilization threshold that determines when to convert multicast to unicast frames
|
<number> |
[1~100]Enter the channel utilization threshold as a
percent (Default: 60; Range: 1-100; Note: Conversion from multicast to
unicast frames occurs when the percent of channel utilization is below
or equal to this value.)
|
ssid <string> multicast member-threshold <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
multicast |
Set parameters for sending IP datagrams to a group of interested receivers in a single transmission
|
member-threshold |
Set the membership count threshold that determines when to convert multicast to unicast frames
|
<number> |
[1~30]Enter the multicast group membership threshold
(Default: 10; Range: 1-30; Note: Converting multicast frames to unicast
frames occurs when the number of group members is below or equal to
this value.)
|
ssid <string> qos-classifier <string>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
qos-classifier |
Assign a QoS classification profile (classifier) to the interface
|
<string> |
Enter the QoS classifier profile name (1-32 chars)
|
ssid <string> qos-marker <string>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
qos-marker |
Assign a QoS marker profile to the interface
|
<string> |
Enter the QoS marker profile name (1-32 chars)
|
ssid <string> rts-threshold <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
rts-threshold |
Set the RTS (request to send) threshold for the SSID
|
<number> |
Enter the packet size for the RTS (request to send) threshold for the SSID (Default: 2346 bytes; Range: 1-2346)
|
ssid <string> schedule <string>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
schedule |
Set a schedule during which the SSID will be available for use
|
<string> |
Enter a schedule name (1-32 characters)
|
ssid <string> security mac-filter <string>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
mac-filter |
Assign a filter for MAC addresses or OUIs (organizational unique identifiers)
|
<string> |
Enter the filter name for MAC addresses or OUIs (organizational unique identifiers)
|
ssid <string> security screening radius-attack
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
radius-attack |
Enable the screening method of RADIUS attack procection (Default: Disabled)
|
ssid <string> security screening radius-attack action ban-forever
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
radius-attack |
Enable the screening method of RADIUS attack procection (Default: Disabled)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; ban - the station is disconnected and banned for
a certain time; ban-forever - the station is banned forever)
|
ban-forever |
Set an action to ban-forever if an alarm is triggered
|
ssid <string> security screening radius-attack action {alarm|ban} [ [ <number> ] ]
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
radius-attack |
Enable the screening method of RADIUS attack procection (Default: Disabled)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; ban - the station is disconnected and banned for
a certain time; ban-forever - the station is banned forever)
|
alarm |
Set an action to alarm if an alarm is triggered
|
ban |
Set an action to ban if an alarm is triggered
|
<number> |
Enter the action time in seconds (Default: 10 for alarm, 3600 for ban; Range: 1-100000000)
|
ssid <string> security screening radius-attack threshold <number> [ action {alarm|ban} [ <number> ] ]
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
radius-attack |
Enable the screening method of RADIUS attack procection (Default: Disabled)
|
threshold |
Set the length of time during which 10 RADIUS rejections for the same source MAC address is considered unacceptable
|
<number> |
Enter the length of time in seconds (Default: 5; Range: 1-3600)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; ban - the station is disconnected and banned for
a certain time; ban-forever - the station is banned forever)
|
alarm |
Set an action to alarm if an alarm is triggered
|
ban |
Set an action to ban if an alarm is triggered
|
<number> |
Enter the action time in seconds (Default: 10 seconds for alarm, 3600 second for ban; Range: 1-100000000)
|
ssid <string> security screening radius-attack threshold <number> action ban-forever
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
radius-attack |
Enable the screening method of RADIUS attack procection (Default: Disabled)
|
threshold |
Set the length of time during which 10 RADIUS rejections for the same source MAC address is considered unacceptable
|
<number> |
Enter the length of time in seconds (Default: 5; Range: 1-3600)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; ban - the station is disconnected and banned for
a certain time; ban-forever - the station is banned forever)
|
ban-forever |
Set an action to ban-forever if an alarm is triggered
|
ssid <string> security screening tcp-syn-check
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
tcp-syn-check |
Enable checking that the SYN flag is set in TCP
segments before creating new IP sessions (Default: Disabled, Note: When
enabled, the IP session idle timeout is 10 seconds until the TCP
three-way handshake is complete.)
|
ssid <string>
security screening
{icmp-flood|udp-flood|syn-flood|arp-flood|address-sweep|port-scan|ip-spoof}
[ threshold <number> ]
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
icmp-flood |
Enable the screening method of icmp-flood (Default: Disabled)
|
udp-flood |
Enable the screening method of udp-flood (Default: Disabled)
|
syn-flood |
Enable the screening method of syn-flood (Default: Disabled)
|
arp-flood |
Enable the screening method of arp-flood (Default: Disabled)
|
address-sweep |
Enable the screening method of address-sweep (Default: Disabled)
|
port-scan |
Enable the screening method of port-scan (Default: Disabled)
|
ip-spoof |
Enable the screening method of ip-spoof (Default: Disabled)
|
threshold |
Set threshold: packets per second for syn-flood and
arp-flood, air time for icmp-flood and udp-flood, milliseconds every 10
packets for address-sweep and port-scan, IP addresses for ip-spoof
|
<number> |
Enter the threshold value (Defaults and Ranges: ICMP
flood: 20%, 1-100%; UDP flood 50%, 1-100%; SYN flood: 1000 pkts/sec,
1-1000000 pkts/sec; ARP flood 100 pkts/sec, 1-1000000 pkts/sec; address
sweep and port scan: 100 ms/10 pkts, 1-10000 ms; IP spoof: 3 src IPs/src
MAC, 2-10 IPs; RADIUS attack: 5 secs/10 rejects, 1-3600 secs)
|
ssid <string>
security screening
{icmp-flood|udp-flood|syn-flood|arp-flood|address-sweep|port-scan|ip-spoof}
action ban-forever
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
icmp-flood |
Enable the screening method of icmp-flood (Default: Disabled)
|
udp-flood |
Enable the screening method of udp-flood (Default: Disabled)
|
syn-flood |
Enable the screening method of syn-flood (Default: Disabled)
|
arp-flood |
Enable the screening method of arp-flood (Default: Disabled)
|
address-sweep |
Enable the screening method of address-sweep (Default: Disabled)
|
port-scan |
Enable the screening method of port-scan (Default: Disabled)
|
ip-spoof |
Enable the screening method of ip-spoof (Default: Disabled)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; drop - the traffic is paused for a certain time;
disconnect - the station is disconnected; ban - the station is
disconnected and banned for a certain time; ban-forever - the station is
banned forever)
|
ban-forever |
Set the action to ban-forever (Default: alarm)
|
ssid <string>
security screening
{icmp-flood|udp-flood|syn-flood|arp-flood|address-sweep|port-scan|ip-spoof}
action disconnect
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
icmp-flood |
Enable the screening method of icmp-flood (Default: Disabled)
|
udp-flood |
Enable the screening method of udp-flood (Default: Disabled)
|
syn-flood |
Enable the screening method of syn-flood (Default: Disabled)
|
arp-flood |
Enable the screening method of arp-flood (Default: Disabled)
|
address-sweep |
Enable the screening method of address-sweep (Default: Disabled)
|
port-scan |
Enable the screening method of port-scan (Default: Disabled)
|
ip-spoof |
Enable the screening method of ip-spoof (Default: Disabled)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; drop - the traffic is paused for a certain time;
disconnect - the station is disconnected; ban - the station is
disconnected and banned for a certain time; ban-forever - the station is
banned forever)
|
disconnect |
Set the action to disconnect (Default: alarm)
|
ssid <string>
security screening
{icmp-flood|udp-flood|syn-flood|arp-flood|address-sweep|port-scan|ip-spoof}
action {alarm|drop|ban} <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
icmp-flood |
Enable the screening method of icmp-flood (Default: Disabled)
|
udp-flood |
Enable the screening method of udp-flood (Default: Disabled)
|
syn-flood |
Enable the screening method of syn-flood (Default: Disabled)
|
arp-flood |
Enable the screening method of arp-flood (Default: Disabled)
|
address-sweep |
Enable the screening method of address-sweep (Default: Disabled)
|
port-scan |
Enable the screening method of port-scan (Default: Disabled)
|
ip-spoof |
Enable the screening method of ip-spoof (Default: Disabled)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; drop - the traffic is paused for a certain time;
disconnect - the station is disconnected; ban - the station is
disconnected and banned for a certain time; ban-forever - the station is
banned forever)
|
alarm |
Set the action to alarm (Default: alarm)
|
drop |
Set the action to drop (Default: alarm)
|
ban |
Set the action to ban (Default: alarm)
|
<number> |
Enter the action time in seconds (Range: 1-1000000000; Default: 10 for alarm, 1 for drop, 3600 for ban)
|
ssid <string>
security screening
{icmp-flood|udp-flood|syn-flood|arp-flood|address-sweep|port-scan|ip-spoof}
threshold <number> action ban-forever
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
icmp-flood |
Enable the screening method of icmp-flood (Default: Disabled)
|
udp-flood |
Enable the screening method of udp-flood (Default: Disabled)
|
syn-flood |
Enable the screening method of syn-flood (Default: Disabled)
|
arp-flood |
Enable the screening method of arp-flood (Default: Disabled)
|
address-sweep |
Enable the screening method of address-sweep (Default: Disabled)
|
port-scan |
Enable the screening method of port-scan (Default: Disabled)
|
ip-spoof |
Enable the screening method of ip-spoof (Default: Disabled)
|
threshold |
Set threshold: packets per second for syn-flood and
arp-flood, air time for icmp-flood and udp-flood, milliseconds every 10
packets for address-sweep and port-scan, IP addresses for ip-spoof
|
<number> |
Enter the threshold value (Defaults and Ranges: ICMP
flood: 20%, 1-100%; UDP flood 50%, 1-100%; SYN flood: 1000 pkts/sec,
1-1000000 pkts/sec; ARP flood 100 pkts/sec, 1-1000000 pkts/sec; address
sweep and port scan: 100 ms/10 pkts, 1-10000 ms; IP spoof: 3 src IPs/src
MAC, 2-10 IPs; RADIUS attack: 5 secs/10 rejects, 1-3600 secs)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; drop - the traffic is paused for a certain time;
disconnect - the station is disconnected; ban - the station is
disconnected and banned for a certain time; ban-forever - the station is
banned forever)
|
ban-forever |
Set the action to ban-forever (Default: alarm)
|
ssid <string>
security screening
{icmp-flood|udp-flood|syn-flood|arp-flood|address-sweep|port-scan|ip-spoof}
threshold <number> action disconnect
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
icmp-flood |
Enable the screening method of icmp-flood (Default: Disabled)
|
udp-flood |
Enable the screening method of udp-flood (Default: Disabled)
|
syn-flood |
Enable the screening method of syn-flood (Default: Disabled)
|
arp-flood |
Enable the screening method of arp-flood (Default: Disabled)
|
address-sweep |
Enable the screening method of address-sweep (Default: Disabled)
|
port-scan |
Enable the screening method of port-scan (Default: Disabled)
|
ip-spoof |
Enable the screening method of ip-spoof (Default: Disabled)
|
threshold |
Set threshold: packets per second for syn-flood and
arp-flood, air time for icmp-flood and udp-flood, milliseconds every 10
packets for address-sweep and port-scan, IP addresses for ip-spoof
|
<number> |
Enter the threshold value (Defaults and Ranges: ICMP
flood: 20%, 1-100%; UDP flood 50%, 1-100%; SYN flood: 1000 pkts/sec,
1-1000000 pkts/sec; ARP flood 100 pkts/sec, 1-1000000 pkts/sec; address
sweep and port scan: 100 ms/10 pkts, 1-10000 ms; IP spoof: 3 src IPs/src
MAC, 2-10 IPs; RADIUS attack: 5 secs/10 rejects, 1-3600 secs)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; drop - the traffic is paused for a certain time;
disconnect - the station is disconnected; ban - the station is
disconnected and banned for a certain time; ban-forever - the station is
banned forever)
|
disconnect |
Set the action to disconnect (Default: alarm)
|
ssid <string>
security screening
{icmp-flood|udp-flood|syn-flood|arp-flood|address-sweep|port-scan|ip-spoof}
threshold <number> action {alarm|drop|ban} <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
screening |
Set the security screen Parameters for the SSID
|
icmp-flood |
Enable the screening method of icmp-flood (Default: Disabled)
|
udp-flood |
Enable the screening method of udp-flood (Default: Disabled)
|
syn-flood |
Enable the screening method of syn-flood (Default: Disabled)
|
arp-flood |
Enable the screening method of arp-flood (Default: Disabled)
|
address-sweep |
Enable the screening method of address-sweep (Default: Disabled)
|
port-scan |
Enable the screening method of port-scan (Default: Disabled)
|
ip-spoof |
Enable the screening method of ip-spoof (Default: Disabled)
|
threshold |
Set threshold: packets per second for syn-flood and
arp-flood, air time for icmp-flood and udp-flood, milliseconds every 10
packets for address-sweep and port-scan, IP addresses for ip-spoof
|
<number> |
Enter the threshold value (Defaults and Ranges: ICMP
flood: 20%, 1-100%; UDP flood 50%, 1-100%; SYN flood: 1000 pkts/sec,
1-1000000 pkts/sec; ARP flood 100 pkts/sec, 1-1000000 pkts/sec; address
sweep and port scan: 100 ms/10 pkts, 1-10000 ms; IP spoof: 3 src IPs/src
MAC, 2-10 IPs; RADIUS attack: 5 secs/10 rejects, 1-3600 secs)
|
action |
Set an action if an alarm is triggered (alarm -
traffic can still pass; drop - the traffic is paused for a certain time;
disconnect - the station is disconnected; ban - the station is
disconnected and banned for a certain time; ban-forever - the station is
banned forever)
|
alarm |
Set the action to alarm (Default: alarm)
|
drop |
Set the action to drop (Default: alarm)
|
ban |
Set the action to ban (Default: alarm)
|
<number> |
Enter the action time in seconds (Range: 1-1000000000; Default: 10 for alarm, 1 for drop, 3600 for ban)
|
ssid <string> security wlan dos station-level frame-type {assoc-req|auth|eapol} ban <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
auth |
Specify WLAN DoS frame type auth
|
eapol |
Specify WLAN DoS frame type eapol
|
ban |
Set the period of time to ignore frames after a theshold has been crossed
|
<number> |
Enter the period of time in seconds to ignore frames after a theshold has been crossed (Default: 60; Min: 0 Max: None)
|
ssid <string> security wlan dos station-level frame-type {assoc-req|auth|eapol} ban forever
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
auth |
Specify WLAN DoS frame type auth
|
eapol |
Specify WLAN DoS frame type eapol
|
ban |
Set the period of time to ignore frames after a theshold has been crossed
|
forever |
Set ban forever
|
ssid <string>
security wlan dos {ssid-level|station-level} frame-type
{probe-req|probe-resp|assoc-req|assoc-resp|disassoc|auth|deauth|eapol|all}
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
ssid-level |
Set DoS parameters at ssid-level
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
probe-req |
Specify WLAN DoS frame type probe-req
|
probe-resp |
Specify WLAN DoS frame type probe-resp
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
assoc-resp |
Specify WLAN DoS frame type assoc-resp
|
disassoc |
Specify WLAN DoS frame type disassoc
|
auth |
Specify WLAN DoS frame type auth
|
deauth |
Specify WLAN DoS frame type deauth
|
eapol |
Specify WLAN DoS frame type eapol
|
all |
Specify WLAN DoS frame type all
|
ssid <string>
security wlan dos {ssid-level|station-level} frame-type
{probe-req|probe-resp|assoc-req|assoc-resp|disassoc|auth|deauth|eapol|all}
alarm <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
ssid-level |
Set DoS parameters at ssid-level
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
probe-req |
Specify WLAN DoS frame type probe-req
|
probe-resp |
Specify WLAN DoS frame type probe-resp
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
assoc-resp |
Specify WLAN DoS frame type assoc-resp
|
disassoc |
Specify WLAN DoS frame type disassoc
|
auth |
Specify WLAN DoS frame type auth
|
deauth |
Specify WLAN DoS frame type deauth
|
eapol |
Specify WLAN DoS frame type eapol
|
all |
Specify WLAN DoS frame type all
|
alarm |
Set the interval in seconds between alarms to indicate continuous DoS conditions
|
<number> |
Enter the interval in seconds between alarms to indicate continuous DoS conditions (Default: 60 secs; Min: 0 Max: None)
|
ssid <string>
security wlan dos {ssid-level|station-level} frame-type
{probe-req|probe-resp|assoc-req|assoc-resp|disassoc|auth|deauth|eapol|all}
threshold <number>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security |
Set the security parameters for the SSID
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
ssid-level |
Set DoS parameters at ssid-level
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
probe-req |
Specify WLAN DoS frame type probe-req
|
probe-resp |
Specify WLAN DoS frame type probe-resp
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
assoc-resp |
Specify WLAN DoS frame type assoc-resp
|
disassoc |
Specify WLAN DoS frame type disassoc
|
auth |
Specify WLAN DoS frame type auth
|
deauth |
Specify WLAN DoS frame type deauth
|
eapol |
Specify WLAN DoS frame type eapol
|
all |
Specify WLAN DoS frame type all
|
threshold |
Set the frame threshold in ppm (packets per minute) that must be crossed to trigger an alarm
|
<number> |
Enter threshold in ppm (Default: ssid-level
probe-req 12000, probe-resp 24000, eapol 6000, auth 6000, assoc-req
6000, assoc-resp 2400, all others 1200; sta-level probe-req 1200 ppm,
probe-resp 2400, eapol 600, auth 600, assoc-req 600, assoc-resp 240, all
others 120; Min: 0 Max: None)
|
ssid <string> security-object <string>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
security-object |
Assign a security object to control network access through this SSID
|
<string> |
Enter the security object name (1-32 chars)
|
ssid <string> uapsd
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
uapsd |
Enable UAPSD (Unscheduled Automatic Power Save Delivery) to support stations using WMM (Wi-Fi Multimedia) Power Save
|
ssid <string> user-group <string>
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
user-group |
Set the user-group for private-PSK on the SSID
|
<string> |
Enter the group name (1-32 chars)
|
ssid <string> wmm
|
ssid |
Set SSID (Service Set Identifier) parameters
|
<string> |
Enter an SSID profile name (1-32 chars)
|
wmm |
Enable the SSID to support WMM (Wi-Fi Multimedia) traffic prioritization
|
system environment {outdoor}
|
system |
Set system parameters
|
environment |
Set the environment in which the system will operate
|
outdoor |
Set the system for outdoor operations
|
system icmp-redirect enable
|
system |
Set system parameters
|
icmp-redirect |
Accept ICMP redirect messages
|
enable |
Enable the accepting of ICMP redirect messages (Default: Disable)
|
system led brightness {soft|dim|off}
|
system |
Set system parameters
|
led |
Set status LED configuration parameters
|
brightness |
Set the brightness level for the status LEDs (Default: bright)
|
soft |
Set brightness level to soft
|
dim |
Set brightness level to dim
|
off |
Set brightness level to off
|
system web-server enable
|
system |
Set system parameters
|
web-server |
Set the web server parameters
|
enable |
Enable the web server (Default: Enabled)
|
teacher-view resource-map name <string> ip <ip_addr> port <port>
|
teacher-view |
Set parameters for Teacher View, a tool for controlling student access to the network and monitoring their activity
|
resource-map |
Map the name of a network resource to an IP address and port number
|
name |
Set the resource name
|
<string> |
Enter the resource name (max 32 chars)
|
ip |
Set the IP address where the resource is located
|
<ip_addr> |
Enter the IP address
|
port |
Set the port number associated with the resource
|
<port> |
[1~65535]Enter the port number (Range: 1-65535)
|
tracert <ip_addr> [ max-hops <number> ] [ timeout <number> ] [ no-resolve ]
|
tracert |
Perform a traceroute
|
<ip_addr> |
Enter a destination IP address
|
max-hops |
Set the maximum number of hops to cross when searching for a target
|
<number> |
Enter the maximum number of hops to cross when searching for a target (Default: 30, Range: 1-255)
|
timeout |
Set the timeout for a response to a probe
|
<number> |
Enter the timeout in seconds for a response to a probe (Range: 2-65535)
|
no-resolve |
Do not resolve addresses to domain names
|
tracert <string> [ max-hops <number> ] [ timeout <number> ] [ no-resolve ]
|
tracert |
Perform a traceroute
|
<string> |
Enter a destination hostname (1-32 characters)
|
max-hops |
Set the maximum number of hops to cross when searching for a target
|
<number> |
Enter the maximum number of hops to cross when searching for a target (Default: 30, Range: 1-255)
|
timeout |
Set the timeout for a response to a probe
|
<number> |
Enter the timeout in seconds for a response to a probe (Range: 2-65535)
|
no-resolve |
Do not resolve addresses to domain names
|
track <string> [ ip <ip_addr> ]
|
track |
Set parameters to track the reachability of one or more devices on the network
|
<string> |
Enter the name for a group of one or more targets to track (1-32 chars)
|
ip |
Set an IP address for tracking
|
<ip_addr> |
Enter an IP address for tracking
|
track <string> action start-mesh-failover
|
track |
Set parameters to track the reachability of one or more devices on the network
|
<string> |
Enter the name for a group of one or more targets to track (1-32 chars)
|
action |
Set the action to take when there are no longer responses from any tracked targets in a group
|
start-mesh-failover |
Start the mesh failover procedure
|
track <string> action {enable-access-console|disable-access-radio}
|
track |
Set parameters to track the reachability of one or more devices on the network
|
<string> |
Enter the name for a group of one or more targets to track (1-32 chars)
|
action |
Set the action to take when there are no longer responses from any tracked targets in a group
|
enable-access-console |
Enable the virtual access console
|
disable-access-radio |
Disable all radios in access mode
|
track <string> default-gateway
|
track |
Set parameters to track the reachability of one or more devices on the network
|
<string> |
Enter the name for a group of one or more targets to track (1-32 chars)
|
default-gateway |
Set the default gateway for tracking
|
track <string> enable
|
track |
Set parameters to track the reachability of one or more devices on the network
|
<string> |
Enter the name for a group of one or more targets to track (1-32 chars)
|
enable |
Enable the group name for tracking (Default: Enable)
|
track <string> interval <number>
|
track |
Set parameters to track the reachability of one or more devices on the network
|
<string> |
Enter the name for a group of one or more targets to track (1-32 chars)
|
interval |
Set the interval for sending probes to track the IP address of a target
|
<number> |
Enter the tracking interval (Default: 6 seconds;
Range: 1-180; Note: The tracking interval must not be shorter than the
probe timeout.)
|
track <string> multi-dst-logic {and|or}
|
track |
Set parameters to track the reachability of one or more devices on the network
|
<string> |
Enter the name for a group of one or more targets to track (1-32 chars)
|
multi-dst-logic |
Determine if one or all tracked targets within a group must become unresponsive before taking action
|
and |
Take action if none of the members in the group is responding (Default:or)
|
or |
Take action if any single member in the group is not responding (Default:or)
|
track <string> retry <number>
|
track |
Set parameters to track the reachability of one or more devices on the network
|
<string> |
Enter the name for a group of one or more targets to track (1-32 chars)
|
retry |
Set the number of times to retry probing an unresponsive target
|
<number> |
Enter the retry value (Default: 2 times; Range: 0-1024)
|
track <string> timeout <number>
|
track |
Set parameters to track the reachability of one or more devices on the network
|
<string> |
Enter the name for a group of one or more targets to track (1-32 chars)
|
timeout |
Set the length of time to wait for a response to a probe
|
<number> |
Enter the timeout value (Default: 2 seconds; Range: 1-180; Note: The timeout value must not be more than the interval value.)
|
user <string>
|
user |
Add one user or change user parameters
|
<string> |
Enter the user name (1-32 chars)
|
user <string> group <string>
|
user |
Add one user or change user parameters
|
<string> |
Enter the user name (1-32 chars)
|
group |
Attach the user to a user-group
|
<string> |
Enter the group name (1-32 chars)
|
user <string> password <string>
|
user |
Add one user or change user parameters
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password for user
|
<string> |
Enter the secret string (8-63 chars)
|
user-group <string>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
user-group <string> auto-generation bulk-number <number> bulk-interval <number> <time>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
auto-generation |
Generate the password automatically
|
bulk-number |
Set the user number of the bulk group
|
<number> |
Enter the user number of the bulk group (Default: 1 ; Range: 1-9999)
|
bulk-interval |
Set the interval of the bulk group
|
<number> |
Enter the day interval of the bulk group (Default: 0 day; Range: 0-365)
|
<time> |
Enter the hour and minute interval of the bulk group(Format: hh:mm; Hour Range: 00-23; Minute Range: 0-59)
|
user-group <string> auto-generation index-range <number> [ <number> ]
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
auto-generation |
Generate the password automatically
|
index-range |
Set the index range for the users for whom you want to generate network access credentials (user name, password, and PSK)
|
<number> |
Enter the start of the index range (Range: 1-9999)
|
<number> |
Enter the end of the index range (Range: starting index number-9999)
|
user-group <string> auto-generation location <string>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
auto-generation |
Generate the password automatically
|
location |
Set the user's physical location, which is combined
with other factors (user name, shared secret, ...) when generating the
password automatically
|
<string> |
Enter the location (1-32 characters)
|
user-group <string> auto-generation password-length <number>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
auto-generation |
Generate the password automatically
|
password-length |
Set the length of the automatically generated password
|
<number> |
Enter the password length (Range: 8-63; Default: 8)
|
user-group <string> auto-generation prefix <string>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
auto-generation |
Generate the password automatically
|
prefix |
Set the prefix username for automatically generate password
|
<string> |
Enter the prefix (1-28 characters)
|
user-group <string> auto-generation revoke-user <number> [ <number> ]
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
auto-generation |
Generate the password automatically
|
revoke-user |
Set the index range for the revoked users
|
<number> |
Enter the start of the index range (Range: 1-1024)
|
<number> |
Enter the end of the index range (Range: starting index number-1024)
|
user-group <string> auto-generation schedule <string>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
auto-generation |
Generate the password automatically
|
schedule |
Bind a schedule to change password automatically by it
|
<string> |
Enter the name of the schedule (1-32 chars)
|
user-group <string> auto-generation shared-secret <string>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
auto-generation |
Generate the password automatically
|
shared-secret |
Set the shared secret that is combined with other factors (user name, location, ...) when generating the password automatically
|
<string> |
Enter the shared secret (1-64 characters)
|
user-group <string> cache-mode {temporary|mandatory}
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
cache-mode |
Set user-group cache mode
|
temporary |
Set user-group cache mode to temporary
|
mandatory |
Set user-group cache mode to mandatory
|
user-group <string> expired-time <date/time>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
expired-time |
Set the end of the time period during which the PSK is valid
|
<date/time> |
Enter the date and time when the PSK expires
(Format: YYYY-MM-DD/hh:mm:ss; Range: 1970-01-01 to 2035-12-31/hh
(00-23), mm (00-59), ss (00-59))
|
user-group <string> password-generation-method {manual|auto}
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
password-generation-method |
Set password generation method for the user group
|
manual |
Set password generation method to manual
|
auto |
Set password generation method to auto
|
user-group <string> pmk-auto-save
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
pmk-auto-save |
Enable automatically save PMK to flash
|
user-group <string> psk-format character-pattern {letters|digits|special-characters}
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
psk-format |
Set the format parameters for creating individual user PSKs (preshared keys)
|
character-pattern |
Set the types of characters that can be used in
automatically generated and manually configured PSKs and how the
character types can be combined
|
letters |
Use letters in PSKs
|
digits |
Use digits in PSKs
|
special-characters |
Use special characters in PSKs
|
user-group <string> psk-format combo-pattern {or|and|no}
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
psk-format |
Set the format parameters for creating individual user PSKs (preshared keys)
|
combo-pattern |
Set the way in which various types of characters can be combined in PSKs
|
or |
Include one character type or a combination of different types in the PSKs (Default)
|
and |
Include a combination of all specified character types in the PSKs
|
no |
Include one character type in the PSKs (Note: If you
specify multiple character types and set this option, only letters are
used, if specified. If not, then only digits are used.)
|
user-group <string> psk-generation-method username-and-password concatenated-characters <string>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
psk-generation-method |
Set the elements from which the private PSK will be derived: password only or username and password
|
username-and-password |
Set private-PSK generation method to username-and-password
|
concatenated-characters |
Set format for concatenating the characters in the PSK that comprises a user name and password
|
<string> |
Enter the characters used to concatenate the user name and password (Default: None; Range: 1-8 chars)
|
user-group <string> psk-generation-method {password-only|username-and-password}
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
psk-generation-method |
Set the elements from which the private PSK will be derived: password only or username and password
|
password-only |
Set private-PSK generation method to password-only (Default)
|
username-and-password |
Set private-PSK generation method to username-and-password
|
user-group <string> reauth-interval <number>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
reauth-interval |
Set an interval after which a user in an ongoing RADIUS session must reauthenticate
|
<number> |
Enter the length of time in seconds before
reauthentication (Default: 1800; Range: 600-86400, or 0 to remove the
user reauthentication requirement)
|
user-group <string> start-time <date/time>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
start-time |
Set the start of the time period during which the PSK is valid
|
<date/time> |
Enter the start date and time of the date (Format:
YYYY-MM-DD/hh:mm:ss; Range: 1970-01-01 to 2035-12-31/hh (00-23), mm
(00-59), ss (00-59))
|
user-group <string> user-attribute <number>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
user-attribute |
Set a RADIUS attribute or a range of attributes to the user group
|
<number> |
Enter a numeric value for a single RADIUS attribute (Default: none; Range: 0-4095)
|
user-group <string> vlan-id <number>
|
user-group |
Set user group parameters
|
<string> |
Enter the user group name (1-32 chars)
|
vlan-id |
Set a VLAN ID for the user group
|
<number> |
Enter the default VLAN ID for the user group (Default: none; Range: 1-4094)
|
user-profile
<string> [ qos-policy <string> ] [ vlan-id <number> ] [
mobility-policy <string> ] [ attribute <number> [ -
<number> ] ]
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
qos-policy |
Assign QoS policy to the user profile
|
<string> |
Enter the QoS policy name (1 - 32 chars)
|
vlan-id |
Set the default VLAN ID for the user profile
|
<number> |
Enter the default VLAN ID for the user profile (Range: 1-4094)
|
mobility-policy |
Assign mobility policy to the user profile
|
<string> |
Enter the mobility policy name (1 - 32 chars)
|
attribute |
Map a RADIUS attribute or a range of attributes to the user profile
|
<number> |
Enter a numeric value for a single RADIUS attribute or the starting value for a range (Range: 0-4095)
|
- |
Set a range of RADIUS attributes
|
<number> |
Enter the ending value for a RADIUS attribute range (Range: 0-4095)
|
user-profile <string> cac airtime-percentage <number> [ share-time ]
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
cac |
Set CAC (Call Admission Control) parameters for regulating the admission of new VoIP calls
|
airtime-percentage |
Set the percentage of airtime reserved for the VoIP calls of users belonging to the user profile
|
<number> |
Enter the percentage (Default: 0; Range: 0-100)
|
share-time |
Enable the user profile to share any unused airtime with other user profiles (Default: Disabled)
|
user-profile <string> ip-policy-default-action {permit|deny|inter-station-traffic-drop}
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
ip-policy-default-action |
Set the IP policy default action for the user profile
|
permit |
Set the default action to permit
|
deny |
Set the default action to deny
|
inter-station-traffic-drop |
Set the action to drop traffic between stations if
they are both associated with one or more members of the same cluster
(Default: deny)
|
user-profile <string> mac-policy-default-action {permit|deny}
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
mac-policy-default-action |
Set the MAC policy default action for the user profile
|
permit |
Set the default action to permit
|
deny |
Set the default action to deny
|
user-profile <string> schedule <string>
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
schedule |
Set a schedule during which the SmartPath AP will apply the user profile
|
<string> |
Enter a schedule name (1-32 characters)
|
user-profile <string> security ip-policy [ from-access <string> ] [ to-access <string> ]
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
security |
Set the security parameters for the user profile
|
ip-policy |
Set the security IP policy parameters for the user profile
|
from-access |
Set parameters for packets that source IP is station's
|
<string> |
Enter an IP policy name (1-32 chars)
|
to-access |
Set parameters for packets that destination IP is station's
|
<string> |
Enter an IP policy name (1-32 chars)
|
user-profile <string> security mac-policy [ from-access <string> ] [ to-access <string> ]
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
security |
Set the security parameters for the user profile
|
mac-policy |
Set the security MAC policy parameters for a user profile
|
from-access |
Set parameters for packets that source MAC is station`s
|
<string> |
Enter a MAC policy name (1-32 chars)
|
to-access |
Set parameters for packets that destination MAC is station`s
|
<string> |
Enter a MAC policy name (1-32 chars)
|
user-profile <string> tunnel-policy <string>
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
tunnel-policy |
Set the tunnel policy to apply to traffic belonging to members of the user profile
|
<string> |
Enter the name of the tunnel policy name (1-32 chars)
|
user-profile <string> {after|before} <string>
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
after |
Move the user profile after another user profile
|
before |
Move the user profile before another user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
user-profile <string> {performance-sentinel} action {log|boost}
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
performance-sentinel |
Set performance sentinel parameters to moderate client throughput
|
action |
Set an action to take in response to a performance sentinel violation
|
log |
Generate a log entry about the performance sentinel violation (Default: Log)
|
boost |
Increase the performance available for clients so they can obtain their minimum guaranteed bandwidth (Default: Log)
|
user-profile <string> {performance-sentinel} enable
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
performance-sentinel |
Set performance sentinel parameters to moderate client throughput
|
enable |
Enable performance sentinel (Default: Disabled)
|
user-profile <string> {performance-sentinel} guaranteed-bandwidth <number>
|
user-profile |
Set parameters for a user profile
|
<string> |
Enter the user profile name (1 - 32 chars)
|
performance-sentinel |
Set performance sentinel parameters to moderate client throughput
|
guaranteed-bandwidth |
Set the minimum guaranteed bandwidth per user
|
<number> |
Enter the minimum guaranteed bandwidth (Default: 1000 Kbps; Range: 100-500000)
|
vpn ipsec-tunnel <string> dpd idle-interval <number> retry <number> retry-interval <number>
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
dpd |
Set DPD (Dead Peer Detection) parameters for the IPsec tunnel
|
idle-interval |
Set the interval for sending DPD R-U-There messages
|
<number> |
Enter the interval in seconds (Range: 0-65535; Default: 10; Note: 0 disables DPD)
|
retry |
Set the number of times to retry sending a DPD R-U-There message when it does not elicit a response
|
<number> |
Enter the number of messages to retry sending (Range: 1-65535; Default: 5)
|
retry-interval |
Set the interval for resending DPD R-U-There messages
|
<number> |
Enter the retry interval in seconds (Range: 1-60; Default: 3)
|
vpn ipsec-tunnel <string> gateway <ip_addr> client-name <string> password <string>
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
gateway |
Set the address of the IKE gateway at the server end of the VPN tunnel (Note: Only define an IKE gateway on VPN clients.)
|
<ip_addr> |
Enter an IKE gateway address
|
client-name |
Set the name that the VPN client uses to authenticate itself to the VPN server using Xauth
|
<string> |
Enter the client name (8-32 chars)
|
password |
Set password that the VPN client uses to authenticate itself to the VPN server using Xauth
|
<string> |
Enter the password string (16-32 chars)
|
vpn ipsec-tunnel <string> ike phase1 auth-method {hybrid|rsa-sig|psk}
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
ike |
Set IKE (Internet Key Exchange) parameters
|
phase1 |
Set IKE phase 1 parameters
|
auth-method |
Set the authentication method for IKE phase 1 negotiations
|
hybrid |
Set peer authentication in hybrid mode (Default:
Hybrid mode, in which the VPN server authenticates itself with an RSA
signature and the client authenticates itself through Xauth.)
|
rsa-sig |
Set both VPN peers--server and client--to authenticate themselves with RSA signatures (Default: Hybrid mode)
|
psk |
Set both VPN peers--server and client--to authenticate themselves with a preshared key
|
vpn ipsec-tunnel <string> ike phase1 dh-group {group1|group2|group5}
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
ike |
Set IKE (Internet Key Exchange) parameters
|
phase1 |
Set IKE phase 1 parameters
|
dh-group |
Set the Diffie-Hellman group for generating a shared key during phase 1 negotiations
|
group1 |
Use Diffie-Hellman group 1 (Default: Diffie-Hellman group 2)
|
group2 |
Use Diffie-Hellman group 2 (Default: Diffie-Hellman group 2)
|
group5 |
Use Diffie-Hellman group 5 (Default: Diffie-Hellman group 2)
|
vpn ipsec-tunnel <string> ike phase1 psk <string>
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
ike |
Set IKE (Internet Key Exchange) parameters
|
phase1 |
Set IKE phase 1 parameters
|
psk |
Set the preshared key used for VPN peer authentication
|
<string> |
Enter the preshared key string (1-128 chars)
|
vpn ipsec-tunnel <string> ike phase2 pfs-group {no-pfs|group1|group2|group5}
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
ike |
Set IKE (Internet Key Exchange) parameters
|
phase2 |
Set IKE phase 2 parameters
|
pfs-group |
Set the PFS (perfect forward secrecy) parameters for phase 2 negotiations
|
no-pfs |
Do not perform a second Diffie-Hellman key exchange during phase 2 negotiations (Default: Diffie-Hellman group 2)
|
group1 |
Use Diffie-Hellman group 1 (Default: Diffie-Hellman group 2)
|
group2 |
Use Diffie-Hellman group 2 (Default: Diffie-Hellman group 2)
|
group5 |
Use Diffie-Hellman group 5 (Default: Diffie-Hellman group 2)
|
vpn ipsec-tunnel <string> ike {phase1|phase2} encryption-algorithm {3des|aes128|aes192|aes256}
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
ike |
Set IKE (Internet Key Exchange) parameters
|
phase1 |
Set IKE phase 1 parameters
|
phase2 |
Set IKE phase 2 parameters
|
encryption-algorithm |
Set the encryption algorithm
|
3des |
Use 3DES (Triple DES, Data Encryption Standard) as the encryption algorithm (Default: AES-128)
|
aes128 |
Use AES (Advanced Encryption Standard) with a 128-bit key as the encryption algorithm (Default: AES-128)
|
aes192 |
Use AES with a 192-bit key as the encryption algorithm (Default: AES-128)
|
aes256 |
Use AES with a 256-bit key as the encryption algorithm (Default: AES-128)
|
vpn ipsec-tunnel <string> ike {phase1|phase2} hash {md5|sha1}
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
ike |
Set IKE (Internet Key Exchange) parameters
|
phase1 |
Set IKE phase 1 parameters
|
phase2 |
Set IKE phase 2 parameters
|
hash |
Set the IKE hash algorithm
|
md5 |
Use MD-5 (Message Digest, version 5) as the hash algorithm (Default: SHA-1)
|
sha1 |
Use SHA-1 (Secure Hash Algorithm) as the hash algorithm (Default: SHA-1)
|
vpn ipsec-tunnel <string> ike {phase1|phase2} lifetime <number>
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
ike |
Set IKE (Internet Key Exchange) parameters
|
phase1 |
Set IKE phase 1 parameters
|
phase2 |
Set IKE phase 2 parameters
|
lifetime |
Set the SA (security association) lifetime (Note:
Before the SA expires, the authentication and encryption keys are
automatically refreshed with new ones.)
|
<number> |
Enter the SA expiration time in seconds (Range: 180-10000000;Phase 1 Default: 86400; Phase 2 Default: 3600 )
|
vpn ipsec-tunnel <string> local-ike-id {asn1dn|address|fqdn|ufqdn} <string>
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
local-ike-id |
Set the IKE identity for the local SmartPath AP
|
asn1dn |
Set the IKE identity type as an ASN.1 DN (Abstract
Syntax Notation One Distinguished Name; Example: C=US, ST=CA, L=SF,
O=Black Box, OU=Sales, CN=PaulSmith)
|
address |
Set the IKE identity type as an IP address (Example: 10.1.1.5)
|
fqdn |
Set the IKE identity type as an FQDN (fully qualified domain name; Example: www.oem_name_low.com)
|
ufqdn |
Set the IKE identity type as a user FQDN (Example: psmith@oem_name_low.com)
|
<string> |
Enter the IP address, or user FQDN (email address), or FQDN, or ASN.1 DN (1-128 chars)
|
vpn ipsec-tunnel <string> nat-traversal enable
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
nat-traversal |
Set the VPN to be able to traverse NAT devices encountered along its data path
|
enable |
Enable NAT traversal (Default: Enabled)
|
vpn ipsec-tunnel <string> peer-ike-id {asn1dn|address|fqdn|ufqdn} <string>
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
ipsec-tunnel |
Set IPsec tunnel parameters
|
<string> |
Enter the name of the IPsec tunnel entry (1-32 chars)
|
peer-ike-id |
Set IKE identity for the remote VPN peer
|
asn1dn |
Set the IKE identity type as an ASN.1 DN (Abstract
Syntax Notation One Distinguished Name; Example: C=US, ST=CA, L=SF,
O=Black Box, OU=Sales, CN=PaulSmith)
|
address |
Set the IKE identity type as an IP address (Example: 10.1.1.5)
|
fqdn |
Set the IKE identity type as an FQDN (fully qualified domain name; Example: www.oem_name_low.com)
|
ufqdn |
Set the IKE identity type as a user FQDN (Example: psmith@oem_name_low.com)
|
<string> |
Enter the IP address, or user FQDN (email address), or FQDN, or ASN.1 DN (1-128 chars)
|
vpn tunnel-policy <string> client ipsec-tunnel <string> [ primary ]
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
tunnel-policy |
Set the IPsec tunnel policy
|
<string> |
Enter a tunnel policy name (1-32 chars)
|
client |
Set the tunnel policy for a VPN client
|
ipsec-tunnel |
Set the IPsec tunnel entry to use in the tunnel policy
|
<string> |
Enter the IPsec tunnel entry name (1-32 chars)
|
primary |
Set the VPN entry as the primary VPN gateway
|
vpn tunnel-policy <string> password <string>
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
tunnel-policy |
Set the IPsec tunnel policy
|
<string> |
Enter a tunnel policy name (1-32 chars)
|
password |
Set the password for the GRE tunnel check (Note: The
password on the server and client must match for the GRE tunnel check
to succeed.)
|
<string> |
Enter a password (8-32 chars)
|
vpn {client-ipsec-tunnel} <string>
|
vpn |
Set parameters for VPN (virtual private network) tunneling
|
client-ipsec-tunnel |
Set the local SmartPath AP as a client that builds an IPsec tunnel to the VPN server
|
<string> |
Enter the name of a VPN tunnel entry (1-32 chars)
|
web-directory <string> link-to-resources <string> <string>
|
web-directory |
Create a web directory for the internal web server
|
<string> |
Enter the name of the web directory to store files
used by a captive web portal or, when preceded by "ppsk-self-reg", for
use with private PSK self-registration (1-32 chars)
|
link-to-resources |
Create a link to a web directory whose content can
be shared by all captive web portals or to a specific file in that
shared directory
|
<string> |
Enter the name of the link (Max: 32 chars; Note:
Each web directory includes a default link called "shared" that points
to a predefined directory named "shared".)
|
<string> |
Enter the name of the target directory (Max: 32 chars; Example: shared)
|
web-directory [ {ppsk-self-reg} ] <string>
|
web-directory |
Create a web directory for the internal web server
|
ppsk-self-reg |
Create a web directory for the private PSK server to use when receiving self-registration requests
|
<string> |
Enter the name of the web directory to store files
used by a captive web portal or, when preceded by "ppsk-self-reg", for
use with private PSK self-registration (1-32 chars)
|
Through the SmartPath CLI, you can log in to a SmartPath AP and perform the following operations:
- Configure firmware features and hardware components
- View settings
- View and clear dynamically generated data
- Update firmware
- Save a configuration to and from the device
- Reset the device
To access the CLI, you can make a direct serial connection through the console port (on SmartPath AP models that have
one) or a Telnet or SSH connection over the network through the Ethernet interface or an SSID on a Wifi subinterface
to the mgt0 interface. Each method is described in the following sections:
For an introduction to the CLI and some useful tips, see the following sections:
You can make a direct serial connection from
your management system to the SmartPath AP and log in to the CLI. For
details and pin assignments, see the SmartPath Deployment Guide. Follow these steps:
- Connect the power cable to the SmartPath AP and turn on the power.
- Depending on the SmartPath AP model, connect one end of an RS-232
(or "null modem") serial cable or an RJ-45-to-DB-9 serial cable to the
serial port (or Com port) on your management system.
- Connect the other end of the cable to the console port on the SmartPath AP.
- On your management system, run a VT100 terminal emulation program, such as Tera Term Pro (a free terminal
emulator) or Hilgraeve Hyperterminal (provided with Windows operating systems). Use the following settings:
- Bits per second (baud rate):9600
- Data bits: 8
- Parity: none
- Stop bits: 1
- Flow control: none
- Press the ENTER key to see the login prompt.
- Log in using the default user name admin and password blackbox.
You can make a Telnet connection from your management system to the SmartPath AP across an Ethernet or WiFi network
(or even just across an Ethernet cable between your management system and the SmartPath AP). Because Telnet uses a
client/server relationship, you need a Telnet client on your management system. (All Windows operating systems
include a Telnet client.) The client connects to the Telnet server on the SmartPath AP using TCP port 23.
Because a Telnet connection requires that the SmartPath AP already have an IP address, you must first make a serial
connection to the device and assign it an address using the interface command:
interface mgt0 ip_addr netmask
where ip_addr netmask define an address on the network that is accessible from your management system. See
"Using the Console Port".
By default, Telnet manageability is disabled on SmartPath APs. You must first access the SmartPath AP by another means-
console, SSH, or SmartPath EMS--and enable it. Use the following commands to enable Telnet
through an Ethernet interface and through an SSID (for wireless Telnet access):
interface { eth0 | eth1 } manage telnet
ssid <string> manage telnet
1. With the SmartPath AP connected to a power source, connect an Ethernet cable from the Ethernet port on the SmartPath AP
to a switch that is on the same network as your management system. Optionally, you can connect the Ethernet
cable from the SmartPath AP directly to your management system.
Note: |
Because the Ethernet port on the SmartPath AP is autosensing,
the cable can have either straight-through or
cross-over wiring. For details, see the SmartPath Deployment Guide.
|
After you have created an SSID and enabled Telnet access to the mgt0 interface through that SSID, you can form
a wireless association with the SmartPath AP and use Telnet to access the CLI wirelessly.
2. On your management system, run the Telnet client and connect to the Telnet server on the SmartPath AP. In Windows,
for example, do the following:
2. In the command prompt, type telnet, and then click OK.
Welcome to Microsoft Telnet Client
Escape Character is 'CTRL+]'
3. At the Microsoft Telnet> prompt, enter the IP address of the mgt0 interface, and then press Enter.
The Telnet client on the management system connects to the Telnet server on the SmartPath AP. The login prompt
appears.
3. Log in using your user name and password. The default user name is admin and the default password is
blackbox.
You can make an SSH2 (Secure Shell version 2) connection from an SSH client on your management system to the SSH
server on the SmartPath AP across an Ethernet or WiFi network. SSH allows you to open a remote command shell securely
and run commands on the SSH server. You need an SSHv2 client, such as puTTY (a free SSHv2 client), on your
management system. The client connects to the SSHv2 server on the SmartPath AP using TCP port 22.
Because an SSH connection requires that the SmartPath AP already have an IP address, you must first make a serial
connection to the device and assign it an address using the interface command:
interface mgt0 ip_addr netmask
where ip_addr netmask define an address on the network that is accessible from your management system. See
"Using the Console Port".
By default, SSH manageability is enabled on Ethernet interfaces and SSIDs.
1. With the SmartPath AP connected to a power source, connect an Ethernet cable from the Ethernet port on the SmartPath AP
to a switch that is on the same network as your management system. Optionally, you can connect the Ethernet
cable from the SmartPath AP directly to your management system.
Note: |
Because the Ethernet port on the SmartPath AP is autosensing,
the cable can have either straight-through or
cross-over wiring. For details, see the SmartPath Deployment Guide.
|
After you have created an SSID, you can form a wireless association with the SmartPath AP and use SSH to access the
CLI wirelessly.
2. On your management system, run the SSHv2 client and connect to the SSHv2 server on the SmartPath AP. Using puTTY,
for example, do the following:
1. Launch puTTY, and then click Session in the Category menu tree.
2. In the Host Name (or IP address) field, enter the IP address of the mgt0 interface, and then select SSH.
3. Click SSH in the Category menu tree, and make sure that the Preferred SSH protocol version is 2 or 2 only.
4. To initiate an SSH connection to the SmartPath AP, click Open.
The SSH client on the management system connects to the SSH server on the SmartPath AP. The login prompt
appears.
3. Log in using your user name and password. The default user name is admin and the default password is
blackbox.
There are three main types of commands in the SmartPath CLI:
- keyword commands for setting various parameters. Examples are the admin and interface commands.
- show commands for displaying parameters or dynamically generated data. Examples are the show service
and show memory commands.
- action commands for executing some type of action. Examples are ping, save, and reboot commands.
To see a list of commands, and their accompanying CLI Help, type a question mark ( ? ). For example, to display all
the keyword and action commands, enter a question mark at the command prompt:
blackbox#?
aaa |
Set parameters for AAA (authentication, authorization, accounting) |
access-console |
Set access console parameters |
admin |
Set administrators and passwords |
... |
... |
To display all the show commands, enter the following:
blackbox#show ?
aaa |
Show parameters for AAA (authentication, authorization, accounting) |
access-console |
Show access console status and parameters |
acsp |
Show parameters for ACSP (Black Box Channel Selection Protocol) |
... |
... |
To see all the commands beginning with a particular character or string of characters, enter the character or
character string followed immediately by a question mark; that is, do not include a space between the last
character and the question mark. For example, to see all the commands beginning with "a", enter the following:
blackbox#a?
aaa |
Set parameters for AAA (authentication, authorization, accounting) |
access-console |
Set access console parameters |
admin |
Set administrators and passwords |
Similar to the above methods for seeing lists of commands, you can use a question mark within commands to see
subsequent choices. For example, to see the options following clock, enter the following:
blackbox#clock ?
date-time |
Set the date and time for the internal clock |
time-zone |
Set the time zone for the internal clock |
If you want to find a command that uses a particular character or string of characters, you can do a search using the
following command:
show cmds | include string
where string is the word or string of characters you want to find. For example, if you want to see all the
commands in which the word "enable" appears, enter the following:
blackbox#show cmds | include enable
Searching for just the string of letters "ena" produces similar results:
blackbox#show cmds | include ena
Note: |
You can search for more than one word by enclosing them within quotation marks.
For example, you can do a search for "qos class" to see the commands containing "qos classifier".
|
You can filter the output of a show command to include or exclude certain text strings. To do this use the following
syntax: show cmd | { exclude | include } string. For example, to find the MAC address 0016:cf8d:56bc among a
number of associated stations in SSID "west", enter the following command:
blackbox#show ssid west stations | include 0016:cf8d:56bc
0016:cf8d:56bc 11 1M 68 8021x aes ccm00:21:17 1 Yes
If you want to filter a space-separated string, put the string within quotation marks. For example, to filter a MAC
address ending with "20" on the eth0 interface, enter the following:
blackbox#show route | include "0 4096"
0019:770e:55a0 0019:770e:5580 wifi1.1 0 4096 IL
The SmartPath CLI supports command line completion (or "tab completion"), which allows you to complete the
remainder of an unambiguous word by pressing the TAB key. For example:
blackbox#show qos co (Press TAB here.)
blackbox#show qos counter (The word "counter" is automatically completed.)
If the remainder of the word is ambiguous, pressing TAB twice shows the possibilities. For example:
blackbox#show qos c (Press TAB here.)
blackbox#show qos c (Press TAB again.)
blackbox#show qos c
classifier-map classifier-profile counter (The three subsequent choices appear.)
The following keyboard commands are useful to know and can make your
work with the CLI more efficient. Note that the plus sign ( + )
indicates that both keys must be pressed simultaneously. For example,
CTRL + s means "press the CTRL key and the s key at the same time". If
there is no plus sign between adjacent key names, press them
sequentially. For example, ESC b means "press the ESC key and then press
the b key".
To perform this task |
Press this key or key combination |
Lock the console |
CTRL + s |
Unlock the console |
CTRL + q |
Stopping the display of output, such as the output of the show log buffered command |
q |
Advance the display of lengthy output, such as the
output from the show logging messages
command, by one line |
ENTER |
Advance the display of lengthy output by sets of multiple lines at a time |
TAB |
Autocomplete an unambiguous keyword when typing a command |
TAB |
Stopping the execution of a task, such as sending ICMP echo requests |
CTRL+c |
Moving backward or forward through command history |
UP ARROW or CTRL + p (to move backward) and DOWN ARROW or CTRL + n (to move forward) |
Moving backward or forward in a command |
LEFT ARROW or CTRL + b (to move backward) and RIGHT ARROW or CTRL + f (to move forward) |
Move the cursor backward or forward through a command word by word |
ESC b (to move backward) and ESC f (to move forward) |
Move the cursor to the beginning or end of a command |
CTRL + a (to move to the beginning) and CTRL + e (to move to the end) |
Erase the character under the cursor |
CTRL + d |
Erase the character to the left of the cursor |
BACKSPACE or CTRL + h |
Erase the previous word |
CTRL + w |
Erase everything on the line to the left of the cursor |
CTRL + u |
Erase everything on the line under and to the right of the cursor |
CTRL + k |
Reverse the last two characters in a command; for example, to change show ssdi to show ssid |
CTRL + t |
Execute a command |
ENTER or CTRL + j or CTRL + m |
Log out of the console session |
CTRL + \ |