Configuring the AP System Profile

The AP system profile configuration settings are divided into four groups, General, LMS Settings, Remote AP and Advanced. The General, LMS Settings, and Remote AP sections of this profile include configuration settings that often need to be adjusted to suit a specific network. The Advanced tab includes settings that do not need frequent adjustment or should be kept at their default values.

The AP system profile can be enabled using SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. for high end encryption. The AP provides a remote login function for each user to access the AP shell, SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. in such cases enables state-of-art encryption to avoid network attack or risk of malicious users. When an Aruba AP user establishes a remote login function using Linux, the AP uses Telnet to establish the connection. Now an Aruba AP can be connected using SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. protocol for security and high end encryption.

For console access via SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. , the user name is root and the password will the be same the console password specified in the AP system profile.

The following procedure describes how to configure AP settings using the AP system profile:

  1. In the Managed Network node hierarchy, navigate to Configuration > System > Profiles tab.
  2. In the All Profiles list, expand the AP menu, then select AP system.
  3. Select the AP system profile you want to edit, or click + to create a new profile.
  4. Configure the profile parameters described in AP System Profile Configuration, then click Submit.
  5. Click Pending Changes.
  6. In the Pending Changes window, select the check box and click Deploy Changes.

To specify the server details to receive the core dump when an AP process crashes, select an AP system profile and click on Dump Collection. To allow the core dump files to be sent to the managed device, access the managed device command-line interface and issue the ap-crash-transfer command.

Table 1: AP System Profile Configuration

Parameter

Description

Profile Name

 

General

RF Band

For APs that support both 802.11a 802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps. and 802.11b 802.11b is a WLAN standard often called Wi-Fi and is backward compatible with 802.11. Instead of the Phase-Shift Keying (PSK) modulation method used in 802.11 standards, 802.11b uses Complementary Code Keying (CCK) that allows higher data speeds and makes it less susceptible to multipath-propagation interference. 802.11b operates in the 2.4 GHz band and the maximum data transfer rate is 11 Mbps./g RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. bands Band refers to a specified range of frequencies of electromagnetic radiation., specify the RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. band Band refers to a specified range of frequencies of electromagnetic radiation. in which the AP should operate:

RF Band for AM Mode scanning

For Air Monitors that support both 802.11a 802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps. and 802.11b 802.11b is a WLAN standard often called Wi-Fi and is backward compatible with 802.11. Instead of the Phase-Shift Keying (PSK) modulation method used in 802.11 standards, 802.11b uses Complementary Code Keying (CCK) that allows higher data speeds and makes it less susceptible to multipath-propagation interference. 802.11b operates in the 2.4 GHz band and the maximum data transfer rate is 11 Mbps./g RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. bands Band refers to a specified range of frequencies of electromagnetic radiation., specify the RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. band Band refers to a specified range of frequencies of electromagnetic radiation. which the AM Air Monitor. AM is a mode of operation supported on wireless APs. When an AP operates in the Air Monitor mode, it enhances the wireless networks by collecting statistics, monitoring traffic, detecting intrusions, enforcing security policies, balancing wireless traffic load, self-healing coverage gaps, and more. However, clients cannot connect to APs operating in the AM mode. should scan:

Native VLAN ID

Native VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. for bridge mode virtual APs (frames on the native VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. are not tagged with 802.1q tags).

WIDS AMPDU Optimization

Reduce the number of frames copied for the purpose of WIDS Wireless Intrusion Detection System. WIDS is an application that detects the attacks on a wireless network or wireless system. aggregate MPDU MAC Protocol Data Unit. MPDU is a message exchanged between MAC entities in a communication system based on the layered OSI model. Optimization.

Default: Enabled.

Session ACL

Session ACL Access Control List. ACL is a common way of restricting certain types of traffic on a physical port. configured with the ip access-list session command.

NOTE: This parameter requires the PEFNG Policy Enforcement Firewall. PEF also known as PEFNG provides context-based controls to enforce application-layer security and prioritization. The customers using Aruba mobility controllers can avail PEF features and services by obtaining a PEF license. PEF for VPN users—Customers with PEF for VPN license can apply firewall policies to the user traffic routed to a controller through a VPN tunnel. license.

Corporate DNS Domain

Name of domain that is resolved by corporate DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. servers. Use this parameter when configuring split-tunnel forwarding.

SNMP sysContact

SNMP Simple Network Management Protocol. SNMP is a TCP/IP standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention.  system contact information.

LED operating mode

The operating mode for the LEDs on 802.11n 802.11n is a wireless networking standard to improve network throughput over the two previous standards, 802.11a and 802.11g. With 802.11n, there will be a significant increase in the maximum raw data rate from 54 Mbps to 600 Mbps with the use of four spatial streams at a channel width of 40 MHz.-capable indoor AP. supported options are normal mode, and off, which disables all LEDs.

LED override

Override the LED Light Emitting Diode. LED is a semiconductor light source that emits light when an electric current passes through it. action for single-LED Light Emitting Diode. LED is a semiconductor light source that emits light when an electric current passes through it. APs in normal LED Light Emitting Diode. LED is a semiconductor light source that emits light when an electric current passes through it. operating mode. If enabled, this feature disables the LED Light Emitting Diode. LED is a semiconductor light source that emits light when an electric current passes through it. auto-turn-off function.

Driver log level

Level of AP driver logs sent to the syslog server. Supported options are:

  • emergencies: System is unusable
  • alerts: Immediate action needed
  • critical: Critical Conditions
  • errors: Error Conditions
  • warnings: Warning conditions
  • notifications: Normal but significant conditions
  • informational: Informational Messages
  • debugging: Debugging Messages

Console log level

Level of AP console logs sent to the AP console. Supported options are:

  • emergencies: System is unusable
  • alerts: Immediate action needed
  • critical: Critical Conditions
  • errors: Error Conditions
  • warnings: Warning conditions
  • notifications: Normal but significant conditions
  • informational: Informational Messages
  • debugging: Debugging Messages

NOTE: The default option of this feature is emergencies. Do not change the console log level without prior supervision from the Aruba Technical Support team.

SAP MTU

Maximum Transmission Unit, in bytes, on the wired link for the AP.

RAP MTU

Configures the maximum size of the GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. packets exchanged between a RAP and the managed device.

Flex Radio Mode

Set the mode for flexible radios in 2.4 GHz Gigahertz., 5 GHz Gigahertz., and dual mode.

Dual 5GHz Mode

Set the mode for dual 5 GHz Gigahertz. APs. This parameter is disabled by default.

Split-5GHz Mode

Set the mode for split 5 GHz Gigahertz. APs. This parameter is disabled by default.

Secondary Conductor IP/FQDN

The secondary Mobility Conductor is configured to be used when a RAP is not able to reach the primary Mobility Conductor.

Spanning Tree

Enable the spanning-tree protocol.

AP multicast aggregation

Enable multicast aggregation at AP

AP ARP attack protection

Drop ARP Address Resolution Protocol. ARP is used for mapping IP network address to the hardware MAC address of a device. packets coming from wired or wireless clients with AP gateway Gateway is a network node that allows traffic to flow in and out of the network. IP address. In other words, disallow ARP Address Resolution Protocol. ARP is used for mapping IP network address to the hardware MAC address of a device. attack from un-trusted ports.

AP multicast aggregation allowed VLANs

Enable a list of VLANs Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. where AP multicast aggregation is allowed.

Wired Port Down-Time By Shutdown Ethernet Link

Configure the down time of Ethernet Ethernet is a network protocol for data transmission over LAN. link of the wired port after the AP fails over to backup cluster or falls back to primary cluster. The supported range of values is 0-60 seconds, and the default value is 0 second.

Wired Port Down-Time By Shutdown POE

Configure the down time of PoE Power over Ethernet. PoE is a technology for wired Ethernet LANs to carry electric power required for the device in the data cables. The IEEE 802.3af PoE standard provides up to 15.4 W of power on each port. of the wired port after the AP fails over to backup cluster or falls back to primary cluster. The supported range of values is 0-60 seconds, and the default value is 0 second.

Advanced

Advanced

Tunnel heartbeat interval

Set the interval between heartbeat messages between a remote or campus AP Campus APs are used in private networks where APs connect over private links (LAN, WLAN, WAN or MPLS) and terminate directly on controllers. Campus APs are deployed as part of the indoor campus solution in enterprise office buildings, warehouses, hospitals, universities, and so on. and its associated managed device. An increase in the heartbeat interval increases the time it will take for an AP to detect the loss in connectivity to the managed device, but can reduce internet bandwidth consumed by a remote AP Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.. The supported range is 1-60 seconds, and the default value is 1 second.

LMS ping interval

Specifies the interval at which application level ping needs to be sent to primary managed device to check the reachability. Applicable only for RAP.

NOTE: If this parameter is changed, UDP User Datagram Protocol. UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received. session timeout on an intermediate router which performs NATing should be set accordingly. The preferred timeout value is (lms-ping-interval + 30sec). The supported range is 10-60 seconds, and the default value is 20 seconds.

Bootstrap threshold

Number of consecutive missed heartbeats on a GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel (heartbeats are sent once per second on each tunnel) before an AP rebootstraps. On the managed device, the GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel timeout is 1.5 x bootstrap-threshold; the tunnel is torn down after this number of seconds of inactivity on the tunnel. The supported range is 1-65535, and the default value is 8.

Double Encrypt

This parameter applies only to remote APs Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.. Use double encryption for traffic to and from a wireless client that is connected to a tunneled SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network..

When enabled, all traffic is re-encrypted in the IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. tunnel. When disabled, the wireless frame is only encapsulated inside the IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. tunnel.

All other types of data traffic between the managed device and the AP (wired traffic and traffic from a split-tunneled SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.) are always encrypted in the IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. tunnel.

Heartbeat DSCP

Assign a DSCP Differentiated Services Code Point. DSCP is a 6-bit packet header value used for traffic classification and priority assignment. value to AP heartbeats to prioritize heartbeats traveling over low-speed links. The supported range is 0-63, and the default value is 0. For more information, see Validating and Optimizing AP Connectivity.

Maintenance Mode

Enable or disable AP maintenance mode.

This setting is useful when deploying, maintaining, or upgrading the network.

If enabled, APs stop flooding unnecessary traps and syslog messages to network management systems or network operations centers when deploying, maintaining, or upgrading the network. The managed device still generates debug syslog messages if debug logging is enabled.

Maximum Request Retries

Maximum number of times to retry AP-generated requests, including keepalive Signal sent at periodic intervals from one device to another to verify that the link between the two devices is working. If no reply is received, data will be sent by a different path until the link is restored. A keepalive can also be used to indicate that the connection should be preserved so that the receiving device does not consider it timed out and drop it. messages. After the maximum number of retries, the AP either tries the IP address specified by the bkup-lms-ip (if configured) or reboots.

Recovery Mode

Select either the legacy recovery mode or the auto mode (fast recovery).

  • Legacy— On detecting a firmware assert, the AP transfers the coredump to the managed device and executes an AP reboot.
  • Auto—On detecting a firmware assert, the AP executes the fast recovery process in the radio affected instead of rebooting the AP. This reduces the downtime of the AP in the network. If the AP detects a core dump with a valuable information during a firmware assert, then it transfers the core dump to the managed device and the AP reboots. This is the default mode.

Request Retry Interval

Interval, in seconds, between the first and second retries of AP-generated requests. If the configured interval is less than 30 seconds, the interval for subsequent retries is increased up to 30 seconds.

Number of IPSEC retries

Number of times the AP will try to create an IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. tunnel with the Mobility Controller before the AP will reboot. If you specify a value of 0, and AP will not reboot if it cannot create the IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. tunnel. The supported range of values is 0-1000 retries, and the default value is 85 retries.

Root AP

Defines a remote AP as the root AP in a branch network with a multi-AP hierarchy.

AeroScout RTLS Server

Enables the AP to send AeroScout tag information to an RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. server. You must specify the IPv4/IPv6 address or DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. server and port number of the server to which location reports are sent.

RTLS station reporting includes information for APs and the clients that the AP has detected. If you select the Include Unassociated Stations option, the station reports will also include information about clients not associated to any AP. By default, unassociated clients are not included in station reports.

IP or DNS

IPv4/IPv6 address or the DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. of the AeroScout server to which location reports are sent.

Port

Port number on the AeroScout server to which location reports are sent.

includeUnassocSta

If you select the Include Unassociated Stations option, the station reports will also include information about clients not associated to any AP. By default, unassociated clients are not included in station reports.

RTLS Server configuration

Enables the AP to send RFID Radio Frequency Identification. RFID uses radio waves to automatically identify and track the information stored on a tag attached to an object. tag information to an RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. server. You must specify the IP address or DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. server and port number of the server to which location reports are sent, a shared secret key, and the frequency at which packets are sent to the server.

RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. station reporting includes information for APs and the clients that the AP has detected. For more information on configuring RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. server configuration, see Defining an RTLS Server.

SES-imagotag ESL Server IP

SES-imagotag ESL Server IP configures the IP Address of ESL Server. Adding server IP addresses allows managing and controlling bulk servers at the same time.

SES-imagotag ESL Channel

Configures the channel of SES-imagotag ESL Radio. You can select a radio channel ranging from 0 to 10. These channels do not correspond to standard 802.11 802.11 is an evolving family of specifications for wireless LANs developed by a working group of the Institute of Electrical and Electronics Engineers (IEEE). 802.11 standards use the Ethernet protocol and Carrier Sense Multiple Access with collision avoidance (CSMA/CA) for path sharing. channels.

NOTE: There are 11 pre-defined, independent radio channels that you can configure. The recommended channels are 3, 5, 8, 9, and 10 as they connect faster.

    IP or DNS

IPv4/IPv6 address or the DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. of the RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. server to which location reports are sent.

     Port

RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. server port number

     frequency

Specify how often to send station RSSI Received Signal Strength Indicator. RSSI is a mechanism by which RF energy is measured by the circuitry on a wireless NIC (0-255). The RSSI is not standard across vendors. Each vendor determines its own RSSI scale/values. update messages to the server. The supported range is 1-3600 seconds, and the default setting is 30 seconds.

     key

Shared secret key for the RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. server.

     Include Unassociated Stations

If you select the Include Unassociated Stations option for an RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. server, the station reports will also include information about clients not associated to any AP. By default, unassociated clients are not included in station reports.

RTLS Server Compatibility Mode

The compatibility mode controls the format of tag frames forwarded to the RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. server. Enabling this mode will enable legacy format (includes a 2 byte padding), and disabling this mode will remove the padding. The tag frame format will be the same across all AP models. This feature is enabled by default

Slow Timer Recovery by rebooting itself

If you enable this option, ArubaOS checks for a slow CPU Central Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions. timer, and if it detects an issue, restarts the AP without logging a reason for the reboot. This feature is supported on RAP-108/ RAP-109 access points.

Telnet/SSH

Select this check box to enable telnet or SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. to the AP.

NOTE: Telnet is enabled on an AP running ArubaOS 8.6.0.0 or previous versions. SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. is enabled on an AP running ArubaOS 8.7.0.0.

Console Enable

Enable console port on the AP.

AP Console Protection

Enable the AP console protection by requiring a password to get AP console access.

AP Console Password

Sets the AP console password on the controller. If configured, you must enter this password to get AP console access. If not configured, the controller generates a default random password which can be viewed by executing the encrypt disable command followed by the show ap system-profile <profile-name> command. To disable the AP console password, execute the shell-passwd passworddisabled command.

NOTE: The passworddisabled is a special character string. On entering this string, the controller disables the AP console password.

Password for Backup

Allows client access to adjust the band Band refers to a specified range of frequencies of electromagnetic radiation. and mode settings for the backup ESSID Extended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set..

AP USB Power mode

Enables or disables the USB Universal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices. port on AP platforms that have external USB Universal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices. ports. The supported values are as follows:

NOTE: This parameter is applicable to AP-214, AP-215, AP-224, AP-225, AP-205H, AP-303H, AP-304, AP-305, AP-314, AP-315, AP-324, AP-325, AP-334, AP-335, AP-344, AP-345, AP-203R, and AP-203RP access points only.

AP POE mode

Choose PoE Power over Ethernet. PoE is a technology for wired Ethernet LANs to carry electric power required for the device in the data cables. The IEEE 802.3af PoE standard provides up to 15.4 W of power on each port. mode on the AP platforms with dual PoE Power over Ethernet. PoE is a technology for wired Ethernet LANs to carry electric power required for the device in the data cables. The IEEE 802.3af PoE standard provides up to 15.4 W of power on each port. support.

RF Band for Backup

Band Band refers to a specified range of frequencies of electromagnetic radiation. on which the controller broadcasts the backup ESSID Extended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set.. Supported values are as follows:

Operation for Backup

This parameter allows AP console access using a backup ESSID Extended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set., allowing users to access an AP console after the AP has disconnected from the controller. When the AP advertises a backup ESSID Extended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set. in either static or dynamic mode, a user is able to access and debug the AP remotely through a virtual AP.

The default setting for this feature is off. Select dynamic or static to enable this feature and select the mode by which the controller broadcasts the backup ESSID Extended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set..

BLE Endpoint URL

URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. of the Meridian server to which the BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. sends monitoring data.

BLE Auth Token

The BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. endpoint authorization token is a text string of 1-255 characters used by the BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. to authorize to and securely communicate with the Beacon Management Console. This token is unique for each deployment.

BLE Operation Mode

Determines how the built-in BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. chip in the AP functions. BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. chip can be in one of the following four modes:

NOTE: BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. is disabled for ArubaOS FIPS Federal Information Processing Standards. FIPS refers to a set of standards that describe document processing, encryption algorithms, and other information technology standards for use within non-military government agencies, and by government contractors and vendors who work with these agencies..

GRE Offload

 

Health Check

The AP Health check feature uses ping probes to check reachablility and latency levels for the connection between the AP and the managed device.

     mode

Ping probe mode is the only mode currently supported by this feature.

     packetsize

The size, in bytes, of a ping datagram. The supported range of values is 10-2000.

     burstcnt

Number of probes to be sent during the probe frequency interval defined by the frequency health-check parameter. The supported range of values is 1-16.

     freq

Probe interval, in seconds. The WAN Wide Area Network. WAN is a telecommunications network or computer network that extends over a large geographical distance. health-check feature sends the number of probes defined by the burst-size parameter during each frequency interval defined by this frequency parameter. The supported range of values is 10-300.

     report

Number of seconds between health check reports sent from the AP to the controller. The supported range of values is 60-3600.

     retrycnt

Number of times the attempts to resend a probe. The supported range of values is 1-10 retry attempts.

AirMatch Report Period

Change the frequency period which AirMatch starts measuring the RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. environment. The default value is 30 minutes, and the supported range of values is 5-180 minutes.

AirMatch Measurement Duration

Change the AirMatch RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. measurement duration from the default value of five minutes to any value from 5-60 minutes. A value of 0 disables AirMatch RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. environment measurements.

AirMatch Report Enabled

Enable or disable AirMatch reports. Each AP in a Mobility Conductor deployment measures its RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. environment for a five minute duration, every 30 minutes. Mobility Conductor uses this information to compute an optimal solution, then deploys the latest RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. plan by sending updated settings to the APs every 24 hours. This feature is enabled by default.

LMS

LMS IP

This parameter specifies the IP address of the LMS Local Management Switch. In multi-controller networks, each controller acts as an LMS and terminates user traffic from the APs, processes, and forwards the traffic to the wired network. —the managed device—which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network. This can be the IP address of the managed device or Mobility Conductor.

When using redundant managed devices as the LMS Local Management Switch. In multi-controller networks, each controller acts as an LMS and terminates user traffic from the APs, processes, and forwards the traffic to the wired network. , set this parameter to be the VRRP Virtual Router Redundancy Protocol. VRRP is an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN. IP address to ensure that APs always have an active IP address with which to terminate sessions.

NOTE: If the LMS Local Management Switch. In multi-controller networks, each controller acts as an LMS and terminates user traffic from the APs, processes, and forwards the traffic to the wired network. -IP is blank, the access point will remain on the managed device that it finds using methods like DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. or DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network. . If an IP address is configured for the LMS Local Management Switch. In multi-controller networks, each controller acts as an LMS and terminates user traffic from the APs, processes, and forwards the traffic to the wired network. IP parameter, the AP will be immediately redirected to the managed device at that address.

Backup LMS IP

This parameter specifies the IP address of a backup to the IP address specified with the lms-ip parameter.

LMS IPv6

This parameter specifies the IPv6 address of the LMS Local Management Switch. In multi-controller networks, each controller acts as an LMS and terminates user traffic from the APs, processes, and forwards the traffic to the wired network. —the managed device—which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network. This can be the IP address of the managed device or Mobility Conductor.

When using redundant managed devices as the LMS Local Management Switch. In multi-controller networks, each controller acts as an LMS and terminates user traffic from the APs, processes, and forwards the traffic to the wired network. , set this parameter to be the VRRP Virtual Router Redundancy Protocol. VRRP is an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN. IP address to ensure that APs always have an active IP address with which to terminate sessions.

Backup LMS IPv6

This parameter specifies the IPv6 address of a backup to the IPv6 address specified with the lms-ipv6 parameter.

LMS Preemption

When this parameter is enabled, the AP automatically reverts to the primary LMS Local Management Switch. In multi-controller networks, each controller acts as an LMS and terminates user traffic from the APs, processes, and forwards the traffic to the wired network. IP address when it becomes available.

LMS Hold-down Period

Time, in seconds, that the primary LMS Local Management Switch. In multi-controller networks, each controller acts as an LMS and terminates user traffic from the APs, processes, and forwards the traffic to the wired network. must be available before an AP returns to that LMS Local Management Switch. In multi-controller networks, each controller acts as an LMS and terminates user traffic from the APs, processes, and forwards the traffic to the wired network. after failover.

Remote AP

Remote-AP DHCP Server VLAN

VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. ID of the remote AP Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link. DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  server used if the managed device is unavailable. This VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. enables the DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  server on the AP (also known as the remote AP Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link. DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  server VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.). If you enter the native VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. ID, the DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  server is unavailable.

Remote-AP DHCP Server ID

IP address used as the DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  server identifier.

Remote-AP DHCP Default Router

IP address for the default DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  router.

Remote-AP DHCP DNS Server

IP address of the DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. server.

Remote-AP DHCP Pool Start

Configures a DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  pool for remote APs Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.. This is the first IP address of the DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  pool.

Remote-AP DHCP Pool End

Configures a DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  pool for remote APs Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.. This is the last IP address of the DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  pool.

Remote-AP DHCP Pool Netmask

Configures a DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  pool for remote APs Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.. This is the netmask Netmask is a 32-bit mask used for segregating IP address into subnets. Netmask defines the class and range of IP addresses. used for the DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  pool.

Remote-AP DHCP Lease Time

The amount of days that the assigned IP address is valid for the client. Specify the lease in <days>. A value of 0 indicates the IP address is always valid; the lease does not expire.

Remote-AP uplink total bandwidth

This is the total reserved uplink bandwidth (in Kilobits per second).

Remote-AP bw reservation 1
Remote-AP bw reservation 2

Remote-AP bw reservation 3

Session ACLs Access Control List. ACL is a common way of restricting certain types of traffic on a physical port. with uplink bandwidth reservation in kilobits per second. You can specify up to three session ACLs Access Control List. ACL is a common way of restricting certain types of traffic on a physical port. to reserve uplink bandwidth. The sum of the three uplink bandwidths should not exceed the Remote-AP uplink total bandwidth.

Remote-AP Local Network Access

Enable or disable local network access across VLANs Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. in a Remote-AP.

IPM Configuration

IPM Activation

Enables the IPM Intelligent Power Monitoring. IPM is a feature supported on certain APs that actively measures the power utilization of an AP and dynamically adapts to the power resources. system for power management.

IPM power reduction steps with priorities

Sets up all the IPM Intelligent Power Monitoring. IPM is a feature supported on certain APs that actively measures the power utilization of an AP and dynamically adapts to the power resources. power reduction steps.

Select the Ipm_step_priority and IPM_step to set the power reduction priority.

ITM Configuration

ITM Activation

Enables the intelligent temperature monitoring system. If enabled, the temperature is dynamically controlled and the AP is allowed to cool down.

NOTE: This feature can be enabled only when the IPM Intelligent Power Monitoring. IPM is a feature supported on certain APs that actively measures the power utilization of an AP and dynamically adapts to the power resources. feature is enabled. This feature is supported only on 570 Series access points.

The following command configures the AP system profile in the command-line interface:

(host)[mynode](config)#ap system-profile <profile>

The following command configures the recovery mode parameter:

(host) [mynode] (config) #ap system-profile <profile-name>

(host) [mynode] (AP system profile "<profile-name>") #recovery-mode legacy

The following show command displays the new statistics on AP recovery mode:

(host)[mynode] #show ap details ap-name <ap-name>

AP "<ap-name>" Radio 0 Operating Information

------------------------------------------

Item Value Source

---- ----- ------

Very High throughput Enabled Configuration

High throughput Enabled Configuration

Mode AP Configuration

Band 802.11a

Primary Channel 36 Configuration

80MHz Channel Group 36-48 Configuration

EIRP 10.0 Configuration

Fast recovery start 2017-03-09 11:57:56

Fast recovery end 2017-03-09 11:58:00

Fast recovery 1

AP Hardware Offload

Hardware offload is a technology used by supporting AP models to achieve high throughput without occupying CPU Central Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions. resource. This feature is enabled by default in the AP system profile. You can disable it in the AP system profile for test or debugging purpose only, under the direct supervision of Aruba Support.

The following table describes the AP hardware offload capabilities.

Table 2: AP Hardware Offload Capability

Hardware Offload Item

Description

Supported APs

GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. Offload

Offloads GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel into hardware to achieve high throughput without utilizing CPU Central Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions. resource. This parameter is used for Campus APs or Remote APs in tunnel mode or D-tunnel mode of virtual AP traffic management profile.

320 Series, 330 Series, 530 Series and 550 Series access points.

Bridge Offload

Offloads TCP Transmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. client or UDP User Datagram Protocol. UDP is a part of the TCP/IP family of protocols used for data transfer. UDP is typically used for streaming media. UDP is a stateless protocol, which means it does not acknowledge that the packets being sent have been received. traffic into hardware. This parameter is used for bridge mode virtual AP or wired APs.

530 Series and 550 Series access points.

The following procedure configures AP hardware offload using the AP system profile.

  1. In the Managed Network node hierarchy, navigate to Configuration > System > Profiles tab.
  2. In the All Profiles list, expand the AP menu, then select AP system.
  3. Select the AP system profile you want to edit, or click + to create a new profile.
  4. Under Advanced, select the GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. Offload or Bridge Offload check box, and click Submit.
  5. Click Pending Changes.
  6. In the Pending Changes window, select the check box and click Deploy Changes.

The following commands configure hardware offload parameters in the AP system profile.

(host)[mynode](config)# ap system-profile sys-635

(host)[mynode](AP system profile "sys-635")# gre-offload

(host)[mynode](AP system profile "sys-635")# bridge-offload