An AP’s provisioning parameters are unique to each AP. These parameters are initially configured on the Mobility Master and then pushed out to the AP and stored on the AP itself. Best practices are to configure an AP’s provisioning settings using the Mobility Master WebUI. If you find it necessary to alter an AP’s provisioning settings for troubleshooting purposes, you can do so using the WebUI and CLI, or alternatively, through a console connection to the AP itself.
To create a console connection to the AP:
| 1. | Connect a local console to the serial port on the AP. You can connect the AP’s serial port to a terminal or terminal server using an Ethernet cable, or connect the serial console port to a DB-9 adapter, then connect the adapter to a laptop using an RS-232 cable. For details on connecting to an AP’s serial console port, refer to the installation guide included with the AP. |
| 2. | Establish a console communication to the AP, then power-cycle the AP to reboot it. |
| 3. | To access the AP console command prompt, press Enter when the AP displays the message “Hit <Enter> to stop autoboot.” If the autoboot countdown expires before you can interrupt it, turn the device off and then back on. |
| 4. | Once the AP boot prompt appears, enter the AP console password. You can issue any of the AP provisioning commands described in the Table 1. Remember, though these commands may be useful for troubleshooting, they are all optional and are not necessary for normal AP provisioning. |
|
|
The list of AP boot commands may vary based on the APBoot image version. |
Command
Description
Boot the ArubaOS image from flash or USB, using currently saved environment variables. Any unsaved changes to the variables will be lost. This command has the following sub-parameters:
ap - Boot the ArubaOS image from flash.
usb:<path> - Boot the ArubaOS image from USB.
Clear the ArubaOS image or other information. This command has the following sub-parameters:
all - Clear the cache and ArubaOS.
cache - Clear the cache sectors (mesh, Remote AP, Campus AP).
os <n> - Clear the image from the specified partition (default: 0).
prov - Clear provisioning image from the flash.
Invoke DHCP client to obtain IP/boot parameters.
Reset the AP to factory default.
f
Upgrade the boot image.
Exercise caution when using this command.
Help text for the AP boot commands.
Shows manufacturing information of the AP.
Shows the ArubaOS image information on the AP.
Check network connectivity.
List the environment variables and their current settings. AP boot environment variables are configured using the AP boot command,
Reinstate AP boot configuration to factory default. This includes restoring the default environment variables.
Perform RESET of the AP CPU.
Save environment variables to persistent storage.
IP address to be assigned to the AP.
s
Netmask to be assigned to the AP.
IP address of the internet gateway used by the AP.
Name of the AP.
Name of the AP group to which the AP should belong.
IP address of the AP’s master controller.
IP address of the TFTP server from which the AP can download its boot image.
IP address of the DNS server used by the AP.
Domain name used by the AP.
Boot ArubaOS image over the network using TFTP protocol.
Upgrade the APBoot or ArubaOS image. This command has the following sub-parameters:
boot <file> - Upgrade the APBoot image from <file>.
os [<n>] <file> - Upgrade the ArubaOS image in partition <n> from <file>.
prov - Upgrade provisioning image from <file>.
<file> can be a <TFTP-server-IP>:<path> or usb:<path>.
Displays the APBoot image version.
| 5. | When you are finished, type saveenv and then press enter to save your settings |
|
|
Other AP console commands may be available when accessing an AP directly through its console port, but these commands can cause configuration errors if used improperly and should only be issued under the direct supervision of Aruba technical support. |
The example below configures an AP location and domain name using an AP console connection:
Hit <Enter> to stop autoboot: 0
apboot> <INTERRUPT>
apboot> setenv group corporate-2
apboot> setenv domainname mycompany.com
apboot> saveenv
apboot>boot
To view current AP settings using the AP console, issue the command printenv <name> where <name> is one of the variable names listed in Table 1, such as ipaddr, dnsip or gatewayip.
apboot> printenv domainname
domainname=mycompany.com
The ArubaOS AP console password feature helps protect systems that manage highly sensitive information, like financial and banking institutions, by requiring users to log in to the AP network with a password. The AP console password is enabled by default. Passwords must be 6 to 32 characters in length, and can include alphanumeric and special characters. If configured, you must enter this password to get AP console access. If not configured, the Mobility Master generates a default random password which can be viewed by executing the command followed by the command.
The timeout feature is also supported as an added level of security. If there is no user input or activity during one timeout interval (default of 30 minutes), the user is logged out of the system. The timeout interval cannot be modified.
You can configure an AP console password using the managed device WebUI or CLI.
To set a password in the WebUI:
| 1. | In the Managed Network node hierarchy, navigate to page. |
| 2. | Select the tab. |
| 3. | Expand theprofile in thelist, then select . |
| 4. | Select the AP system profile you want to modify. |
| 5. | Open the tab, check the check box. |
| 6. | In the field, enter the desired AP console password. Retype the password to confirm. |
| 7. | In the field, enter the password backup password for the console. Retype the password to confirm. |
| 8. | Click . |
|
|
Once the console is enabled, you do not need to enable it again. The console access is password protected. |
To set the AP console password in the CLI:
(host)[node] (config) #ap system-profile <profile>
(host)[node] (AP system-profile “<profile>") #console-enable
(host)[node] (AP system-profile “<profile>”) #slow_timer_recovery
If the password is lost, and the AP is not connected to a managed device, the console can be reset using the reset button on the AP or the AP boot command. If it is already connected to a managed device, the AP password can be changed under the field of the profile in the WebUI, or using the parameter of the command in the CLI.
Another way to protect your AP system is to completely disable access to the AP console under enabled mode.
To disable access to the console in the WebUI:
| 1. | In the Managed Network node hierarchy, navigate to the page. |
| 2. | Select the tab. |
| 3. | Expand thein thelist, then select . |
| 4. | Select the AP system profile you want to modify. |
| 5. | Open the tab, check the check box. |
| 6. | Click . |
To disable access to the console in the CLI:
(host)[node] (config) #ap system-profile default
(host)[node] (AP system profile “default”) #no console-enable