Profile Name
|
|
General
|
RF Band
|
For APs that support both and /g , specify the in which the AP should operate:
|
RF Band for AM Mode scanning
|
For Air Monitors that support both and /g , specify the which the should scan:
- a = 5
- all = both radio
- g = 2.4
|
Native VLAN ID
|
Native for bridge mode virtual APs (frames on the native are not tagged with 802.1q tags).
|
WIDS AMPDU Optimization
|
Reduce the number of frames copied for the purpose of aggregate Optimization.
Default: Enabled.
|
Session ACL
|
Session configured with the ip access-list session command.
NOTE: This parameter requires the license.
|
Corporate DNS Domain
|
Name of domain that is resolved by corporate servers. Use this parameter when configuring split-tunnel forwarding.
|
SNMP sysContact
|
system contact information.
|
LED operating mode
|
The operating mode for the LEDs on -capable indoor AP. supported options are normal mode, and off, which disables all LEDs.
|
LED override
|
Override the action for single- APs in normal operating mode. If enabled, this feature disables the auto-turn-off function.
|
Driver log level
|
Level of AP driver logs sent to the syslog server. Supported options are:
- emergencies: System is unusable
- alerts: Immediate action needed
- critical: Critical Conditions
- errors: Error Conditions
- warnings: Warning conditions
- notifications: Normal but significant conditions
- informational: Informational Messages
- debugging: Debugging Messages
|
Console log level
|
Level of AP console logs sent to the AP console. Supported options are:
- emergencies: System is unusable
- alerts: Immediate action needed
- critical: Critical Conditions
- errors: Error Conditions
- warnings: Warning conditions
- notifications: Normal but significant conditions
- informational: Informational Messages
- debugging: Debugging Messages
NOTE: The default option of this feature is emergencies. Do not change the console log level without prior supervision from the Aruba Technical Support team.
|
SAP MTU
|
Maximum Transmission Unit, in bytes, on the wired link for the AP.
|
RAP MTU
|
Configures the maximum size of the packets exchanged between a RAP and the managed device.
|
Flex Radio Mode
|
Set the mode for flexible radios in 2.4 , 5 , and dual mode.
|
Dual 5GHz Mode
|
Set the mode for dual 5 APs. This parameter is disabled by default.
|
Secondary Master IP/FQDN
|
The secondary Mobility Master is configured to be used when a RAP is not able to reach the primary Mobility Master.
|
Spanning Tree
|
Enable the spanning-tree protocol.
|
AP multicast aggregation
|
Enable multicast aggregation at AP
|
AP ARP attack protection
|
Drop packets coming from wired or wireless clients with AP IP address. In other words, disallow attack from un-trusted ports.
|
AP multicast aggregation allowed VLANs
|
Enable a list of where AP multicast aggregation is allowed.
|
Advanced
|
Advanced
|
Tunnel heartbeat interval
|
Set the interval between heartbeat messages between a remote or and its associated managed device. An increase in the heartbeat interval increases the time it will take for an AP to detect the loss in connectivity to the managed device, but can reduce internet bandwidth consumed by a . The supported range is 1-60 seconds, and the default value is 1 second.
|
LMS ping interval
|
Specifies the interval at which application level ping needs to be
sent to primary managed device to check the
reachability. Applicable only for RAP.
NOTE: If this parameter is
changed, session timeout on an intermediate
router which performs NATing should be set
accordingly. The preferred timeout value is
(lms-ping-interval + 30sec).
The supported range is 10-60 seconds, and the default value is 20 seconds.
|
Bootstrap threshold
|
Number of consecutive missed heartbeats on a tunnel (heartbeats are sent once per second on each tunnel) before an AP rebootstraps. On the managed device, the tunnel timeout is 1.5 x bootstrap-threshold; the tunnel is torn down after this number of seconds of inactivity on the tunnel. The supported range is 1-65535, and the default value is 8.
|
Double Encrypt
|
This parameter applies only to . Use double encryption for traffic to and from a wireless client that is connected to a tunneled .
When enabled, all traffic is re-encrypted in the tunnel. When disabled, the wireless frame is only encapsulated inside the tunnel.
All other types of data traffic between the managed device and the AP (wired traffic and traffic from a split-tunneled ) are always encrypted in the tunnel.
|
Heartbeat DSCP
|
Assign a value to AP heartbeats to prioritize heartbeats traveling over low-speed links. The supported range is 0-63, and the default value is 0. For more information, see Validating and Optimizing AP Connectivity.
|
Maintenance Mode
|
Enable or disable AP maintenance mode.
This setting is useful when deploying, maintaining, or upgrading the network.
If enabled, APs stop flooding unnecessary traps and syslog messages to network management systems or network operations centers when deploying, maintaining, or upgrading the network. The managed device still generates debug syslog messages if debug logging is enabled.
|
Maximum Request Retries
|
Maximum number of times to retry AP-generated requests, including messages. After the maximum number of retries, the AP either tries the IP address specified by the bkup-lms-ip (if configured) or reboots.
|
Recovery Mode
|
Select either the legacy recovery mode or the auto mode (fast recovery).
- Legacy— On detecting a firmware assert, the AP transfers the coredump to the managed device and executes an AP reboot.
- Auto—On detecting a firmware assert, the AP executes the fast recovery process in the radio affected instead of rebooting the AP. This reduces the downtime of the AP in the network. If the AP detects a core dump with a valuable information during a firmware assert, then it transfers the core dump to the managed device and the AP reboots. This is the default mode.
|
Request Retry Interval
|
Interval, in seconds, between the first and second retries of AP-generated requests. If the configured interval is less than 30 seconds, the interval for subsequent retries is increased up to 30 seconds.
|
Number of IPSEC retries
|
Number of times the AP will try to create an tunnel with the Mobility Controller before the AP will reboot. If you specify a value of 0, and AP will not reboot if it cannot create the tunnel. The supported range of values is 0-1000 retries, and the default value is 85 retries.
|
Root AP
|
Defines a remote AP as the root AP in a branch network with a multi-AP hierarchy.
|
AeroScout RTLS Server
|
Enables the AP to send AeroScout tag information to an server. You must specify the IPv4/IPv6 address or server and port number of the server to which location reports are sent.
RTLS station reporting includes information for APs and the clients that the AP has detected. If you select the Include Unassociated Stations option, the station reports will also include information about clients not associated to any AP. By default, unassociated clients are not included in station reports.
|
IP or DNS
|
IPv4/IPv6 address or the of the AeroScout server to which location reports are sent.
|
Port
|
Port number on the AeroScout server to which location reports are sent.
|
includeUnassocSta
|
If you select the Include Unassociated Stations option, the station reports will also include information about clients not associated to any AP. By default, unassociated clients are not included in station reports.
|
RTLS Server configuration
|
Enables the AP to send tag information to an server. You must specify the IP address or server and port number of the server to which location reports are sent, a shared secret key, and the frequency at which packets are sent to the server.
station reporting includes information for APs and the clients that the AP has detected. For more information on configuring server configuration, see Defining an RTLS Server.
|
SES-imagotag ESL Server IP
|
SES-imagotag ESL Server IP configures the IP Address of ESL Server. Adding server IP addresses allows managing and controlling bulk servers at the same time.
|
SES-imagotag ESL Channel
|
Configures the channel of SES-imagotag ESL Radio. You can select a radio channel ranging from 0 to 10. These channels do not correspond to standard channels.
NOTE: There are 11 pre-defined, independent radio channels that you can configure. The recommended channels are 3, 5, 8, 9, and 10 as they connect faster.
|
IP or DNS
|
IPv4/IPv6 address or the of the server to which location reports are sent.
|
Port
|
server port number
|
frequency
|
Specify how often to send station update messages to the server. The supported range is 1-3600 seconds, and the default setting is 30 seconds.
|
key
|
Shared secret key for the server.
|
Include Unassociated Stations
|
If you select the Include Unassociated Stations option for an server, the station reports will also include information about clients not associated to any AP. By default, unassociated clients are not included in station reports.
|
RTLS Server Compatibility Mode
|
The compatibility mode controls the format of tag frames forwarded to the server. Enabling this mode will enable legacy format (includes a 2 byte padding), and disabling this mode will remove the padding. The tag frame format will be the same across all AP models. This feature is enabled by default
|
Slow Timer Recovery by rebooting itself
|
If you enable this option, ArubaOS checks for a slow timer, and if it detects an issue, restarts the AP without logging a reason for the reboot. This feature is supported on RAP-108/ RAP-109 access points.
|
Telnet/SSH
|
Select this check box to enable telnet or to the AP.
NOTE: Telnet is enabled on an AP running ArubaOS 8.6.0.0 or previous versions. is enabled on an AP running ArubaOS 8.7.0.0.
|
Console Enable
|
Enable console port on the AP.
|
AP Console Protection
|
Enable the AP console protection by requiring a password to get AP console access.
|
AP Console Password
|
Sets the AP console password on the controller. If configured, you must enter this password to get AP console access. If not configured, the controller generates a default random password which can be viewed by executing the encrypt disable command followed by the show ap system-profile <profile-name> command. To disable the AP console password, execute the shell-passwd passworddisabled command.
NOTE: The passworddisabled is a special character string. On entering this string, the controller disables the AP console password.
|
Password for Backup
|
Allows client access to adjust the and mode settings for the backup .
|
AP USB Power mode
|
Enables or disables the port on AP platforms that have external ports. The supported values are as follows:
- auto: Detects power mode automatically
- disable: Disables power
- enable: Enables power
NOTE: This parameter is applicable to AP-214, AP-215, AP-224, AP-225, AP-205H, AP-303H, AP-304, AP-305, AP-314, AP-315, AP-324, AP-325, AP-334, AP-335, AP-344, AP-345, AP-203R, and AP-203RP access points only.
|
AP POE mode
|
Choose POE mode on the AP platforms with dual POE support.
|
RF Band for Backup
|
on which the controller broadcasts the backup . Supported values are as follows:
- a:
- all: all . This is the default setting.
- g:
|
Operation for Backup
|
This parameter allows AP console access using a backup , allowing users to access an AP console after the AP has disconnected from the controller. When the AP advertises a backup in either static or dynamic mode, a user is able to access and debug the AP remotely through a virtual AP.
The default setting for this feature is off. Select dynamic or static to enable this feature and select the mode by which the controller broadcasts the backup .
|
BLE Endpoint URL
|
of the Meridian server to which the sends monitoring data.
|
BLE Auth Token
|
The endpoint authorization token is a text string of 1-255 characters used by the to authorize to and securely communicate with the Beacon Management Console. This token is unique for each deployment.
|
BLE Operation Mode
|
Determines how the built-in chip in the AP functions. chip can be in one of the following four modes:
- Beaconing: The built-in chip in the AP functions as an iBeacon combined with beacon management functionality.
- Disabled: The built-in chip in the AP is turned off. This is the default setting.
- Dynamic Console: The built-in chip in the AP functions as a regular iBeacon combined with beacon management functionality. However, when the link to the controller is lost, the built-in chip temporarily enables access to the AP console over . This state of the device may be rolled back to any of the other modes if the AP receives a different configuration setting for the ble-op-mode parameter from the new .
- Persistent Console: The built-in chip in the AP provides access to the AP console over using a mobile application. This functionality is the superset of the Beaconing mode.
NOTE: is disabled for ArubaOS .
|
GRE Offload
|
|
Health Check
|
The AP Health check feature uses ping probes to check reachablility and latency levels for the connection between the AP and the controller.
|
mode
|
Ping probe mode is the only mode currently supported by this feature.
|
packetsize
|
The size, in bytes, of a ping datagram. The supported range of values is 10-2000.
|
burstcnt
|
Number of probes to be sent during the probe frequency interval defined by the frequency health-check parameter. The supported range of values is 1-16.
|
freq
|
Probe interval, in seconds. The health-check feature sends the number of probes defined by the burst-size parameter during each frequency interval defined by this frequency parameter. The supported range of values is 10-300.
|
report
|
Number of seconds between health check reports sent from the AP to the controller. The supported range of values is 60-3600.
|
retrycnt
|
Number of times the attempts to resend a probe.
The supported range of values is 1-10 retry attempts.
|
AirMatch Report Period
|
Change the frequency period which AirMatch starts measuring the environment. The default value is 30 minutes, and the supported range of values is 5-180 minutes.
|
AirMatch Measurement Duration
|
Change the AirMatch measurement duration from the default value of five minutes to any value from 5-60 minutes. A value of 0 disables AirMatch environment measurements.
|
AirMatch Report Enabled
|
Enable or disable AirMatch reports. Each AP in a Mobility Master deployment measures its environment for a five minute duration, every 30 minutes. Mobility Master uses this information to compute an optimal solution, then deploys the latest plan by sending updated settings to the APs every 24 hours. This feature is enabled by default.
|
LMS
|
LMS IP
|
This parameter specifies the IP address of the —the managed device—which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network. This can be the IP address of the managed device or Mobility Master.
When using redundant managed devices as the , set this parameter to be the IP address to ensure that APs always have an active IP address with which to terminate sessions.
NOTE: If the -IP is blank, the access point will remain on the managed device that it finds using methods like or . If an IP address is configured for the IP parameter, the AP will be immediately redirected to the managed device at that address.
|
Backup LMS IP
|
This parameter specifies the IP address of a backup to the IP address specified with the lms-ip parameter.
|
LMS IPv6
|
This parameter specifies the IPv6 address of the —the managed device—which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network. This can be the IP address of the managed device or Mobility Master.
When using redundant managed devices as the , set this parameter to be the IP address to ensure that APs always have an active IP address with which to terminate sessions.
|
Backup LMS IPv6
|
This parameter specifies the IPv6 address of a backup to the IPv6 address specified with the lms-ipv6 parameter.
|
LMS Preemption
|
When this parameter is enabled, the AP automatically reverts to the primary IP address when it becomes available.
|
LMS Hold-down Period
|
Time, in seconds, that the primary must be available before an AP returns to that after failover.
|
Remote AP
|
Remote-AP DHCP Server VLAN
|
ID of the server used if the managed device is unavailable. This enables the server on the AP (also known as the server ). If you enter the native ID, the server is unavailable.
|
Remote-AP DHCP Server ID
|
IP address used as the server identifier.
|
Remote-AP DHCP Default Router
|
IP address for the default router.
|
Remote-AP DHCP DNS Server
|
IP address of the server.
|
Remote-AP DHCP Pool Start
|
Configures a pool for . This is the first IP address of the pool.
|
Remote-AP DHCP Pool End
|
Configures a pool for . This is the last IP address of the pool.
|
Remote-AP DHCP Pool Netmask
|
Configures a pool for . This is the used for the pool.
|
Remote-AP DHCP Lease Time
|
The amount of days that the assigned IP address is valid for the client. Specify the lease in <days>. A value of 0 indicates the IP address is always valid; the lease does not expire.
|
Remote-AP uplink total bandwidth
|
This is the total reserved uplink bandwidth (in Kilobits per second).
|
Remote-AP bw reservation 1 Remote-AP bw reservation 2 Remote-AP bw reservation 3
|
Session with uplink bandwidth reservation in kilobits per second. You can specify up to three session to reserve uplink bandwidth. The sum of the three uplink bandwidths should not exceed the Remote-AP uplink total bandwidth.
|
Remote-AP Local Network Access
|
Enable or disable local network access across in a Remote-AP.
|
IPM Configuration
|
IPM Activation
|
Enables the system for power management.
|
IPM power reduction steps with priorities
|
Sets up all the power reduction steps.
Select the Ipm_step_priority and IPM_step to set the power reduction priority.
|
ITM Configuration
|
ITM Activation
|
Enables the intelligent temperature monitoring system. If enabled, the temperature is dynamically controlled and the AP is allowed to cool down.
NOTE: This feature can be enabled only when the feature is enabled. This feature is supported only on 570 Series access points.
|