You are here: Connecting to a CLI Session

Chapter 32

Instant CLI

Instant supports the use of Command Line Interface (CLI) for scripting purposes. You can access the Instant CLI through a Secure Shell (SSH).

To enable the SSH access to the Instant CLI:

From the Instant UI, navigate to > .

Select from the drop-down list.

Click .

Connecting to a CLI Session

On connecting to a CLI session, the system displays its host name followed by the login prompt. Use the administrator credentials to start a CLI session. For example:

(Instant AP)

User: admin

Password: *****

If the login is successful, the privileged command mode is enabled and a command prompt is displayed. For example:

(Instant AP)#

The privileged mode provides access to show, clear, ping, traceroute, and commit commands. The configuration commands are available in the configuration (config) mode. To move from privileged mode to the configuration mode, enter the following command at the command prompt:

(Instant AP)# configure terminal

The configure terminal command allows you to enter the basic configuration mode and the command prompt is displayed as follows:

(Instant AP)(config)#

The Instant CLI allows CLI scripting in several other sub-command modes to allow the users to configure individual interfaces, SSIDs, access rules, and security settings.

You can use the question mark (?) to view the commands available in a privileged mode, configuration mode, or sub-mode.

Although automatic completion is supported for some commands such as configure terminal, the complete exit and end commands must be entered at command prompt for successful execution.

Applying Configuration Changes

Each command processed by the Virtual Controller is applied on all the slave IAPs in a cluster. When you make configuration changes on a master IAP in the CLI, all associated IAPs in the cluster inherit these changes and subsequently update their configurations. The changes configured in a CLI session are saved in the CLI context.

The CLI does not support the configuration data exceeding the 4K buffer size in a CLI session: therefore, Aruba recommends that you configure fewer changes at a time and apply the changes at regular intervals.

To apply and save the configuration changes at regular intervals, use the following command in the privileged mode:

(Instant AP)# commit apply

To apply the configuration changes to the cluster, without saving the configuration, use the following command in the privileged mode:

(Instant AP)# commit apply no-save

To view the changes that are yet to be applied, use the following command in the privileged mode:

(Instant AP)# show uncommitted-config

To revert to the earlier configuration, use the following command in the privileged mode.

(Instant AP)# commit revert

Example:

(Instant AP)(config)# rf dot11a-radio-profile

(Instant AP)(RF dot11a Radio Profile)# beacon-interval 200

(Instant AP)(RF dot11a Radio Profile)# no legacy-mode

(Instant AP)(RF dot11a Radio Profile)# dot11h

(Instant AP)(RF dot11a Radio Profile)# interference-immunity 3

(Instant AP)(RF dot11a Radio Profile)# csa-count 2

(Instant AP)(RF dot11a Radio Profile)# spectrum-monitor

(Instant AP)(RF dot11a Radio Profile)# end

(Instant AP)# show uncommitted-config

rf dot11a-radio-profile

no legacy-mode

beacon-interval 200

no dot11h

interference-immunity 3

csa-count 1

no spectrum-monitor

Instant Access Point# commit apply

Configuration Sub-modes

Some commands in configuration mode allow you to enter into a sub-mode to configure the commands specific to that mode. When you are in a configuration sub-mode, the command prompt changes to indicate the current sub-mode.

You can exit a sub-command mode and return to the basic configuration mode or the privileged Exec (enable) mode at any time by executing the exit or end command.

Deleting Configuration Settings

Use the no command to delete or negate previously-entered configurations or parameters.



To view a list of no commands, type at the prompt in the relevant mode or sub-mode followed by the question mark. For example:

(Instant AP)(config) # no?



To delete a configuration, use the form of a configuration command. For example, the following command removes a configured user role:

(Instant AP)(config) # no user <username>



To negate a specific configured parameter, use the parameter within the command. For example, the following command deletes the PPPoE user configuration settings:

(Instant AP)(config) # pppoe-uplink-profile

(Instant AP)(pppoe_uplink_profile)# no pppoe-username

Using Sequence Sensitive Commands

The Instant CLI does not support positioning or precedence of sequence-sensitive commands. Therefore, Aruba recommends that you remove the existing configuration before adding or modifying the configuration details for sequence-sensitive commands. You can either delete an existing profile or remove a specific configuration by using the no… commands.

The following table lists the sequence-sensitive commands and the corresponding no command to remove the configuration.

Table 1: Sequence-Sensitive Commands
Sequence-Sensitive Command	Corresponding no command
opendns <username <password>	no opendns
rule <dest> <mask> <match> <protocol> <start-port> <end-port> {permit \|deny \| src-nat \| dst-nat {<IP-address> <port>\| <port>}}[<option1…option9>]	no rule <dest> <:mask> <match> <protocol> <start-port> <end-port> {permit \| deny \| src-nat \| dst-nat}
mgmt-auth-server <auth-profile-name>	no mgmt-auth-server <auth-profile-name>
set-role <attribute>{{equals\| not-equals\| starts-with\| ends-with\| contains} <operator> <role>\| value-of}	no set-role <attribute>{{equals\| not-equals\| starts-with\| ends-with\| contains} <operator>\| value-of} no set-role
set-vlan <attribute>{{equals\| not-equals\| starts-with\| ends-with\| contains} <operator> <VLAN-ID>\| value-of}	no set-vlan <attribute>{{equals\| not-equals\| starts-with\| ends-with\| contains} <operator>\| value-of} no set-vlan
auth-server <name>	no auth-server <name>