Ruckus Wireless ZoneDirector Command Line Interface

Ruckus Wireless ZoneDirector Command Line Interface
Ruckus Wireless™ ZoneDirector™
Command Line Interface
Reference Guide
Current as of software version 9.3
Part Number 800-70258-001 Rev D
Published February 2012
www.ruckuswireless.com
Contents
About This Guide
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i
Documentation Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .ii
1 Understanding the ZoneDirector Command Line Interface
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2
Accessing the Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2
Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Step 1: Connecting the Administrative Computer to ZoneDirector . . . . . . . . . . . 2
Connecting ZoneDirector 1000/1100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Connecting ZoneDirector 3000/5000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Step 2: Start and Configure the Telnet/SSH Client . . . . . . . . . . . . . . . . . . . . . . . . . 3
Step 3: Log Into the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Using the Help Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Using the ? Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Top-Level Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
2 Viewing Current Configuration
Show Commands Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
Show AAA Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
Show Access Point Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Show AP Group Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Show AP Policy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Show System Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Show System Information Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
Show Technical Support Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26
Show Management ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
Show Static Route Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Show WLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Show WLAN Group Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
Show L2 Access Control List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
Show L3 Access Control List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
i
Show Hotspot Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
Show Role Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
Show User Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Show Currently Active Clients Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
Show Mesh Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
Show Dynamic PSK Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Show Dynamic Certificate Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50
Show Guest Pass Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50
Show Rogue Device Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Show Events and Activities Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Show Alarm Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Show License Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Show Session-Timeout Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Show Active Wired Client Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54
Monitor AP MAC Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Monitor Currently Active Client Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
Monitor Sysinfo Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
3 Configuring Controller Settings
Configuration Commands Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61
Configure AAA Server Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61
Configure Admin Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72
Admin Authentication Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Display Administrator Account Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Configure Access Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75
Configure AP Port Setting Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Configure AP Policy Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93
Configure AP Group Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100
Configure Model-Specific Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Configure Certificate Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114
Configure Hotspot Redirect Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116
Configure Layer 2 Access Control Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117
Configure Layer 3 Access Control Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125
Configure Layer 3 Access Control Rule Commands . . . . . . . . . . . . . . . . . . . . . . 130
Configure Load Balancing Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134
ii
Configure STP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137
Configure System Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138
Configure Interface Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Configure Smart Redundancy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Configure Management Interface Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Configure Syslog Settings Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Configure Management ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Configure UPNP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161
Configure Zero-IT Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162
Configure Dynamic PSK Expiration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
Configure WLAN Settings Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
Configure WLAN Group Settings Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203
Configure Role Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
Configure User Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .215
Configure Guest Access Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220
Configure Guest Access Restriction Commands . . . . . . . . . . . . . . . . . . . . . . . . 226
Configure Hotspot Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231
Configure Hotspot Access Restriction Commands . . . . . . . . . . . . . . . . . . . . . . . 243
Configure Mesh Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .247
Configure Alarm Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252
Configure Services Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .262
4 Using Debug Commands
Debug Commands Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
General Debug Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
Show Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276
Accessing a Remote AP CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281
Working with Debug Logs and Log Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283
Remote Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .296
AP Core Dump Collection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .296
Script Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .298
Index
iii
About This Guide
This Ruckus Wireless ZoneDirector Command Line Interface Reference Guide
contains the syntax and commands for configuring and managing ZoneDirector from
a command line interface.
This guide is written for service operators and system administrators who are responsible for managing, configuring, and troubleshooting Ruckus Wireless devices.
Consequently, it assumes a basic working knowledge of local area networks, wireless
networking, and wireless devices.
NOTE: If a release note is shipped with ZoneDirector your Ruckus Wireless product
and the information there differs from the information in this guide, follow the
instructions in the release note.
Most user guides and release notes are available in Adobe Acrobat Reader Portable
Document Format (PDF) or HTML on the Ruckus Wireless Support Web site at:
http://support.ruckuswireless.com/
Conventions
Table 1 and Table 2 list the text and notice conventions that are used throughout this
guide.
Table 1.
Text Conventions
Convention
Description
Example
monospace
Represents information as it
appears on screen
[Device name]>
monospace bold
Represents information that
you enter
[Device name]> set
ipaddr 10.0.0.12
default font bold
Keyboard keys, software
buttons, and field names
On the Start menu, click All
Programs.
italics
Screen or page names
Click Advanced Settings.
The Advanced Settings page
appears.
i
About This Guide
Table 2.
Notice Conventions
Icon
Notice Type
Description
Information
Information that describes
important features or
instructions
Caution
Information that alerts you to
potential loss of data or
potential damage to an
application, system, or device
Warning
Information that alerts you to
potential personal injury
Documentation Comments
Ruckus Wireless is interested in improving its documentation and welcomes your
comments and suggestions. You can email your comments to Ruckus Wireless at:
docs@ruckuswireless.com
When contacting us, please include the following information:
■
Document title
■
Document part number (on the cover page)
■
Page number (if appropriate)
For example:
■
Ruckus Wireless ZoneDirector Command Line Interface Reference Guide
■
Part number: 800-70258-001 Rev D
■
Page 88
Please note that we can only respond to comments and questions about Ruckus
Wireless product documentation at this email address. Questions related to technical
support or sales should be directed in the first instance to your network supplier.
ii
1
Understanding the ZoneDirector
Command Line Interface
In This Chapter
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Accessing the Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Using the Help Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Using the ? Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Top-Level Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2
2
8
8
9
1
Understanding the ZoneDirector Command Line Interface
Introduction
Introduction
The Ruckus Wireless ZoneDirector command line interface (CLI) is a software tool that
enables you to configure and manage ZoneDirector, Ruckus Wireless’s wireless LAN
controller.
Using the command line interface, you can issue commands from an operating system
prompt, such as the Microsoft Windows command prompt or a Linux operating
system terminal. Each command performs a specific action for configuring device
settings or returning information about the status of a specific device feature.
Accessing the Command Line Interface
This section describes the requirements and the procedure for accessing the ZoneDirector CLI.
Requirements
To access the ZoneDirector CLI, you will need the following:
■
A computer that you want to designate as administrative computer
■
A network connection to ZoneDirector, or
■
■
An RS-232 serial cable (type depends on the ZoneDirector model):
• If you are using ZoneDirector 3000/5000, you need an RS-232 serial to Ethernet
cable.
• If you are using ZoneDirector 1000/1100, you need a DB-9 RS-232 to RS-232
cable.
A Telnet or SSH (secure shell) client program
Step 1: Connecting the Administrative Computer to
ZoneDirector
The ZoneDirector Command Line Interface can be accessed in one of two ways:
■
Using Telnet or SSH
■
Using a Serial Connection
Using Telnet or SSH
1. Ensure that the administrative computer and ZoneDirector are on the same subnet
or broadcast domain.
2. Continue to “Step 2: Start and Configure the Telnet/SSH Client”.
2
Understanding the ZoneDirector Command Line Interface
Accessing the Command Line Interface
Using a Serial Connection
The steps for connecting the administrative computer directly to ZoneDirector using
a serial cable depend on the ZoneDirector model that you are using. Refer to the
relevant section below.
■
Connecting ZoneDirector 1000/1100
■
Connecting ZoneDirector 3000/5000
NOTE: Before continuing, make sure that both the administrative computer and
ZoneDirector are both powered on.
Connecting ZoneDirector 1000/1100
1. Connect one end of the RS-232 cable to the port labeled Console on ZoneDirector.
2. Connect the other end of the RS-232 cable to a COM port on the administrative
computer.
Connecting ZoneDirector 3000/5000
1. Connect the RJ-45 end of the cable to the port labeled Console on ZoneDirector.
2. Connect the RS-232 end of the cable to a COM port on the administrative
computer.
Step 2: Start and Configure the Telnet/SSH Client
Before starting this procedure, make sure that your Telnet/SSH client is already
installed on the administrative computer.
NOTE: The following procedure uses PuTTY, a free and open source Telnet/SSH
client, for accessing the ZoneDirector CLI. If you are using a different Telnet/SSH client,
the procedure may be slightly different (although the connection settings should be
the same). For more information on PuTTY, visit www.putty.org.
See the following section depending on your connection method:
■
Using Telnet or SSH
■
Using a Serial Connection
Using Telnet or SSH
To start and configure the Telnet/SSH client
1. Start PuTTY. The PuTTY Configuration dialog box appears, showing the Session
screen.
2. In Connection type, select Telnet or SSH.
3
Understanding the ZoneDirector Command Line Interface
Accessing the Command Line Interface
NOTE: Telnet access is disabled by default for security reasons. SSH is the recommended access method and you will not be allowed to access the ZoneDirector CLI
via Telnet unless you have specifically enabled Telnet access. You can enable Telnet
server from the ZoneDirector Web interface by going to Configure > System >
Network Management and selecting Enable Telnet Server.
Figure 1.
Selecting SSH as the connection type
3. Enter the ZoneDirector IP address in the Host Name (or IP address) field.
4. Click Open. The PuTTY console appears and displays the login prompt.
Using a Serial Connection
To start and configure the Telnet/SSH client
1. Start PuTTY. The PuTTY Configuration dialog box appears, showing the Session
screen.
2. In Connection type, select Serial if you are connecting via serial cable.
4
Understanding the ZoneDirector Command Line Interface
Accessing the Command Line Interface
Figure 2.
Select Serial as the connection type
3. Under Category, click Connection > Serial. The serial connection options appear
on the right side of the dialog box, displaying PuTTY’s default serial connection
settings.
Figure 3.
PuTTY’s default serial connection settings
4. Configure the serial connection settings as follows:
• Serial line to connect to: Type the COM port name to which you connected
the RS-232 cable.
• Bits per second: 115200
• Data bits: 8
• Stop bits: 1
• Parity: None
5
Understanding the ZoneDirector Command Line Interface
Accessing the Command Line Interface
•
Flow control: None
Figure 4.
PuTTY’s serial connection settings for connecting to ZoneDirector
5. Click Open. The PuTTY console appears and displays the login prompt.
Figure 5.
The PuTTY console displaying the login prompt
You have completed configuring the Telnet/SSH client to connect to ZoneDirector.
Step 3: Log Into the CLI
1. At the login as prompt, press <Enter> once.
1. At the Please login prompt, type admin, and then press <Enter>.
6
Understanding the ZoneDirector Command Line Interface
Accessing the Command Line Interface
2. At the Password prompt, type admin, and then press <Enter>. The Ruckus
Wireless ZoneDirector CLI welcome message and the ruckus prompt appears.
You are now logged into the ZoneDirector CLI as a user with limited privileges. As a
user with limited privileges, you can view a history of commands that were previously
executed and ping a device. If you want to run more commands, you can switch to
privileged mode by entering enable at the root prompt.
To view a list of commands that are available at the root level, enter help or?.
NOTE: You can tell if you are logged into the CLI in limited or privileged mode by
looking at the ruckus prompt. If you are in limited mode, the prompt appears as
ruckus> (with a greater than sign). If you are in privileged mode, the prompt appears
as ruckus# (with a pound sign).
7
Understanding the ZoneDirector Command Line Interface
Using the Help Command
Using the Help Command
To display all commands that the Ruckus Wireless CLI supports, use the help
command.
CAUTION: Entering the help command into the CLI prints a long list of commands
on the screen. If you only want to view the commands that are available from within
a specific context, use the ? command. See “Using the ? Command” below for more
information.
Using the ? Command
To display commands that are available within a specific context, use the ? command.
Example
To display commands within the debug context, enter the following command:
ruckus# debug
ruckus(debug)# ?
help
Shows available commands.
history
Shows a list of previously run commands.
quit
Exits the debug context.
fw_upgrade
Upgrades the controller's firmware.
deletestation
<MAC>
Disassociates a station.
restart-ap
<MAC>
Restarts a device.
wlaninfo
Configures and enables debugging of WLAN
service settings.
show
Contains commands that can be executed from
within the context.
ps
Displays information about all processes that
are running (ps -aux).
save_debug_ Saves debug information.
info <IPADDR>
<FILE-NAME>
remote_ap_c Excutes AP CLI command in remote AP.
li
save-config Upload the configuration to the designated
<IP-ADDR>
TFTP site.
<FILE-NAME>
logs
Contains commands that can be executed from
within the context.
8
Understanding the ZoneDirector Command Line Interface
Top-Level Commands
no
Contains commands that can be executed from
within the context.
remoteTroubleshooting commands group.
troubleshoo
ting
collect_ap_ Enable AP core dump collection.
coredump
script
Manages system script for debug.
Top-Level Commands
The following table lists the top-level CLI commands available in privileged mode.
exit
Ends the CLI session.
help
Shows available commands.
quit
Ends the CLI session
history
Shows a list of previously run commands.
disable
Disables privileged commands.
ping <IPSends ICMP echo packets to an IP/IPv6 address or domain name.
ADDR/DOMAINNAME>
reboot
Reboots the controller
set-factory
Reset the controller to factory defaults.
config
Enter the config context.
debug
Enter the debug context.
show
Displays system options and settings.
sessiontimeout
<NUMBER>
Sets the CLI session timeout.
monitor
Begins monitoring of system status.
9
2
Viewing Current Configuration
In This Chapter
Show Commands Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show AAA Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Access Point Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show AP Group Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show AP Policy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show System Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show System Information Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Technical Support Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Management ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Static Route Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show WLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show WLAN Group Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show L2 Access Control List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show L3 Access Control List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Hotspot Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Role Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show User Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Currently Active Clients Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Role Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Mesh Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Dynamic PSK Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Dynamic Certificate Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Guest Pass Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Rogue Device Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Events and Activities Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Alarm Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show License Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Session-Timeout Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Active Wired Client Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Monitor AP MAC Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Monitor Currently Active Client Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Monitor Sysinfo Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
11
11
13
19
22
23
24
26
28
29
31
35
36
38
40
43
44
45
43
48
49
50
50
51
51
52
53
53
54
55
57
57
10
Viewing Current Configuration
Show Commands Overview
Show Commands Overview
Show commands display the controller’s current settings such as system status and
system configuration settings, along with the status and configurations of the
controller’s hotspot services, WLAN services, AAA servers, access points, connected
clients, AP groups and WLAN groups.
Monitor commands allow the administrator to enter monitoring mode to view status
and configuration changes as they occur.
Show AAA Commands
Use the show aaa commands to display information about the authentication,
authorization and accounting servers (AAA) servers that have been added to the
controller.
show aaa all
To display a list of all AAA servers that have been added to the controller, use the
following command:
show aaa all
Syntax Description
show
Display information
aaa
Display AAA server information
all
All AAA servers
Defaults
None.
Example
ruckus# show aaa all
AAA:
ID:
1:
Name= Local Database
Type= Local
2:
Name= Guest Accounts
Type= Guest
3:
Name= RADIUS Accounting
Type= RADIUS Accounting server
11
Viewing Current Configuration
Show AAA Commands
Primary RADIUS Accounting:
IP Address= 192.168.11.7
Port= 1813
Secret= secret
Secondary RADIUS Accounting:
Status= Disabled
4:
Name= Ruckus RADIUS
Type= RADIUS server
Auth Method=
Primary RADIUS:
IP Address= 192.168.11.99
Port= 1812
Secret= secret
Secondary RADIUS:
Status= Disabled
5:
Name= Ruckus AD
Type= Active Directory
IP Address= 192.168.11.17
Port= 389
Windows Domain Name= domain.ruckuswireless.com
Global Catalog= Disabled
Admin DN=domain
Admin Password=password
ruckus#
show aaa name
To display information about a specific AAA server that has been added to the
controller, use the following command:
show aaa name <WORD>
Syntax Description
show
Display information
aaa name
Display information about the specified AAA server name
<WORD>
Name of the AAA server
12
Viewing Current Configuration
Show Access Point Commands
Defaults
None.
Example
ruckus# show aaa name "Ruckus RADIUS"
AAA:
ID:
4:
Name= Ruckus RADIUS
Type= RADIUS server
Auth Method=
Primary RADIUS:
IP Address= 192.168.11.99
Port= 1812
Secret= secret
Secondary RADIUS:
Status= Disabled
ruckus#
Show Access Point Commands
Use the show ap commands to display the current settings of managed devices,
including their network address settings, device names, radio settings, and others.
show ap all
To display a summary of all devices that have been approved, use the following
command:
show ap all
Syntax Description
show
Display information
ap
Show device information
all
All devices that have been approved by the controller
Defaults
None.
Example
ruckus# show ap all
AP:
ID:
1:
MAC Address= 04:4f:aa:0c:b1:00
13
Viewing Current Configuration
Show Access Point Commands
Model= zf7962
Approved= Yes
Device Name= 7962 - MAP
Description= 7962 MAP (Living Room)
Location= Living Room
GPS=
Group Name= System Default
Radio a/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
5.8GHz Channels = Disabled
Tx. Power= Auto
WLAN Group Name= Default
Radio b/g/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
5.8GHz Channels = Disabled
Tx. Power= Auto
WLAN Group Name= Default
Override global ap-model port configuration= No
Network Setting:
Protocol mode= IPv4 and IPv6
Device IP Settings= Keep AP's Setting
IP Type= DHCP
IP Address= 192.168.11.6
Netmask= 255.255.255.0
Gateway= 192.168.11.1
Primary DNS Server=
Secondary DNS Server=
Device IPv6 Settings= Keep AP's Setting
IPv6 Type= Auto Configuration
IPv6 Address= fc00::1
IPv6 Prefix Length= 7
IPv6 Gateway=
IPv6 Primary DNS Server=
IPv6 Secondary DNS Server=
Mesh:
Status= Enabled
Mode= Auto
14
Viewing Current Configuration
Show Access Point Commands
Uplink:
Status= Smart
2:
MAC Address= 00:24:82:3f:14:60
Model= zf7363
Approved= Yes
Device Name= 7363 - RAP
Description= 7363 - RAP (Study)
Location= Study
GPS=
Group Name= System Default
Radio a/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
5.8GHz Channels = Disabled
Tx. Power= Auto
WLAN Group Name= Default
Radio b/g/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
5.8GHz Channels = Disabled
Tx. Power= Auto
WLAN Group Name= Default
Override global ap-model port configuration= No
Network Setting:
Protocol mode= IPv4 and IPv6
Device IP Settings= Keep AP's Setting
IP Type= DHCP
IP Address= 192.168.11.3
Netmask= 255.255.255.0
Gateway= 192.168.11.1
Primary DNS Server= 192.168.11.1
Secondary DNS Server=
Device IPv6 Settings= Keep AP's Setting
IPv6 Type= Auto Configuration
IPv6 Address=
IPv6 Prefix Length= 7
IPv6 Gateway=
15
Viewing Current Configuration
Show Access Point Commands
IPv6 Primary DNS Server=
IPv6 Secondary DNS Server=
Mesh:
Status= Enabled
Mode= Auto
Uplink:
Status= Smart
ruckus#
show ap devname
To display information about a specific device using its device name, use the following
command:
show ap devname <WORD>
Syntax Description
show
Display information
ap devname
Show information about the specified device name
<WORD>
The name of the device
Defaults
None.
Example
ruckus# show ap devname "7962 - MAP"
AP:
ID:
1:
MAC Address= 04:4f:aa:0c:b1:00
Model= zf7962
Approved= Yes
Device Name= 7962 - MAP
Description= 7962 MAP (Living Room)
Location= Living Room
GPS=
Group Name= System Default
Radio a/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
5.8GHz Channels = Disabled
Tx. Power= Auto
16
Viewing Current Configuration
Show Access Point Commands
WLAN Group Name= Default
Radio b/g/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
5.8GHz Channels = Disabled
Tx. Power= Auto
WLAN Group Name= Default
Override global ap-model port configuration= No
Network Setting:
Protocol mode= IPv4 and IPv6
Device IP Settings= Keep AP's Setting
IP Type= DHCP
IP Address= 192.168.11.6
Netmask= 255.255.255.0
Gateway= 192.168.11.1
Primary DNS Server=
Secondary DNS Server=
Device IPv6 Settings= Keep AP's Setting
IPv6 Type= Auto Configuration
IPv6 Address= fc00::1
IPv6 Prefix Length= 7
IPv6 Gateway=
IPv6 Primary DNS Server=
IPv6 Secondary DNS Server=
Mesh:
Status= Enabled
Mode= Auto
Uplink:
Status= Smart
ruckus#
show ap mac
To search for the device that matches the specified MAC address, use the following
command:
show ap mac <MAC>
Syntax Description
show
Display information
17
Viewing Current Configuration
Show Access Point Commands
ap mac
Display information about the device with the specified
MAC address
<MAC>
The MAC address of the device
Defaults
None.
Example
ruckus# show ap mac 04:4f:aa:0c:b1:00
AP:
ID:
1:
MAC Address= 04:4f:aa:0c:b1:00
Model= zf7962
Approved= Yes
Device Name= 7962 - MAP
Description= 7962 MAP (Living Room)
Location= Living Room
GPS=
Group Name= System Default
Radio a/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
5.8GHz Channels = Disabled
Tx. Power= Auto
WLAN Group Name= Default
Radio b/g/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
5.8GHz Channels = Disabled
Tx. Power= Auto
WLAN Group Name= Default
Override global ap-model port configuration= No
Network Setting:
Protocol mode= IPv4 and IPv6
Device IP Settings= Keep AP's Setting
IP Type= DHCP
IP Address= 192.168.11.6
Netmask= 255.255.255.0
Gateway= 192.168.11.1
Primary DNS Server=
18
Viewing Current Configuration
Show AP Group Commands
Secondary DNS Server=
Device IPv6 Settings= Keep AP's Setting
IPv6 Type= Auto Configuration
IPv6 Address= fc00::1
IPv6 Prefix Length= 7
IPv6 Gateway=
IPv6 Primary DNS Server=
IPv6 Secondary DNS Server=
Mesh:
Status= Enabled
Mode= Auto
Uplink:
Status= Smart
ruckus#
Show AP Group Commands
Use the show ap-group commands to display Access Point Group settings.
show ap-group all
To display all AP groups and their settings (including the default AP group), use the
following command:
show ap-group all
Syntax Description
show
Display information
ap-group
Display access point group information
all
All AP groups
Defaults
None.
Example
ruckus# show ap-group all
APGROUP:
ID:
1:
Name= System Default
Description= System default group for Access Points
19
Viewing Current Configuration
Show AP Group Commands
Radio 11bgn:
Channelization= Auto
Channel= Auto
Enable auto channel selection which select from 1,6,11= Yes
Tx. Power= Auto
11N only Mode= Auto
WLAN Group= Default
Radio 11an:
Channelization= Auto
Channel= Auto
Tx. Power= Auto
11N only Mode= Auto
WLAN Group= Default
Members:
MAC= 04:4f:aa:0c:b1:00
MAC= 00:24:82:3f:14:60
MAC= 74:91:1a:2b:ff:a0
APGROUP:
ID:
2:
Name= ap group 2
Description=
Radio 11bgn:
Channelization= Auto
Channel= Auto
Enable auto channel selection which select from 1,6,11= Yes
Tx. Power= Auto
11N only Mode= Auto
WLAN Group= Default
Radio 11an:
Channelization= Auto
Channel= Auto
Tx. Power= Auto
11N only Mode= Auto
20
Viewing Current Configuration
Show AP Group Commands
WLAN Group= Default
Members:
APGROUP:
ID:
3:
Name= ap group 1
Description=
Radio 11bgn:
Channelization= Auto
Channel= Auto
Enable auto channel selection which select from 1,6,11= Yes
Tx. Power= Auto
11N only Mode= Auto
WLAN Group= Default
Radio 11an:
Channelization= Auto
Channel= Auto
Tx. Power= Auto
11N only Mode= Auto
WLAN Group= Default
Members:
ruckus#
show ap-group name
To display details about a specific AP group, use the following command:
show ap-group name <WORD>
Syntax Description
show
Display information
ap-group name
Display information about the AP group with the specified
name
<WORD>
The name of the AP group
21
Viewing Current Configuration
Show AP Policy Commands
Defaults
None.
Example
ruckus# show ap-group name "System Default"
APGROUP:
ID:
1:
Name= System Default
Description= System default group for Access Points
Radio 11bgn:
Channelization= Auto
Channel= Auto
Enable auto channel selection which select from 1,6,11= Yes
Tx. Power= Auto
11N only Mode= Auto
WLAN Group= Default
Radio 11an:
Channelization= Auto
Channel= Auto
Tx. Power= Auto
11N only Mode= Auto
WLAN Group= Default
Members:
MAC= 04:4f:aa:0c:b1:00
MAC= 00:24:82:3f:14:60
MAC= 74:91:1a:2b:ff:a0
ruckus#
Show AP Policy Commands
Use the show ap-policy command to display global access point policies that have
been configured on the controller.
show ap-policy
show ap-policy
Example
ruckus# show ap-policy
Automatically approve all join requests from APs= Enabled
Limited ZD Discovery:
22
Viewing Current Configuration
Show System Configuration Commands
Status= Disabled
Management VLAN:
Status= Keep AP's setting
Balances the number of clients across adjacent APs= Disabled
Max. clients for 11BG radio= 100
Max. clients for 11N radio= 100
LWAPP message MTU= 1450
ruckus#
Show System Configuration Commands
Use the show config commands to display the controller’s system configuration
settings.
show config
To display the current system configuration settings, including network addressing,
management VLAN, country code, logging, AAA servers, WLAN services, WLAN
groups, AP list, SNMP, and ACLs, use the following command:
show config
Syntax Description
show
Display information
config
Display system configuration settings
Defaults
None.
Example
ruckus# show config
Protocol Mode= IPv4-Only
Device IP Address:
Mode= Manual
IP Address= 192.168.11.100
Netmask= 255.255.255.0
Gateway Address= 192.168.11.1
Primary DNS= 192.168.11.1
Secondary DNS= 168.115.1.1
Management VLAN:
Status= Disabled
VLAN ID=
23
Viewing Current Configuration
Show System Information Commands
Country Code:
Code= United States
Identity:
Name= ruckus
NTP:
Status= Enabled
Address= ntp.ruckuswireless.com
Log:
Status= Disabled
Address=
Tunnel MTU:
Tunnel MTU= 1500
Telnet Server:
Status= Disabled
FTP Anonymous Access:
Status= Enabled
FlexMaster:
Status= Disabled
Address= flexmaster
Interval= 15
AAA:
ID:
1:
Name= Local Database
Type= Local
...
...
ruckus#
Show System Information Commands
Use the show sysinfo commands to display the controller’s system information.
24
Viewing Current Configuration
Show System Information Commands
show sysinfo
To display an overview of the system status, including system, devices, usage
summary, user activities, system activities, used access points, and support information, use the following command:
show sysinfo
Syntax Description
show
Display information
sysinfo
Display an overview of various system statuses
Defaults
None.
Example
ruckus# show sysinfo
System Overview:
Name= ruckus
IP Address= 192.168.11.100
MAC Address= 00:13:11:01:01:01
Uptime= 11d 22h 37m
Model= ZD1112
Licensed APs= 12
Serial Number= 000000000011
Version= 9.3.0.0 build 80
Devices Overview:
Number of APs= 2
Number of Client Devices= 1
Number of Rogue Devices= 0
Usage Summary:
Usage of 1 hr:
Max. Concurrent Users= 1
Bytes Transmitted= 407.13K
Number of Rogue Devices= 0
Usage of 24 hr:
Max. Concurrent Users= 2
Bytes Transmitted= 678.94M
Number of Rogue Devices= 2
Memory Utilization:
Used Bytes= 69971968
Used Percentage= 54%
25
Viewing Current Configuration
Show Technical Support Commands
Free Bytes= 59187200
Free Percentage= 46%
ruckus#
Show Technical Support Commands
Use the following commands to display information that Ruckus Wireless may need
when providing technical support.
show techsupport
To display system information required by Technical Support, use the following
command:
show techsupport
Syntax Description
show
Display information
techsupport
Display information about the controller that may be
required by Ruckus Wireless Technical Support
Defaults
None.
Example
ruckus# show techsupport
System Overview:
Name= ruckus
IP Address= 192.168.11.100
MAC Address= 00:13:11:01:01:01
Uptime= 11d 22h 46m
Model= ZD1112
Licensed APs= 12
Serial Number= 000000000011
Version= 9.3.0.0 build 80
Devices Overview:
Number of APs= 2
Number of Client Devices= 1
Number of Rogue Devices= 0
Usage Summary:
Usage of 1 hr:
26
Viewing Current Configuration
Show Technical Support Commands
Max. Concurrent Users= 1
Bytes Transmitted= 697.85K
Number of Rogue Devices= 0
Usage of 24 hr:
Max. Concurrent Users= 2
Bytes Transmitted= 679.21M
Number of Rogue Devices= 2
Memory Utilization:
Used Bytes= 70119424
Used Percentage= 54%
Free Bytes= 59039744
Free Percentage= 46%
Protocol Mode= IPv4-Only
Device IP Address:
Mode= Manual
IP Address= 192.168.11.100
Netmask= 255.255.255.0
Gateway Address= 192.168.11.1
Primary DNS= 192.168.11.1
Secondary DNS= 168.95.1.1
Management VLAN:
Status= Disabled
VLAN ID=
Country Code:
Code= United States
Identity:
Name= ruckus
NTP:
Status= Enabled
Address= ntp.ruckuswireless.com
Log:
Status= Disabled
Address=
Tunnel MTU:
27
Viewing Current Configuration
Show Management ACL Commands
Tunnel MTU= 1500
Telnet Server:
Status= Disabled
FTP Anonymous Access:
Status= Enabled
FlexMaster:
Status= Disabled
Address= flexmaster
Interval= 15
AAA:
ID:
1:
Name= Local Database
Type= Local
...
...
ruckus#
Show Management ACL Commands
Use the mgmt-acl and mgmt-acl-ipv6 commands to display information about
the management access control lists configured on the controller.
show mgmt-acl all
To display all management ACLs that have been configured on the controller, use the
following command:
show mgmt-acl all
show mgmt-acl name
To display information about a specific management ACL, use the following
command:
show mgmt-acl name <NAME>
show mgmt-acl-ipv6 all
To display all management ACLs that have been configured on the controller, use the
following command:
28
Viewing Current Configuration
Show Static Route Commands
show mgmt-acl-ipv6 all
show mgmt-acl-ipv6 name
To display information about a specific management ACL, use the following
command:
show mgmt-acl-ipv6 name <NAME>
Syntax Description
show
Display information
mgmt-acl
Display management ACL settings
mgmt-acl-ipv6
Display IPv6 management ACL settings
all
All configured management ACLs
name
Display information about a specific management ACL
<NAME>
The name of the management ACL
Defaults
None.
Example
ruckus# show mgmt-acl all
Management ACL:
Name= New Name
Restriction Type= range
IP range= 192.168.11.1-192.168.11.253
Name= Remote 1
Restriction Type= single
IP address= 172.17.17.150
Name= Remote admin 2
Restriction Type= single
IP address= 172.17.16.12
ruckus#
Show Static Route Commands
Use the static-route commands to display information about static routes configured on the controller.
29
Viewing Current Configuration
Show Static Route Commands
show static-route all
To display all static route information, use the following command:
show static-route all
show static-route name
show static-route name <NAME>
show static-route-ipv6 all
show static-route-ipv6 all
show static-route-ipv6 name
show static-route-ipv6 name <NAME>
Syntax Description
show
Display information
static-route
Display static route settings
static-route-ipv6 Display IPv6 static route settings
all
All configured static routes
name
Display information about a specific configured static route
<NAME>
The name of the static route entry
Defaults
None.
Example
ruckus# show static-route all
Static Route:
ID= 1
Name= Static Route 1
IP subnet= 192.168.11.1/24
IP gateway= 192.168.11.1
ruckus#
30
Viewing Current Configuration
Show WLAN Commands
Show WLAN Commands
Use the following commands to display information about available WLANs on the
controller.
show wlan all
To display all available WLAN services (SSIDs), use the following command:
show wlan all
Syntax Description
show
Display information
wlan
Display WLAN services (SSIDs) settings
all
All available WLANs/SSIDs
Defaults
None.
Example
ruckus# show wlan all
WLAN Service:
ID:
1:
NAME = Ruckus1
Tx. Rate of Management Frame(2.4GHz) = 2.0Mbps
Beacon Interval = 100ms
SSID = Ruckus1
Description = Ruckus WPA WLAN
Type = Standard Usage
Authentication = open
Encryption = wpa2
Algorithm = aes
Passphrase = testing123
Web Authentication = Disabled
Authentication Server = Disabled
Tunnel Mode = Disabled
Background Scanning = Enabled
Max. Clients = 100
Client Isolation = None
Zero-IT Activation = Enabled
Priority = High
Load Balancing = Enabled
Dynamic PSK = Enabled
Rate Limiting Uplink = Disabled
31
Viewing Current Configuration
Show WLAN Commands
Rate Limiting Downlink = Disabled
Auto-Proxy configuration:
Status = Disabled
Inactivity Timeout:
Status = Enabled
Timeout = 500 Minutes
VLAN = Disabled
Dynamic VLAN = Disabled
Closed System = Disabled
ofdm-only State = Disabled
DHCP Option82 State= Disabled
BSS Minrate = Disabled
PMK Cache Time = 720 Minutes
NAS-ID Type = wlan-bssid
PAP Message Authenticator = Enabled
Send EAP-Failure = Disabled
L2/MAC = No ACLS
L3/L4/IP Address = No ACLS
L3/L4/IPv6 Address = No ACLS
ruckus#
show wlan name
To display information about the specified WLAN service (SSID), use the following
command:
show wlan name <NAME>
Syntax Description
show
Display information
wlan name
Display information about the specified WLAN name
<NAME>
The name of the WLAN
Defaults
None.
Example
ruckus# show wlan name Ruckus1
WLAN Service:
ID:
1:
NAME = Ruckus1
32
Viewing Current Configuration
Show WLAN Commands
Tx. Rate of Management Frame(2.4GHz) = 2.0Mbps
Beacon Interval = 100ms
SSID = Ruckus1
Description = Ruckus WPA WLAN
Type = Standard Usage
Authentication = open
Encryption = wpa2
Algorithm = aes
Passphrase = testing123
Web Authentication = Disabled
Authentication Server = Disabled
Tunnel Mode = Disabled
Background Scanning = Enabled
Max. Clients = 100
Client Isolation = None
Zero-IT Activation = Enabled
Priority = High
Load Balancing = Enabled
Dynamic PSK = Enabled
Rate Limiting Uplink = Disabled
Rate Limiting Downlink = Disabled
Auto-Proxy configuration:
Status = Disabled
Inactivity Timeout:
Status = Enabled
Timeout = 500 Minutes
VLAN = Disabled
Dynamic VLAN = Disabled
Closed System = Disabled
ofdm-only State = Disabled
DHCP Option82 State= Disabled
BSS Minrate = Disabled
PMK Cache Time = 720 Minutes
NAS-ID Type = wlan-bssid
PAP Message Authenticator = Enabled
Send EAP-Failure = Disabled
L2/MAC = No ACLS
L3/L4/IP Address = No ACLS
L3/L4/IPv6 Address = No ACLS
ruckus#
33
Viewing Current Configuration
Show WLAN Commands
show wlan name stations
To display a list of wireless stations associated with the specified WLAN service, use
the following command:
show wlan name <NAME> stations
Syntax Description
show
Display information
wlan name
Display information about the specified WLAN name
<NAME>
The name of the WLAN
stations
Display stations associated with the WLAN
Defaults
None.
Example
ruckus# show wlan name Ruckus1 stations
Clients List:
Client:
MAC Address= 6c:62:6d:1b:e3:00
User Name=
IP Address= 192.168.11.11
IPv6 Address=
Access Point= 04:4f:aa:0c:b1:00
WLAN= Ruckus1
Channel= 6
Signal (dB)= 51
Client:
MAC Address= 00:22:fb:ad:1b:2e
User Name=
IP Address= 192.168.11.7
IPv6 Address=
Access Point= 04:4f:aa:0c:b1:00
WLAN= Ruckus1
Channel= 153
Signal (dB)= 0
ruckus#
34
Viewing Current Configuration
Show WLAN Group Commands
Show WLAN Group Commands
Use the following commands to display information about the WLAN groups that exist
on the controller.
show wlan-group all
To display a list of existing WLAN groups, use the following command:
show wlan-group all
Syntax Description
show
Display information
wlan-group
Display information about the specified WLAN group
all
Show all WLAN groups
Defaults
None.
Example
ruckus# show wlan-group all
WLAN Group:
ID:
1:
Name= Default
Description= Default WLANs for Access Points
WLAN Service:
WLAN1:
NAME= Ruckus1
VLAN=
WLAN2:
NAME= Ruckus2
VLAN=
2:
Name= Guest WLAN Group
Description= 1st floor APs only
WLAN Service:
WLAN1:
NAME= Ruckus-Guest
VLAN=
ruckus#
35
Viewing Current Configuration
Show L2 Access Control List Commands
show wlan-group name
To display information about the specified WLAN group name, use the following
command:
show wlan-group name <WORD>
Syntax Description
show
Display information
wlan-group name
Display information about the specified WLAN group name
<WORD>
The name of the WLAN group
Defaults
None.
Example
ruckus# show wlan-group name Default
WLAN Group:
ID:
1:
Name= Default
Description= Default WLANs for Access Points
WLAN Service:
WLAN1:
NAME= Ruckus1
VLAN=
WLAN2:
NAME= Ruckus2
VLAN=
ruckus#
Show L2 Access Control List Commands
Use the show l2acl commands to display Layer 2 access control list rules that have
been added to the controller.
show l2acl all
To display all Layer 2 access control list (ACL) rules that have been added to the
controller and their settings, use the following command:
show l2acl all
Syntax Description
show
Display information
36
Viewing Current Configuration
Show L2 Access Control List Commands
l2acl
Display L2 ACL information
all
All L2 ACL
Defaults
None.
Example
ruckus# show l2acl all
L2/MAC ACL:
ID:
1:
Name= System
Description= System
Restriction: Deny only the stations listed below
Stations:
2:
Name= blocked-sta-list
Description=
Restriction: Deny only the stations listed below
Stations:
show l2acl name
To display the settings of a specific L2 ACL rule that has been added to the controller,
use the following command:
show l2acl name <WORD>
Syntax Description
show
Display information
l2acl
Display L2 ACL information
name
Display information about the specified L2 ACL rule name
<WORD>
Name of the L2 ACL rule
Defaults
None.
Example
ruckus# show l2acl name 1
L2/MAC ACL:
ID:
2:
Name= 1
Description=
37
Viewing Current Configuration
Show L3 Access Control List Commands
Restriction: Deny only the stations listed below
Stations:
MAC Address= 00:33:22:45:34:88
Show L3 Access Control List Commands
Use the show l3acl commands to display Layer 3 access control list rules that have
been added to the controller.
show l3acl all
To display all Layer 3 access control list (ACL) rules that have been added to the
controller and their settings, use the following command:
show l3acl all
show l3acl-ipv6 all
To display all IPv6 Layer 3 access control list (ACL) rules that have been added to the
controller and their settings, use the following command:
show l3acl-ipv6 all
Syntax Description
show
Display information
l3acl
Display L3 ACL information
l3acl-ipv6
Display IPv6 L3 ACL information
all
All L3 ACL
Defaults
None.
Example
ruckus# show l3acl all
L3/L4/IP ACL:
ID:
4:
Name= test2
Description= test2
Default Action if no rule is matched= Deny all by default
Rules:
Order= 1
Description=
Type= Allow
Destination Address= Any
Destination Port= 53
38
Viewing Current Configuration
Show L3 Access Control List Commands
Protocol= Any
Order= 2
Description=
Type= Allow
Destination Address= Any
Destination Port= 67
Protocol= Any
Order= 3
Description=
Type= Allow
Destination Address= 8.8.8.8/24
Destination Port= 25
Protocol= 6
show l3acl name
To display the settings of a specific L3 ACL rule that has been added to the controller,
use the following command:
show l3acl name <WORD>
show l3acl-ipv6 name
To display the settings of a specific IPv6 L3 ACL rule that has been added to the
controller, use the following command:
show l3acl-ipv6 name <WORD>
Syntax Description
show
Display information
l3acl
Display L3 ACL information
l3acl-ipv6
Display IPv6 L3 ACL information
name
Display information about the specified L3 ACL rule
<WORD>
Name of the L3 ACL rule
Defaults
None.
Example
ruckus# show l3acl name test2
L3/L4/IP ACL:
ID:
4:
Name= test2
Description= test2
39
Viewing Current Configuration
Show Hotspot Commands
Default Action if no rule is matched= Allow all by default
Rules:
Order= 1
Description=
Type= Allow
Destination Address= Any
Destination Port= 53
Protocol= Any
Order= 2
Description=
Type= Allow
Destination Address= Any
Destination Port= 67
Protocol= Any
Order= 3
Description=
Type= Allow
Destination Address= 8.8.8.8/24
Destination Port= 25
Protocol= 6
Show Hotspot Commands
Use the show hotspot commands to display the controller’s hotspot configuration
settings.
show hotspot all
To display a list of all hotspot services that have been created on the controller, use
the following command:
show hotspot all
Syntax Description
show
Display information
hotspot
Display hotspot information
all
All available hotspots
Defaults
None.
Example
ruckus# show hotspot all
Hotspot:
40
Viewing Current Configuration
Show Hotspot Commands
ID:
1:
Name= New Name
Login Page Url= myhotspot.com
Start Page= redirect to the URL that the user intends to visit.
Session Timeout= Disabled
Idle Timeout= Disabled
Authentication Server= Local Database
Accounting Server= Disabled
Location ID=
Location Name=
Walled Garden 1=
Walled Garden 2=
Walled Garden 3=
Walled Garden 4=
Walled Garden 5=
IPv4 Rules:
IPv6 Rules:
ID:
2:
Name= New name2
Login Page Url= myhotspot.com
Start Page= redirect to the URL that the user intends to visit.
Session Timeout= Disabled
Idle Timeout= Disabled
Authentication Server= Local Database
Accounting Server= Disabled
Location ID=
Location Name=
Walled Garden 1=
Walled Garden 2=
Walled Garden 3=
Walled Garden 4=
Walled Garden 5=
IPv4 Rules:
Order= 1
Description= 10.9.5.55
Type= Deny
Destination Address= Any
Destination Port= Any
41
Viewing Current Configuration
Show Hotspot Commands
Protocol= Any
IPv6 Rules:
show hotspot name
To display information about the specific hotspot service, use the following command:
show hotspot name <WORD>
If the hotspot name includes a space, you must put the name in quotation marks (for
example, “hotspot name”.
Syntax Description
show
Display information
hotspot name
Display hotspot information
<WORD>
The name of the hotspot
Defaults
None.
Example
ruckus# show hotspot name “New name2”
Hotspot:
ID:
2:
Name= New name2
Login Page Url= myhotspot.com
Start Page= redirect to the URL that the user intends to visit.
Session Timeout= Disabled
Idle Timeout= Disabled
Authentication Server= Local Database
Accounting Server= Disabled
Location ID=
Location Name=
Walled Garden 1=
Walled Garden 2=
Walled Garden 3=
Walled Garden 4=
Walled Garden 5=
IPv4 Rules:
Order= 1
Description= 10.9.5.55
Type= Deny
Destination Address= Any
Destination Port= Any
42
Viewing Current Configuration
Show Role Commands
Protocol= Any
IPv6 Rules:
Show Role Commands
Use the show role commands to display details about roles that have been created
on the controller.
show role all
To display a list of all roles that have been created on the controller, use the following
command:
show role all
Syntax Description
show
Display information
role
Display role information
all
All roles that have been created
Defaults
None.
Example
ruckus# show role all
Role:
ID:
1:
Name= Default
Description= Allow Access to All WLANs
Group Attributes=
Guest Pass Generation= Allowed
ZoneDirector Administration= Disallowed
Allow All WLANs= Allow access to all WLANs.
show role name
To display information about the specific role, use the following command:
show role name <WORD>
Syntax Description
show
Display information
role name
Display role information
<WORD>
The name of the role
43
Viewing Current Configuration
Show User Commands
Defaults
None.
Example
ruckus# show role name Default
Role:
ID:
1:
Name= Default
Description= Allow Access to All WLANs
Group Attributes=
Guest Pass Generation= Allowed
ZoneDirector Administration= Disallowed
Allow All WLANs= Allow access to all WLANs.
Show User Commands
Use the show user commands to display details about user accounts that exist on
the controller.
show user all
To display a list of all existing user accounts, use the following command:
show user all
Syntax Description
show
Display information
user
Display user information
all
All existing user accounts
Defaults
None.
Example
ruckus# show user all
User:
ID:
1:
User Name= test22
Full Name= test11
Password= test1234
Role= Default
show user name
To display information about the specific user, use the following command:
44
Viewing Current Configuration
Show Currently Active Clients Commands
show user name <user_name>
Syntax Description
show
Display information
user name
Display user information
<WORD>
The name of the user
Defaults
None.
Example
ruckus# show user name test22
User:
ID:
1:
User Name= test22
Full Name= test11
Password= test1234
Role= Default
Show Currently Active Clients Commands
Use the show current-active-clients commands to display a list of wireless
clients that are associated with the APs that the controller manages.
show current-active-clients all
To display a list of all existing user accounts, use the following command:
show current-active-clients all
Syntax Description
show
Display information
current-activeclients
Display currently active wireless clients
all
All active wireless clients
Defaults
None.
Example
ruckus# show current-active-clients all
Current Active Clients:
Clients:
Mac Address= 00:22:fb:5c:e2:32
User/IP= 172.18.30.2
User/IPv6=
45
Viewing Current Configuration
Show Currently Active Clients Commands
Access Point= 04:4f:aa:13:30:f0
BSSID= 04:4f:aa:13:30:fa
Connect Since=2011/03/01 02:48:22
Auth Method= OPEN
WLAN= 11jojoe
VLAN= None
Channel= 6
Radio= 802.
Signal= 0
Status= Authorized
Last 300 Events/Activities:
Activity:
Date/Time= 2011/03/01 02:49:05
Severity= Low
User=
Activities= User[00:22:fb:5c:e2:32] joins WLAN[11jojoe] from
AP[04:4f:aa:13:30:f0]
Activity:
Date/Time= 2011/03/01 02:48:22
Severity= Low
User=
Activities= User[00:22:fb:5c:e2:32] joins WLAN[11jojoe] from
AP[04:4f:aa:13:30:f0]
...
...
ruckus#
show current-active-clients mac
To display information about the specific active client, use the following command:
show current-active-clients mac <MAC>
Syntax Description
show
Display information
current-activeclients mac
Display currently active wireless clients
<MAC>
The MAC address of the wireless client
Defaults
None.
Example
ruckus# show current-active-clients mac 6c:62:6d:1b:e3:00
46
Viewing Current Configuration
Show Currently Active Clients Commands
Current Active Clients:
Clients:
Mac Address= 6c:62:6d:1b:e3:00
User/IP= 192.168.11.11
User/IPv6=
Access Point= 04:4f:aa:0c:b1:00
BSSID= 04:4f:aa:0c:b1:08
Connect Since=2012/01/10 06:22:44
Auth Method= OPEN
WLAN= Ruckus1
VLAN= None
Channel= 6
Radio= 802.11gn
Signal= 53
Status= Authorized
Received from client= 20746 pkts / 6274531 bytes
Transmitted to client= 25777 pkts / 6714433 bytes
Tx. drops due to retry failure= 1 pkts
Last 300 Events/Activities:
Activitiy:
Date/Time= 2012/01/10 06:22:44
Severity= Low
User=
Activities= User[6c:62:6d:1b:e3:00] joins WLAN[Ruckus1] from
AP[7962 - MAP@04:4f:aa:0c:b1:00]
Activitiy:
Date/Time= 2012/01/09 18:52:28
Severity= Low
User=
Activities= User[6c:62:6d:1b:e3:00] disconnects from WLAN[Ruckus1]
at AP[7363 - RAP@00:24:82:3f:14:60]
Activitiy:
Date/Time= 2012/01/08 06:08:52
Severity= Low
User=
Activities= AP[7363 - RAP@00:24:82:3f:14:60] radio [11g/n] detects
User[6c:62:6d:1b:e3:00] in WLAN[Ruckus1] roams from AP[7962 MAP@04:4f:aa:0c:b1:00]
...
...
ruckus#
47
Viewing Current Configuration
Show Mesh Commands
Show Mesh Commands
Use the show mesh commands to display the controller’s mesh network configuration
and topology.
show mesh info
To display a list of all mesh networks that have been formed, use the following
command:
show mesh info
Syntax Description
show
Display information
mesh
Display mesh network information
info
Show mesh information
Defaults
None.
Example
ruckus# show mesh info
Mesh Settings:
Mesh Status= Enabled
Mesh Name(ESSID)= Mesh-000000000311
Mesh Passphrase= GdxW5CUgrn_SEHOPyCSxv_cQHSca MH-OpnRGfX
sRvwXBJLwUsD6eeK8CMEZfm
Mesh Hop Detection:
Status= Disabled
Mesh Downlinks Detection:
Status= Disabled
Tx. Rate of Management Frame=2Mbps
Beacon Interval= 200ms
ruckus#
show mesh topology
To display the topology of existing mesh networks, use the following command:
show mesh topology
Syntax Description
show
Display information
mesh
Display mesh network information
topology
Show mesh topology
48
Viewing Current Configuration
Show Dynamic PSK Commands
Defaults
None.
Example
ruckus# show mesh topology
Mesh Topology(Mesh-000000000311):
Root Access Points= 00:24:82:3b:14:60
Signal (dB) Downlink=/ Uplink=
Description= 7363 - RAP (Study)
Channel= 153 (11an)
IP Address= 192.168.11.3
Mesh Access Points= 04:4f:ab:0c:b1:00
Signal (dB) Downlink= 28 / Uplink= 30
Description= 7962 MAP (Living Room)
Channel= 153
IP Address= 192.168.11.6
ruckus#
Show Dynamic PSK Commands
Use the show dynamic-psks commands to display information about Dynamic
PSKs that have been generated. Use the following command:
show dynamic-psks
Syntax Description
show
Display information
dynamic-psks
Display dynamic PSKs that have been generated
Defaults
None.
Example
ruckus# show dynamic-psks
Generated Dynamic PSKs:
DPSK:
User= BatchDPSK_User_1
Mac Address= 00:00:00:00:00:00
Created= 2011/03/01 03:30:01
Expired= Unlimited
DPSK:
User= BatchDPSK_User_2
Mac Address= 00:00:00:00:00:00
Created= 2011/03/01 03:30:02
49
Viewing Current Configuration
Show Dynamic Certificate Commands
Expired= Unlimited
DPSK:
User= DPSK-User-2
Mac Address= 00:11:22:33:44:55
Created= 2011/03/01 03:30:47
Expired= Unlimited
Show Dynamic Certificate Commands
Use the show dynamic-certs commands to display information about Dynamic
certificates that have been generated. Use the following command:
show dynamic-certs
Syntax Description
show
Display information
dynamic-certs
Display dynamic certificates that have been generated
Defaults
None.
Example
ruckus# show dynamic-certs
Generated Dynamic Certs:
Show Guest Pass Commands
Use the show guest-passes commands to display information about guest passes
that have been generated. Use the following command:
show guest-passes
Syntax Description
show
Display information
guest-passes
Display guest passes that have been generated
Defaults
None.
Example
ruckus# show guest-passes
Generated Guest Passes:
ID:
Guest Name= John Doe
Remarks=
Expires= 2012/01/11 08:32:15
Re-auth=
50
Viewing Current Configuration
Show Rogue Device Commands
Creator= ruckus
Sharable= No
Wlan= Ruckus-Guest
ruckus#
Show Rogue Device Commands
Use the show rogue-devices commands to display information about rogue
devices that the controller has detected on the network. Use the following command:
show rogue-devices
Syntax Description
show
Display information
rogue-devices
Display rogues devices that have been detected on the
network
Defaults
None.
Example
ruckus# show rogue-devices
Current Active Rogue Devices:
Rogue Devices:
Mac Address= 00:25:c4:52:1c:a1
Channel= 6
Radio= 802.11bg
Type= AP
Encryption= Open
SSID= V54-HOME001
Last Detected= 2011/03/01 02:03:43
Known/Recognized Rogue Devices:
Show Events and Activities Commands
Use the show events-activities commands to display information events and
network activities that have been recorded by the controller. Use the following
command:
show events-activities
Syntax Description
show
Display information
51
Viewing Current Configuration
Show Alarm Commands
events-activities Display a list of events and activities records by the
controller
Defaults
None.
Example
ruckus# show events-activities
ruckus# show events-activities
Last 300 Events/Activities:
Activitiy:
Date/Time= 2012/01/10 08:33:17
Severity= Low
User=
Activities= Admin[ruckus] logs in from [192.168.11.7]
Activitiy:
Date/Time= 2012/01/10 08:32:00
Severity= Low
User=
Activities= WLAN[Ruckus-Guest] with BSSID[04:4f:aa:4c:b1:08]
configuration has been updated on radio [11g/n] of AP[7962 MAP@04:4f:aa:0c:b1:00]
Activitiy:
Date/Time= 2012/01/10 08:32:00
Severity= Low
User=
...
...
Show Alarm Commands
Use the show alarm commands to display alarms that have been generated by the
controller. Use the following command:
show alarm
Syntax Description
show
Display information
alarm
Display a list of alarms that have been generated by the
controller
Defaults
None.
Example
ruckus# show alarm
52
Viewing Current Configuration
Show License Commands
Last 300 Alarms:
Alarms:
Date/Time= 2012/01/10 04:08:01
Name= AP Lost Contact
Severity= High
Activities= Lost contact with AP[7025 EU@74:91:1a:2b:ff:a0]
Alarms:
Date/Time= 2011/11/10 09:35:36
Name= Rogue AP Detected
Severity= High
Activities= A new Rogue[78:44:76:d5:bb:24] with SSID[dutex] is
detected
...
...
Show License Commands
Use the show license commands to display the controller’s license information,
including the model number, the maximum number of APs that it can support, and
the maximum number of wireless clients that managed APs can support. Use the
following command:
show license
Syntax Description
show
Display information
license
Display the controller’s license information
Defaults
None.
Example
ruckus# show license
License:
Model= ZD1112
Max. AP Number= 12
Max. Client Number= 1250
ruckus#
Show Session-Timeout Commands
Use the show session-timeout command to display the current session timeout
interval.
53
Viewing Current Configuration
Show Active Wired Client Commands
show session-timeout
show session-timeout
Syntax Description
show
Display information
session-timeout
Display the current session timeout interval
Defaults
None.
Example
ruckus# show session-timeout
Current session timeout interval is 30 minutes
ruckus#
Show Active Wired Client Commands
Use the show active-wired-client commands to display information about
currently active wired clients.
show active-wired-client all
show active-wired-client all
show active-wired-client mac
show active-wired-client mac <MAC>
Syntax Description
show
Display information
active-wiredclient
Display the currently active wired client information
all
Show all wired clients
mac
Show a specific client information by MAC address
<MAC>
The MAC address of the specific client
Defaults
None.
Example
ruckus# show active-wired-client all
Current Active Wired Clients:
ruckus#
54
Viewing Current Configuration
Monitor AP MAC Commands
Monitor AP MAC Commands
Use the monitor ap mac command to monitor details on a specific access point.
monitor ap mac
monitor ap mac <MAC>
Syntax Description
monitor
Begin monitoring mode
ap mac
Designate the access point to begin monitoring
<MAC>
The MAC address of the specific access point
Defaults
None.
Example
ruckus# monitor ap mac 04:4f:aa:0c:b1:00
------------------------------------------------------------------------------ID MAC Approved Device-Name Description
104:4f:aa:0c:b1:00 Yes7962 - MAP7962 MAP (Living
------------------------------------------------------------------------------IPv4-ADDRMASK GATEWAYPRI-DNS
192.168.11.6 255.255.255.0192.168.11.1
------------------------------------------------------------------------------Radio-TypeRX-Packets(M)/RX-Bytes(G) TX-Packets(M)/TX-Bytes(G)
Retries(%)
Radio a/n 36.9/2.028.6/2.00.0
Radio-TypeRX-Packets(M)/RX-Bytes(G) TX-Packets(M)/TX-Bytes(G)
Retries(%)
Radio b/g/n 37.8/2.012.4/2.00.3
------------------------------------------------------------------------------Status Mode LocationUplink-Status
EnabledAuto Living Room Smart
-------------------------------------------------------------------------------------------------------------------------------------------------------------ID MAC Approved Device-Name Description
104:4f:aa:0c:b1:00 Yes7962 - MAP7962 MAP (Living
------------------------------------------------------------------------------IPv4-ADDRMASK GATEWAYPRI-DNS
55
Viewing Current Configuration
Monitor AP MAC Commands
192.168.11.6 255.255.255.0192.168.11.1
------------------------------------------------------------------------------Radio-TypeRX-Packets(M)/RX-Bytes(G) TX-Packets(M)/TX-Bytes(G)
Retries(%)
Radio a/n 36.9/2.028.6/2.00.0
Radio-TypeRX-Packets(M)/RX-Bytes(G) TX-Packets(M)/TX-Bytes(G)
Retries(%)
Radio b/g/n 37.8/2.012.4/2.00.3
------------------------------------------------------------------------------Status Mode LocationUplink-Status
EnabledAuto Living Room Smart
-------------------------------------------------------------------------------------------------------------------------------------------------------------ID MAC Approved Device-Name Description
104:4f:aa:0c:b1:00 Yes7962 - MAP7962 MAP (Living
------------------------------------------------------------------------------IPv4-ADDRMASK GATEWAYPRI-DNS
192.168.11.6 255.255.255.0192.168.11.1
------------------------------------------------------------------------------Radio-TypeRX-Packets(M)/RX-Bytes(G) TX-Packets(M)/TX-Bytes(G)
Retries(%)
Radio a/n 36.9/2.028.6/2.00.0
Radio-TypeRX-Packets(M)/RX-Bytes(G) TX-Packets(M)/TX-Bytes(G)
Retries(%)
Radio b/g/n 37.8/2.012.4/2.00.3
------------------------------------------------------------------------------Status Mode LocationUplink-Status
EnabledAuto Living Room Smart
-------------------------------------------------------------------------------
ruckus#
56
Viewing Current Configuration
Monitor Currently Active Client Commands
Monitor Currently Active Client Commands
Use the monitor current-active-clients command to monitor details on a
specific client.
monitor current-active-clients
monitor current-active-clients <MAC>
Syntax Description
monitor
Begin monitoring mode
current-activeclients
Designate the currently active client to begin monitoring
<MAC>
The MAC address of the specific client
Defaults
None.
Example
ruckus# monitor current-active-clients mac 00:22:fb:ad:1b:2e
------------------------------------------------------------------------------04:4f:aa:0c:b1:00 192.168.11.7 Ruckus1 None Authorized
------------------------------------------------------------------------------04:4f:aa:0c:b1:0c153 11an43 OPEN
------------------------------------------------------------------------------44.3/6.743.2/17.0 36
--------------------------------------------------------------------------------------------------------------------------------------------------------------
ruckus#
Monitor Sysinfo Commands
Use the monitor sysinfo command to monitor system information.
monitor sysinfo
monitor sysinfo
57
Viewing Current Configuration
Monitor Sysinfo Commands
Syntax Description
Example
monitor
Begin monitoring mode
sysinfo
Display the system information
ruckus# monitor sysinfo
------------------------------------------------------------------------------IPv4-ADDR IPv6-ADDR MAC Uptime Model MAX-APs
192.168.11.100NULL 00:13:11:01:01:01 12d 1h 29mZD111212
------------------------------------------------------------------------------Number-of-APs Number-of-ClientsNumber-of-Rogues Name
2 10ruckus
------------------------------------------------------------------------------Usage of 1 hr|Usage of 24 hr
Max-Concurrent-Users TX-BytesRogues | Max-Concurrent-Users TXBytesRogues
12.33M 02297.58M 2
------------------------------------------------------------------------------Used-Bytes Used-Percentage Free-BytesFree-Percentage
71675904 55% 57483264 45%
-------------------------------------------------------------------------------------------------------------------------------------------------------------IPv4-ADDR IPv6-ADDR MAC Uptime Model MAX-APs
192.168.11.100NULL 00:13:11:01:01:01 12d 1h 29mZD111212
------------------------------------------------------------------------------Number-of-APs Number-of-ClientsNumber-of-Rogues Name
2 10ruckus
------------------------------------------------------------------------------Usage of 1 hr|Usage of 24 hr
Max-Concurrent-Users TX-BytesRogues | Max-Concurrent-Users TXBytesRogues
12.39M 02297.64M 2
------------------------------------------------------------------------------Used-Bytes Used-Percentage Free-BytesFree-Percentage
71675904 55% 57483264 45%
58
Viewing Current Configuration
Monitor Sysinfo Commands
--------------------------------------------------------------------------------------------------------------------------------------------------------------
59
3
Configuring Controller Settings
In This Chapter
Configuration Commands Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Configure AAA Server Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Configure Admin Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Configure Access Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Configure AP Policy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Configure AP Group Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Configure Certificate Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
Configure Layer 2 Access Control Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Configure Layer 3 Access Control Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Configure Load Balancing Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Configure STP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Configure System Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
Configure UPNP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Configure Zero-IT Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Configure Dynamic PSK Expiration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Configure WLAN Settings Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Configure WLAN Group Settings Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Configure Role Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Configure User Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
Configure Guest Access Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
Configure Hotspot Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
Configure Mesh Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Configure Alarm Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Configure Services Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
60
Configuring Controller Settings
Configuration Commands Overview
Configuration Commands Overview
This section describes the commands that you can use to configure ZoneDirector via
the config context.From the priveleged commands context, type config to enter
the configuration context. To show a list of commands available from within the config
context, type help or ?.
Configure AAA Server Commands
This section describes the commands that you can use to configure AAA server entries
on the controller. The following commands can be executed from within the configaaa context. To show a list of commands available from within the aaa context, type
help or ?.
aaa
To create or configure an AAA server, use the following command:
aaa <WORD>
Syntax Description
aaa
Create or edit AAA server entry
<WORD>
The name of the AAA server
Defaults
None.
Example
ruckus(config)# aaa ruckus-auth-02
The AAA server 'ruckus-auth-02' has been loaded. To save the AAA
server, type 'end' or 'exit'.
ruckus(config-aaa)# end
The AAA server 'ruckus-auth-02' has been updated and saved.
Your changes have been saved.
ruckus(config)#
no aaa
To delete an AAA server from the list of AAA servers, use the following command:
no aaa <WORD>
Syntax Description
no aaa
Delete AAA server entry
<WORD>
The name of the AAA server
61
Configuring Controller Settings
Configure AAA Server Commands
Defaults
None.
Example
ruckus(config)# no aaa ruckus-auth-02
The AAA server 'ruckus-auth-02' has been deleted.
ruckus(config)#
type
To set the AAA server type to Active Directory', use the following command (from
within the config-aaa context):
type ad
Syntax Description
type ad
Set the AAA server type to ActiveDirectory
type ldap
Set the AAA server type to LDAP
type radius-auth
Set the AAA server type to RADIUS
type radius-acct
Set the AAA server type to RADIUS Accounting
Defaults
None.
Example
ruckus(config)# aaa ruckus-auth-02
The AAA server 'ruckus-auth-02' has been loaded. To save the AAA
server, type 'end' or 'exit'.
ruckus(config-aaa)# type ad
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-aaa)# end
The AAA server 'ruckus-auth-02' has been updated and saved.
Your changes have been saved.
ruckus(config)#
auth-method
To set the authentication method to PAP or CHAP, use the following command:
auth-method [pap|chap]
Syntax Description
auth-method
[pap|chap]
Set the RADIUS authentication method to PAP or CHAP
62
Configuring Controller Settings
Configure AAA Server Commands
Defaults
None.
Example
ruckus(config)# aaa "Ruckus RADIUS"
The AAA server 'Ruckus RADIUS' has been loaded. To save the AAA
server, type 'end' or 'exit'.
ruckus(config-aaa)# auth-method chap
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-aaa)# show
AAA:
ID:
4:
Name= Ruckus RADIUS
Type= RADIUS server
Auth Method= chap
Primary RADIUS:
IP Address= 192.168.11.99
Port= 1812
Secret= secret
Secondary RADIUS:
Status= Disabled
ruckus(config-aaa)# end
The AAA server 'Ruckus RADIUS' has been updated and saved.
Your changes have been saved.
ruckus(config)#
ip-addr
To set the AAA server's IP address, use the following command:
ip-addr <IP-ADDR>
Syntax Description
ip-addr
Set the AAA server IP address
<IP-ADDR>
Set to this IP address
Defaults
None.
Example
ruckus(config)# aaa radius
63
Configuring Controller Settings
Configure AAA Server Commands
The AAA server 'radius' has been loaded. To save the AAA server,
type 'end' or 'exit'.
ruckus(config-aaa)# ip-addr 192.168.0.7
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-aaa)# show
AAA:
ID:
6:
Name= radius
Type= RADIUS server
Auth Method= pap
Primary RADIUS:
IP Address= 192.168.0.7
Port= 1812
Secret= secret
Secondary RADIUS:
Status= Disabled
ruckus(config-aaa)# end
The AAA server 'radius' has been updated and saved.
Your changes have been saved.
ruckus(config)#
ip-addr port
To set the AAA server's IP address and port number, use the following command:
ip-addr <IP-ADDR> port <PORT-NUM>
Syntax Description
ip-addr
Set the AAA server IP address
<IP-ADDR>
Set to this IP address
port
Set the AAA server’s port number
<PORT-NUM>
Set the AAA server’s port number to this port
Defaults
None.
Example
ruckus(config)# aaa radius
The AAA server 'radius' has been loaded. To save the AAA server,
type 'end' or 'exit'.
ruckus(config-aaa)# ip-addr 192.168.0.7 port 1812
64
Configuring Controller Settings
Configure AAA Server Commands
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-aaa)# show
AAA:
ID:
6:
Name= radius
Type= RADIUS server
Auth Method= pap
Primary RADIUS:
IP Address= 192.168.0.7
Port= 1812
Secret= secret
Secondary RADIUS:
Status= Disabled
ruckus(config-aaa)# end
The AAA server 'radius' has been updated and saved.
Your changes have been saved.
ruckus(config)#
domain-name
To set the Windows/Base domain name, use the following command:
domain-name <WORD>
Syntax Description
domain-name
Configure the Windows/Base domain name
<WORD>
Set the Windows/Base domain name to this domain name
Defaults
None.
Example
ruckus(config-aaa)# domain-name company.com
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no ad-global-catalog
To disable Global Catalog support, use the following command:
no ad-global-catalog
65
Configuring Controller Settings
Configure AAA Server Commands
Syntax Description
no ad-globalcatalog
Disable Global Catalog support
Defaults
None.
Example
ruckus(config-aaa)# no ad-global-catalog
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no backup
To disable the backup function, use the following command:
no backup
Syntax Description
no backup
Disable backup
Defaults
None.
Example
ruckus(config-aaa)# no backup
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ad-global-catalog
To enable Global Catalog support, use the following command:
ad-global-catalog
Syntax Description
ad-global-catalog Enable Global Catalog support
Defaults
None.
Example
ruckus(config-aaa)# ad-global-catalog
The command was executed successfully. To save the changes, type
'end' or 'exit'.
66
Configuring Controller Settings
Configure AAA Server Commands
admin-dn
To set the admin domain name, use the following command:
admin-dn <WORD>
Syntax Description
admin-dn
Set the admin domain name
<WORD>
Set to this domain name
Defaults
None.
Example
ruckus(config-aaa)# admin-dn domain_of_admin
The command was executed successfully. To save the changes, type
'end' or 'exit'.
admin-password
To set the admin password, use the following command:
admin-password <WORD>
Syntax Description
admin-password
Set the admin password
<WORD>
Set to this password
Defaults
None.
Example
ruckus(config-aaa)# admin-password test1234
The command was executed successfully. To save the changes, type
'end' or 'exit'.
key-attribute
To set the LDAP key attribute, use the following command:
key-attribute <WORD>
Syntax Description
key-attribute
Set the LDAP key attribute
<WORD>
Set to this attribute
67
Configuring Controller Settings
Configure AAA Server Commands
Defaults
None.
Example
ruckus(config-aaa)# key-attribute mycompany
The command was executed successfully. To save the changes, type
'end' or 'exit'.
search-filter
To set the LDAP search filter, use the following command:
search-filter <WORD>
Syntax Description
search-filter
Set the LDAP search filter
<WORD>
Set to this filter
Defaults
None.
Example
ruckus(config-aaa)# search-filter stringofsearch
The command was executed successfully. To save the changes, type
'end' or 'exit'.
radius-secret
To set the AAA server's shared secret, use the following command:
radius-secret <WORD>
Syntax Description
radius-secret
RADIUS server secret
<WORD>
Set the RADIUS server secret to this secret
Defaults
None.
Example
ruckus(config-aaa)# radius-secret mysecret
The command was executed successfully. To save the changes, type
'end' or 'exit'.
Backup RADIUS server AAA Commands
The following commands are used to enable and configure a backup (secondary)
RADIUS server.
68
Configuring Controller Settings
Configure AAA Server Commands
backup
To enable a backup RADIUS server, use the following command:
backup
Syntax Description
Example
backup
Enables secondary RADIUS server
ruckus(config)# aaa radius
The AAA server 'radius' has been loaded. To save the AAA server,
type 'end' or 'exit'.
ruckus(config-aaa)# backup
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-aaa)# show
AAA:
ID:
6:
Name= radius
Type= RADIUS server
Auth Method= pap
Primary RADIUS:
IP Address= 192.168.0.7
Port= 1812
Secret= secret
Secondary RADIUS:
Status= Enabled
IP Address= 192.168.0.8
Port= 1812
Secret= secret
Failover Policy:
Request Timeout= 10 Seconds
Max. Number of Retries= 2 Times
Reconnect Primary= 500 Minutes
ruckus(config-aaa)# end
The AAA server 'radius' has been updated and saved.
Your changes have been saved.
ruckus(config)#
69
Configuring Controller Settings
Configure AAA Server Commands
backup-ip-addr
To set the IP address of the secondary RADIUS server, enter the following command:
backup-ip-addr <IP-ADDR>
Syntax Description
Example
backup-ip-addr
Sets the IP address of the secondary RADIUS server
<IP-ADDR>
Set to this IP address
ruckus(config)# aaa radius
The AAA server 'radius' has been loaded. To save the AAA server,
type 'end' or 'exit'.
ruckus(config-aaa)# backup-ip-addr 192.168.0.8
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-aaa)# end
The AAA server 'radius' has been updated and saved.
Your changes have been saved.
ruckus(config)#
backup-radius-secret
To set the shared secret of the secondary RADIUS server, enter the following
command:
backup-radius-secret <WORD>
Syntax Description
backup-radiussecret
Sets the secret of the secondary RADIUS server
<WORD>
Set to this secret
Defaults
None.
Example
ruckus(config)# aaa radius
The AAA server 'radius' has been loaded. To save the AAA server,
type 'end' or 'exit'.
ruckus(config-aaa)# backup
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-aaa)# backup-radius-secret secret
The command was executed successfully. To save the changes, type
'end' or 'exit'.
70
Configuring Controller Settings
Configure AAA Server Commands
ruckus(config-aaa)# end
The AAA server 'radius' has been updated and saved.
Your changes have been saved.
ruckus(config)#
request-timeout
To set the failover request timeout (2~20 seconds), use the following command:
request-timeout <NUMBER>
Syntax Description
request-timeout
Set failover request timeout
<NUMBER>
Number of seconds (2~20 seconds) for failover request
timeout
Defaults
None.
Example
ruckus(config-aaa)# request-timeout 10
The command was executed successfully. To save the changes, type
'end' or 'exit'.
retry-count
To set the failover retry count (2~10 times), use the following command:
retry-count <NUMBER>
Syntax Description
retry-count
Set failover retry count
<NUMBER>
Number of attempts (2~10 times) for failover retry count
Defaults
None.
Example
ruckus(config-aaa)# retry-count 5
The command was executed successfully. To save the changes, type
'end' or 'exit'.
reconnect-primary-interval
To set the failover reconnect to primary interval (1~86400 minutes), use the following
command:
71
Configuring Controller Settings
Configure Admin Commands
reconnect-primary-interval <NUMBER>
Syntax Description
reconnectprimary-interval
Set interval for reconnecting to primary AAA server after
failover
<NUMBER>
Number of minutes (1~86400 minutes) after which
reconnect to primary is attempted
Defaults
None.
Example
ruckus(config-aaa)# reconnect-primary-interval 600
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-aaa)#
Configure Admin Commands
Use the admin commands to enter the config-admin context to set the admin user
name, password and admin authentication server settings.
admin
To enter the config-admin context and configure administrator preference, use the
following command:
admin
Example
ruckus(config)# admin
ruckus(config-admin)
name
To set the administrator user name, use the following command:
name <WORD>
Syntax Description
name
Configure the admin name setting
<WORD>
Set the admin name to this name
Defaults
admin
Example
ruckus(config)# admin
72
Configuring Controller Settings
Configure Admin Commands
ruckus(config-admin)# name admin
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-admin)# end
The administrator preferences have been updated.
Your changes have been saved.
ruckus(config)#
name password
To set the admin name and password at the same time, use the following command:
name <WORD> password <WORD>
Syntax Description
name
Configure the admin name setting
<WORD>
Set the admin name to this name
password
Configure the admin password
<WORD>
Set the admin password to this password
Defaults
admin
Example
ruckus(config)# admin
ruckus(config-admin)# name admin password admin
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-admin)# end
The administrator preferences have been updated.
Your changes have been saved.
ruckus(config)#
Admin Authentication Commands
Use the auth-server commands to set the administrator authentication options
with an external authentication server.
no auth-server
To disable administrator authentication with a remote server, use the following
command:
no auth-server
73
Configuring Controller Settings
Configure Admin Commands
Syntax Description
no auth-server
Disable admin authentication with an external server
Defaults
None.
Example
ruckus(config-admin)# no auth-server
The command was executed successfully.
auth-server
To enable administrator authentication with a remote server and set the authentication server, use the following command:
auth-server <WORD>
Syntax Description
auth-server
Admin authentication with an external server
<WORD>
Set the authentication server to this server
Defaults
None.
Example
ruckus(config-admin)# auth-server radius
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-admin)#
auth-server with fallback
To enable fallback authentication (for use when the remote server is unavailable), use
the following command:
auth-server <WORD> with-fallback
Syntax Description
auth-server
Admin authentication with an external server
<WORD>
Set the auth-server to this server
with-fallback
Enable fallback authentication if the remote authentication
server is unavailable
Defaults
None.
Example
ruckus(config-admin)# auth-server radius with-fallback
74
Configuring Controller Settings
Configure Access Points
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-admin)# show
Administrator Name/Password:
Name= admin
Password= admin
Authenticate:
Mode= Authenticate with authentication server 'radius'
Fallback= Enabled
ruckus(config-admin)#
Display Administrator Account Settings
Use the admin show command to display the administrator account settings.
admin show
To displaythe current admin user name, password and authentication server settings,
use the following command from within the config-admin context:
show
Syntax Description
show
Show current adminiatrator settings
Defaults
None.
Example
ruckus(config-admin)# show
Administrator Name/Password:
Name= admin
Password= admin
Authenticate:
Mode= Authenticate using the admin name and password
ruckus(config-admin)#
Configure Access Points
The following commands can be used from within the config-ap context to
configure a specific Access Point.
75
Configuring Controller Settings
Configure Access Points
ap
To enter the config-ap context, enter the following command:
ap <MAC>
Syntax Description
ap
Access Point
<MAC>
MAC address of the access point for configuration
Defaults
None.
Example
ruckus(config)# ap 04:4f:aa:0c:b1:00
The AP '04:4f:aa:0c:b1:00' has been loaded. To save the AP, type
'end' or 'exit' .
ruckus(config-ap)#
no ap
To delete an AP from the list of approved devices, usethe following command:
no ap <MAC>
Syntax Description
no ap
Delete Access Point
<MAC>
MAC address of the access point
Defaults
None.
Example
ruckus(config)# no ap 04:4f:aa:0c:b1:00
The AP '04:4f:aa:0c:b1:00' has been deleted.
ruckus(config)#
devname
To set the device name, use the following command:
devname <WORD>
Syntax Description
Defaults
devname
Device name
<WORD>
Set the device name to this name
None.
76
Configuring Controller Settings
Configure Access Points
Example
ruckus# conf ap 00:13:92:00:33:1C
ruckus(config-ap-00:13:92:00:33:1C)# devname Ruckus-AP-1C
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-ap)#
description
To set the device description, use the following command:
description <WORD>
Syntax Description
description
Device description
<WORD>
Set the device description to this text
Defaults
None.
Example
ruckus(config-ap-00:13:92:00:33:1C)# description this-is-thedevice-description
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-ap)#
gps
To set the device GPS coordinates, use the following command:
gps <GPS-COORDINATE>
Syntax Description
gps
Set the device GPS coordinates
<GPS-COORDINATE>
Enter the device's GPS coordinates for the latitude and
longitude. Use a comma (,) to separate the latitude and
longitude. The first coordinate is for the latitude. The
second coordinate is for the longitude. Ex. A,B or -37,38.
Defaults
None.
Example
ruckus(config-ap)# gps 37.3,-122
The command was executed successfully. To save the changes, type
'end' or 'exit'.
77
Configuring Controller Settings
Configure Access Points
ruckus(config-ap)#
location
To set the device location, use the following command:
location <WORD>
Syntax Description
location
Device location
<WORD>
Set the device location to this address
Defaults
None.
Example
ruckus(config-ap)# location sunnyvale-office
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-ap)#
group
To set the AP group for this AP, use the following command:
group <WORD>
Syntax Description
group
Set the AP group that this AP is a member of
<WORD>
The name of the AP group
system-default
Include this AP in the system default AP group
Defaults
system-default
Example
ruckus(config-ap)# group system-default
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-ap)#
ip
To set the AP’s IPv4 address, use the following command from within the config-ap
context:
78
Configuring Controller Settings
Configure Access Points
ip [enable|disable] addr <IP-ADDR> <NET-MASK> name-server <DNSADDR> mode [dhcp|static|keep]
Syntax Description
ip
Set the AP’s IPv4 addressing
enable
Enable IPv4 addressing
disable
Disable IPv4 addressing
addr
Set the AP’s IPv4 address
<IP-ADDR>
The IPv4 address
<NET-MASK>
The IPv4 netmask
name-server
Set the device’s DNS servers. Use a space ( ) to separate
primary and secondary DNS servers
<DNS-ADDR>
The IP address of the DNS server
mode
Set the device’s IP addressing mode (DHCP, static or “keep
AP’s setting”)
dhcp
Set the device’s IP address mode to DHCP
static
Set the device’s IP address mode to static
keep
Set the device to use its current network settings
Defaults
none
Example
ruckus(config-ap)# ip enable mode dhcp
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-ap)#
ipv6
To set the AP’s IPv6 address, use the following command from within the config-ap
context:
ipv6 [enable] addr <IPv6-ADDR> <IPv6-PREFIX-LENGTH> name-server
<DNS-ADDR> mode [auto|manual|keep]
Syntax Description
ipv6
Set the AP’s IPv6 addressing
enable
Enable IPv6 addressing
addr
Set the AP’s IPv6 address
<IP-ADDR>
The IPv6 address
79
Configuring Controller Settings
Configure Access Points
<IPv6-PREFIXLENGTH>
The IPv6 prefix length
name-server
Set the device’s DNS servers. Use a space ( ) to separate
primary and secondary DNS servers
<DNS-ADDR>
The IP address of the DNS server
mode
Set the device’s IP addressing mode (auto, manual or “keep
AP’s setting”)
auto
Set the device’s IPv6 address mode to auto
manual
Set the device’s IPv6 address mode to manual
keep
Set the device to use its current network settings
Defaults
none
Example
ruckus(config-ap)# ipv6 enable mode auto
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-ap)#
radio
Use the radio command from within the config-ap context to configure the 2.4GHz
or 5GHz radios independently.
radio [2.4|5] <arguments>
Syntax Description
2.4
Configure the 2.4 GHz radio
5
Configure the 5 GHz radio
channelization
[auto|<NUMBER>]
Set channel width to 20 MHz, 40 MHz or Auto
channel
[auto|<NUMBER>]
Set channel to Auto or manually set channel
wlan-group <WORD> Set the AP radio as a member of a WLAN group
Defaults
wlan-service
Enable WLAN service on this radio
extant-gain
<NUMBER>
Set external antenna gain (on APs that support external
antennas) (dBi)
tx-power <POWER>
Set the transmit power for the radio.
channelization: Auto
channel: Auto
80
Configuring Controller Settings
Configure Access Points
wlan-group: Default
wlan-service: Enable
tx-power: Auto
Example
ruckus(config-ap)# radio 2.4 channelization auto
The command was executed successfully. To save the
'end' or 'exit'.
ruckus(config-ap)# radio 2.4 channel auto
The command was executed successfully. To save the
'end' or 'exit'.
ruckus(config-ap)# radio 2.4 wlan-group Default
The command was executed successfully. To save the
'end' or 'exit'.
ruckus(config-ap)# radio 2.4 wlan-service
The command was executed successfully. To save the
'end' or 'exit'.
ruckus(config-ap)# radio 2.4 tx-power auto
The command was executed successfully. To save the
'end' or 'exit'.
ruckus(config-ap)# end
The device information has been updated.
Your changes have been saved.
ruckus(config)#
changes, type
changes, type
changes, type
changes, type
changes, type
mesh mode
Use the mesh mode command from within the config-ap context to configure the
AP’s mesh mode settings.
mesh mode [auto|root-ap|mesh-ap|disable]
Syntax Description
mesh mode
Configure the AP’s mesh mode
auto
Set mesh mode to Auto
root-ap
Configure AP as a Root AP
mesh-ap
Configure AP as a Mesh AP
disable
Disable mesh
Defaults
Auto.
Example
ruckus(config-ap)# mesh mode auto
81
Configuring Controller Settings
Configure Access Points
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-ap)#
mesh uplink-selection
Use the mesh uplink-selection command from within the config-ap context to
configure the AP’s mesh uplink selection settings.
mesh uplink-selection [auto|manual] <add-mac>|<del-mac> <MAC>
Syntax Description
mesh uplinkselection
Configure the AP’s mesh uplink selection mode
auto
Set mesh uplink selection to Auto
manual
Set mesh uplink selection to manual
add-mac
Add a manual uplink selection AP
del-mac
Delete a manual uplink selection AP
<MAC>
Defaults
Example
Auto.
ruckus(config-ap)# mesh uplink-selection manual add-mac
00:24:82:3f:14:60
The command was executed successfully. To save the changes, type
'end' or 'exit’.
ruckus(config-ap)#
Example
ruckus(config-ap)# mesh uplink-selection auto
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-ap)#
status-leds
To enable or disable the AP’s status LEDs, use the following command:
status-leds [enable|disable]
Defaults
Enabled.
82
Configuring Controller Settings
Configure Access Points
Syntax Description
Example
status-leds
Configure status LEDs
enable
Override group config, enable status LEDs
disable
Override group config, disable status LEDs
ruckus(config-ap)# status-leds disable
ruckus(config-ap)#
poe-out
To enable or disable the AP’s PoE Out port, use the following command:
poe-out [enable|disable]
Defaults
Syntax Description
Example
Disabled.
poe-out
Configure PoE Out port
enable
Override group config, enable PoE Out port
disable
Override group config, disable PoE Out port
ruckus(config-ap)# poe-out enable
ruckus(config-ap)#
internal-heater
To enable or disable the AP’s internal heater, use the following command:
internal-heater [enable|disable]
Defaults
Syntax Description
Example
Disabled.
internal-heater
Configure internal heater
enable
Override group config, enable internal heater
disable
Override group config, disable internal heater
ruckus(config-ap)# internal-heater enable
ruckus(config-ap)#
83
Configuring Controller Settings
Configure Access Points
cband-channels
To enable or disable the 5.8 GHz C-band channels (UK country code only), use the
following command:
cband-channels [enable|disable]
Defaults
Syntax Description
Example
Disabled.
cband-channels
Configure C-band channels
enable
Override group config, enable C-band channels
disable
Override group config, disable C-band channels
ruckus(config-ap)# cband-channels enable
ruckus(config-ap)#
Configure AP Port Setting Commands
To override AP group configuration settings and configure the AP’s Ethernet ports
individually, you must first enter the config-ap-model context from within the
config-ap context.
port-setting
Use the following command to enter the config-ap-model context and override AP
group settings to configure AP ports individually:
port-setting
Defaults
Syntax Description
Example
None
port-setting
Configure AP port settings
ruckus(config-ap)# port-setting
ruckus(config-ap-model)#
abort
To exit the port-setting context without saving changes, use the abort
command.
abort
84
Configuring Controller Settings
Configure Access Points
Syntax Description
abort
Exit the context without saving changes
Defaults
None.
Example
ruckus(config-ap-model)# abort
No changes have been saved.
ruckus(config-ap)#
end
To save changes, and then exit the port-setting context, use the following
command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-ap-model)# end
ruckus(config-ap)#
exit
To save changes, and then exit the config-ap-model context, use the following
command:
exit
Syntax Description
exit
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-ap-model)# exit
ruckus(config-ap)#
85
Configuring Controller Settings
Configure Access Points
quit
To exit the config-ap-model context without saving changes, use the quit
command.
quit
Syntax Description
quit
Exit the context without saving changes
Defaults
None.
Example
ruckus(config-ap-model)# quit
No changes have been saved.
ruckus(config-ap)#
show
To display the current port settings, use the following command:
show
Syntax Description
show
Display the current port settings
Defaults
None.
Example
ruckus(config-ap-model)# show
PORTS:
LAN ID:
1:
Enable LAN = Yes
LAN Type= trunk
Untag ID= 1
Members= 1-4094
802.1X= disabled
DHCP opt82= Disabled
LAN ID:
2:
Enable LAN = Yes
LAN Type= trunk
Untag ID= 1
Members= 1-4094
86
Configuring Controller Settings
Configure Access Points
802.1X= disabled
DHCP opt82= Disabled
ruckus(config-ap-model)#
lan
To enable the LAN port, use the following command:
lan <NUMBER>
Syntax Description
lan
Enable the LAN port
<NUMBER>
Specify the LAN port to enable
Defaults
None.
Example
ruckus(config-ap-model)# lan 1
ruckus(config-ap-model)#
no lan
To disable the LAN port, use the following command:
no lan <NUMBER>
Syntax Description
no lan
Disable the LAN port
<NUMBER>
Specify the LAN port to disable
Defaults
None.
Example
ruckus(config-ap-model)# no lan 1
ruckus(config-ap-model)#
lan uplink
To sets the AP port type (Trunk, Access or General), use the following command:
lan <NUMBER> uplink <WORD>
Syntax Description
lan uplink
Set the LAN port type
87
Configuring Controller Settings
Configure Access Points
Defaults
<NUMBER>
Specify the LAN port to configure
<WORD>
LAN port type (Trunk port, Access port, General
port)
For all APs other than 7025: Trunk
For 7025 LAN 5: Trunk
For 7025 LAN 1-LAN 4: Access
Example
ruckus(config-ap-model)# lan 1 uplink access
ruckus(config-ap-model)#
lan untag
To set the LAN port untag VLAN ID (native VLAN, for Trunk ports), use the following
command:
lan <NUMBER> untag <NUMBER>
Syntax Description
lan untag
Set the LAN port untag VLAN ID
<NUMBER>
Specify the LAN port to configure
<NUMBER>
Set the untag VLAN ID (1~4094)
Defaults
1
Example
ruckus(config-ap-model)# lan 1 untag 1
ruckus(config-ap-model)#
lan number
To set the LAN port untag VLAN ID (native VLAN, for Trunk ports), use the following
command:
lan <NUMBER> untag <NUMBER>
Syntax Description
lan untag
Set the LAN port untag VLAN ID
<NUMBER>
Specify the LAN port to configure
<NUMBER>
Set the untag VLAN ID (1~4094)
88
Configuring Controller Settings
Configure Access Points
Defaults
1
Example
ruckus(config-ap-model)# lan 1 untag 1
ruckus(config-ap-model)#
lan member
To set the LAN port VLAN membership (only General ports have configurable
membership; Trunk ports are members of all VLANs, and Access port membership
must be the same as the Untag VLAN), use the following command:
lan <NUMBER> member <NUMBER>
Syntax Description
lan member
Set the LAN port VLAN membership
<NUMBER>
Specify the LAN port to configure
<NUMBER>
Set the VLAN membership (1~4094, range
separated by hyphen, multiple VLANs separated
by commas)
Defaults
1
Example
ruckus(config-ap-model)# lan 1 uplink general
ruckus(config-ap-model)# lan 1 member 1-10,100,200
ruckus(config-ap-model)# show
PORTS:
LAN ID:
1:
Enable LAN = Yes
LAN Type= general
Untag ID= 12
Members= 1-10,100,200
802.1X= disabled
DHCP opt82= Disabled
LAN ID:
2:
Enable LAN = Yes
LAN Type= trunk
Untag ID= 1
Members= 1-4094
802.1X= disabled
89
Configuring Controller Settings
Configure Access Points
DHCP opt82= Disabled
ruckus(config-ap-model)#
lan opt82
To enable or disable DHCP option 82 for a LAN port, use the following command:
lan <NUMBER> opt82 [enable|disable]
Syntax Description
lan opt82
Enable or disable DHCP option 82
enable
Enable option 82
disable
Disable option 82
Defaults
Disabled
Example
ruckus(config-ap-model)# lan 1 opt82 enable
ruckus(config-ap-model)#
lan dot1x
To configure 802.1X settings for a LAN port, use the following command:
lan <NUMBER> dot1x [disable|supplicant|auth-port-based|authmac-based]
Syntax Description
lan dot1x
Configure 802.1X settings for this port
<NUMBER>
LAN port number to configure
disable
Disable 802.1X
supplicant
Configure this LAN port as an 802.1X supplicant
auth-port-based
Configure this LAN port as an 802.1X
authenticator (port-based)
auth-mac-based
Configure this LAN port as an 802.1X
authenticator (MAC-based)
Defaults
Disabled
Example
ruckus(config-ap-model)# lan 1 dot1x supplicant
ruckus(config-ap-model)#
90
Configuring Controller Settings
Configure Access Points
dot1x authsvr
To configure 802.1X authentication server, use the following command:
dot1x authsvr <WORD>
Syntax Description
dot1x authsvr
Configure 802.1X authentication server
<WORD>
Name of AAA server
Defaults
None
Example
ruckus(config-ap-model)# dot1x authsvr radius
ruckus(config-ap-model)#
dot1x acctsvr
To configure 802.1X accounting server, use the following command:
dot1x acctsvr <WORD>
Syntax Description
dot1x acctsvr
Configure 802.1X accounting server
<WORD>
Name of AAA server
Defaults
None
Example
ruckus(config-ap-model)# dot1x acctsvr radius-acct
ruckus(config-ap-model)#
dot1x mac-auth-bypass
To configure 802.1X MAC authentication bypass, use the following command:
dot1x mac-auth-bypass
Syntax Description
dot1x mac-auth-bypass
Enable 802.1X MAC authentication bypass
Defaults
Disabled
Example
ruckus(config-ap-model)# dot1x mac-auth-bypass
ruckus(config-ap-model)#
91
Configuring Controller Settings
Configure Access Points
dot1x supplicant username
To configure 802.1X supplicant user name, use the following command:
dot1x supplicant username <WORD>
Syntax Description
dot1x supplicant username Configure 802.1X supplicant user name
<WORD>
Set the 802.1X supplicant user name
Defaults
None
Example
ruckus(config-ap-model)# dot1x supplicant username johndoe
ruckus(config-ap-model)#
dot1x supplicant password
To configure 802.1X supplicant password, use the following command:
dot1x supplicant password <WORD>
Syntax Description
dot1x supplicant password Configure 802.1X supplicant password
<WORD>
Set the 802.1X supplicant password
Defaults
None
Example
ruckus(config-ap-model)# dot1x supplicant password test123
ruckus(config-ap-model)#
dot1x supplicant mac
To set the 802.1X supplicant user name and password as the AP’s MAC address, use
the following command:
dot1x supplicant mac
Syntax Description
dot1x supplicant mac
Set the supplicant user name and password as the
AP’s MAC address
92
Configuring Controller Settings
Configure AP Policy Commands
Defaults
None
Example
ruckus(config-ap-model)# dot1x supplicant mac
ruckus(config-ap-model)#
Configure AP Policy Commands
Use the ap-policy commands to configure global AP policies such as automatic AP
approval, limited ZD discovery, management VLAN, load balancing across APs and
max clients per AP radio. To run these commands, you must first enter the configap-policy context.
ap-policy
To enter the ap-policy context and configure global AP policies, enter the following
command:
ap-policy
Syntax Description
ap-policy
Enter config-ap-policy context and configure global AP
policies
Defaults
None.
Example
ruckus(config)# ap-policy
ruckus(config-ap-policy)#
show
To display the current device policy, use the following command:
show
Syntax Description
show
Display the current AP policy settings
Defaults
None.
Example
ruckus(config-ap-policy)# show
Automatically approve all join requests from APs= Enabled
Limited ZD Discovery:
93
Configuring Controller Settings
Configure AP Policy Commands
Status= Disabled
Management VLAN:
Status= Keep AP's setting
Balances the number of clients across adjacent APs= Disabled
Max. clients for 11BG radio= 100
Max. clients for 11N radio= 100
LWAPP message MTU= 1450
ruckus(config-ap-policy)#
ap-management-vlan
To enable the AP management VLAN and set to keep AP’s setting, use the following
command:
ap-management-vlan keeping
Syntax Description
ap-managementvlan
Enable and configure the global AP management VLAN
keeping
Sets management VLAN to “Keep AP’s setting”
Defaults
None.
Example
ruckus(config-ap-policy)# ap-management-vlan keeping
The command was executed successfully.
ruckus(config-ap-policy)#
no ap-management-vlan
To disable the AP management VLAN, use the following command:
no ap-management-vlan
Syntax Description
Defaults
no ap-management- Disable the AP management VLAN
vlan
None.
ruckus(config-ap-policy)# no ap-management-vlan
Example
The command was executed successfully.
ruckus(config-ap-policy)#
94
Configuring Controller Settings
Configure AP Policy Commands
ap-auto-approve
To enable the automatic approval of join requests from devices, use the following
command:
ap-auto-approve
Syntax Description
ap-auto-approve
Enable the automatic approval of join requests from
devices
Defaults
None.
Example
ruckus(config-ap-policy)# ap-auto-approve
The AP automatically approve policy has been updated.
no ap-auto-approve
To disable the automatic approval of join requests from devices, use the following
command:
no ap-auto-approve
Syntax Description
no ap-autoapprove
Disable the automatic approval of join requests from
devices
Defaults
None.
Example
ruckus(config-ap-policy)# no ap-auto-approve
The AP automatically approve policy has been updated.
ruckus(config-ap-policy)#
limited-zd-discovery
To configure devices to connect to a specific ZoneDirector and to set the primary and
secondary ZoneDirector’s IP addresses, use the following command:
limited-zd-discovery <zd-addr|zd-ip> <PRIMARY> <SECONDARY>
Syntax Description
limited-zddiscovery
Configure devices to connect to a specific ZoneDirector
zd-addr
Set ZoneDirector’s IP/IPv6/FQDN address
zd-ip
Set ZoneDirector’s IP/IPv6 address
95
Configuring Controller Settings
Configure AP Policy Commands
<PRIMARY>
Address of primary ZD
<SECONDARY>
Address of secondary ZD
Defaults
Disabled.
Example
ruckus(config-ap-policy)# limited-zd-discovery zd-addr
192.168.11.100 192.168.11.200
The Limited ZoneDirector discovery function has been updated.
ruckus(config-ap-policy)# show
Automatically approve all join requests from APs= Enabled
Limited ZD Discovery:
Status= Enabled
Primary ZoneDirector ADDR= 192.168.11.100
SecondaryZoneDirector ADDR= 192.168.11.200
Prefer Primary ZoneDirector = false
Management VLAN:
Status= Disabled
Balances the number of clients across adjacent APs= Disabled
Max. clients for 11BG radio= 100
Max. clients for 11N radio= 100
LWAPP message MTU= 1450
ruckus(config-ap-policy)#
limited-zd-discovery prefer-primary-zd
To force the AP to prefer the primary ZoneDirector when connected (and periodically
attempt to reconnect to the primary ZD when disconnected from it), use the following
command:
limited-zd-discovery prefer-primary-zd
Example
ruckus(config-ap-policy)# limited-zd-discovery prefer-primary-zd
The Limited ZoneDirector discovery function has been updated.
ruckus(config-ap-policy)#
no limited-zd-discovery
To disable limited ZD discovery, use the following command:
no limited-zd-discovery
96
Configuring Controller Settings
Configure AP Policy Commands
Syntax Description
no limited-zddiscovery
Disable limited ZD discovery
Defaults
Disabled.
Example
ruckus(config-ap-policy)# no limited-zd-discovery
The Limited ZoneDirector discovery function has been updated.
ruckus(config-ap-policy)#
limited-zd-discovery keep-ap-setting
To disallow ZoneDirector modifying AP’s original primary/secondary ZD settings, use
the following command:
limited-zd-discovery keep-ap-setting
Example
ruckus(config-ap-policy)# limited-zd-discovery keep-ap-setting
The Limited ZoneDirector discovery function has been updated.
ruckus(config-ap-policy)#
ap-max-clients
To set the maximum number of wireless clients that can associate with each device,
use the following command:
ap-max-clients [11bg|11n] <NUMBER>
Syntax Description
ap-max-clients
Set the maximum number of clients per AP
11bg
Set the max clients for the 11bg (2.4 GHz) radio
11n
Set the max clients for the 11n (5 GHz) radio
<NUMBER>
Set to this number
Defaults
None.
Example
ruckus(config-ap-policy)# ap-max-clients 11n 99
The Max clients of AP management has been updated.
ruckus(config-ap-policy)#
97
Configuring Controller Settings
Configure AP Policy Commands
ap-load-balancing
To enable load balancing across adjacent APs, use the following command:
ap-load-balancing
Syntax Description
ap-load-balancing Enable load balancing across adjacent APs
Defaults
Disabled.
Example
ruckus(config-ap-policy)# ap-load-balancing
The load balancing of AP management has been updated.
ruckus(config-ap-policy)#
no ap-load-balancing
To disable load balancing across adjacent APs, use the following command:
no ap-load-balancing
Syntax Description
no ap-loadbalancing
Disable load balancing across adjacent APs
Defaults
Disabled.
Example
ruckus(config-ap-policy)# no ap-load-balancing
The load balancing of AP management has been updated.
ruckus(config-ap-policy)#
lwapp-message-mtu
To configure the LWAPP message MTU size, use the following command:
lwapp-message-mtu <NUMBER>
Syntax Description
Defaults
lwapp-message-mtu
Configure LWAPP message maximum transmit unit size
<NUMBER>
Set the LWAPP MTU to this number (600~1450)
1450
98
Configuring Controller Settings
Configure AP Policy Commands
Example
ruckus(config-ap-policy)# lwapp-message-mtu 1450
The AP Policy has been updated.
ruckus(config-ap-policy)#
vlan-qos
To configure the traffic class [Voice | Video | Data | Background] to the specific VLAN
ID at the specific interface, use the following command:
vlan-qos <VID> <Traffic Class> <Interface Name>
Syntax Description
vlan-qos
Configure VLAN QOS settings
<VID>
VLAN ID
<Traffic Class>
Specify traffic classification (voice, video, data,
background)
<Interface Name>
Specify interface name
Defaults
Disabled
Example
ruckus(config-ap-policy)# vlan-qos 10 voice eth0
The VLAN QoS function has been updated.
ruckus(config-ap-policy)#
no vlan-qos
To disable QOS for the specific interface, use the following command:
no vlan-qos <VID> <Interface Name>
Syntax Description
no vlan-qos
Disable VLAN’s QOS settings
<VID>
VLAN ID
<Interface Name>
Specify interface name
Defaults
Disabled
Example
ruckus(config-ap-policy)# no vlan-qos all eth0
The VLAN QoS function has been updated.
ruckus(config-ap-policy)#
99
Configuring Controller Settings
Configure AP Group Commands
Configure AP Group Commands
This section describes the commands that you can use to configure AP groups on the
controller. The following commands can be executed from within the config-apgrp
context. To show a list of commands available from within the context, type help or ?.
ap-group
To create a new AP group or configure an existing AP group and enter the configapgrp context, enter the following command:
ap-group <WORD>
Syntax Description
ap-group
Configure an AP group
<WORD>
Name of the AP group
Defaults
“System Default”
Example
ruckus(config)# ap-group "System Default"
The AP group entry 'System Default' has been loaded. To save the
AP group, type 'end' or 'exit'.
ruckus(config-apgrp)#
#
no ap-group
To delete an AP group from the list, enter the following command:
no ap-group <WORD>
Syntax Description
no ap-group
Delete an AP group
<WORD>
Name of the AP group
Defaults
None
Example
ruckus(config)# no ap-group apgrp2
The AP Group 'apgrp2' has been removed.
ruckus(config)#
show
Displays current AP group configuration settings.
100
Configuring Controller Settings
Configure AP Group Commands
show
Defaults
None
Example
ruckus(config)# ap-group "System Default"
The AP group entry 'System Default' has been loaded. To save the
AP group, type 'end' or 'exit'.
ruckus(config-apgrp)# show
APGROUP:
ID:
1:
Name= System Default
Description= System default group for Access Points
Radio 11bgn:
Channelization= Auto
Channel= Auto
Enable auto channel selection which select from 1,6,11= Yes
Tx. Power= Auto
11N only Mode= Auto
WLAN Group= Default
Radio 11an:
Channelization= Auto
Channel= Auto
Tx. Power= Auto
11N only Mode= Auto
WLAN Group= Default
Model:
Name= zf7343
Override System Default AP Group Port Setting= No
Disable Status-LEDs= No
Members:
MAC= 04:4f:aa:0c:b1:00
MAC= 00:24:82:3f:14:60
MAC= 74:91:1a:2b:ff:a0
MAC= 00:1f:41:2a:2b:10
ruckus(config-apgrp)#
description
To set the AP group description, use the following command:
101
Configuring Controller Settings
Configure AP Group Commands
description <WORD>
radio
To configure radio settings for the 2.4 GHz or 5 GHz radios of an AP group, use the
following command:
radio [2.4|5] <arguments>
Syntax Description
Defaults
radio
Configure AP group radio settings
2.4
Configure 2.4 GHz radio
5
Configure 5 GHz radio
channel
Set radio channel (Auto or number)
channelization
Set radio channel width (Auto, 20MHz or 40MHz)
auto-channelselection
Set auto channel selection to four-channel (1,5,9,13) or
three-channel (1,6,11)
tx-power
Set radio transmit power (Auto, Full, 1/2, 1/4, 1/8, Min) or
<NUMBER> (-1dB~-10dB)
11n-only
Set radio 11n-only mode to Auto or N-only
wlan-group
Set radio to the specified WLAN group
Channel: Auto
Channelization: Auto
Auto-Channel Selection: Three-channel
TX Power: Auto
11n-only: Auto
WLAN group: Default
Example
ruckus(config)# ap-group "System Default"
The AP group entry 'System Default' has been loaded. To save the
AP group, type 'end' or 'exit'.
ruckus(config-apgrp)# radio 2.4 channel auto
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-apgrp)# radio 5 channelization auto
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-apgrp)# radio 5 11n-only N-only
The command was executed successfully. To save the changes, type
'end' or 'exit'.
102
Configuring Controller Settings
Configure AP Group Commands
ruckus(config-apgrp)# radio 5 wlan-group Default
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-apgrp)# radio 2.4 tx-power Num 1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-apgrp)# show
APGROUP:
ID:
1:
Name= System Default
Description= System default group for Access Points
Radio 11bgn:
Channelization= Auto
Channel= Auto
Enable auto channel selection which select from 1,6,11= Yes
Tx. Power= -1dB
11N only Mode= Auto
WLAN Group= Default
Radio 11an:
Channelization= Auto
Channel= Auto
Tx. Power= Auto
11N only Mode= N-only
WLAN Group= Default
Members:
MAC= 04:4f:aa:0c:b1:00
MAC= 00:24:82:3f:14:60
MAC= 74:91:1a:2b:ff:a0
MAC= 00:1f:41:2a:2b:10
ruckus(config-apgrp)# end
The AP group 'System Default' has been updated.
Your changes have been saved.
ruckus(config)#
model
To configure model-specific settings for all APs of a certain model within an AP group,
use the following command:
model <WORD> <arguments>
103
Configuring Controller Settings
Configure AP Group Commands
Syntax Description
Defaults
model
Configure AP group model-specific settings
<WORD>
Enter the AP model name (e.g., zf2942, zf2741, zf7025,
zf7341, zf7343, zf7363, zf7761cm, zf7762, zf7762-s, zf7762-t,
zf7762-ac, zf7762-s-ac, zf7762-t-ac, zf7942, zf7962).
port-setting
Configures the port setting for the specified AP model.
Enters config-apgrp-port context.
status-leds
Configures the status LEDs for the specified AP model
(enable, disable).
poe-out
Configures the PoE Out ports for the specified AP model
(enable, disable).
internal-heater
Configures the internal heater for the specified AP model
(enable, disable).
cband-channels
Configures the C-band (5.8 GHz) channels for the specified
AP model (enable, disable). (UK country code only)
Status LEDs: Enabled
PoE Out: Disabled
Internal Heater: Disabled
C-band channels: Disabled
Example
ruckus(config-apgrp)# model zf7343 status-leds enable
ruckus(config-apgrp)# end
The AP group 'System Default' has been updated.
Your changes have been saved.
ruckus(config)#
Configure Model-Specific Port Settings
This section describes the commands that you can use to configure port settings for
all APs of a specific model within an AP group. The following commands can be
executed from within the config-apgrp-port context. To show a list of commands
available from within the context, type help or ?.
model port-setting
To configure the port settings for all APs of a specific model within an AP group, and
enter the config-apgrp-port context, use the following command:
model <WORD> port-setting
104
Configuring Controller Settings
Configure AP Group Commands
Syntax Description
Example
model
Configure AP group model-specific settings
<WORD>
Enter the AP model name (e.g., zf2942, zf2741, zf7025,
zf7341, zf7343, zf7363, zf7761cm, zf7762, zf7762-s, zf7762-t,
zf7762-ac, zf7762-s-ac, zf7762-t-ac, zf7942, zf7962).
port-setting
Configures the port setting for the specified AP model.
Enters config-apgrp-port context.
ruckus(config)# ap-group "System Default"
The AP group entry 'System Default' has been loaded. To save the
AP group, type 'end' or 'exit'.
ruckus(config-apgrp)# model zf7025 port-setting
ruckus(config-apgrp-port)#
abort
To exit the config-apgrp-port context without saving changes, use the following
command:
abort
Syntax Description
abort
Exit the context without saving changes
Defaults
None.
Example
ruckus(config-apgrp-port)# abort
ruckus(config-apgrp)#
end
To save changes, and then exit the config-apgrp-port context, use the following
command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-apgrp-port)# end
105
Configuring Controller Settings
Configure AP Group Commands
ruckus(config-apgrp)#
exit
To save changes, and then exit the config-apgrp-port context, use the following
command:
exit
Syntax Description
exit
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-apgrp-port)# exit
ruckus(config-apgrp)#
quit
To exit the config-apgrp-port context without saving changes, use the following
command:
quit
Syntax Description
quit
Exit the context without saving changes
Defaults
None.
Example
ruckus(config-apgrp-port)# quit
ruckus(config-apgrp)#
show
To show a device’s port state, use the following command:
show
Syntax Description
show
Display the device’s port state
106
Configuring Controller Settings
Configure AP Group Commands
Defaults
None.
Example
ruckus(config-apgrp)# model zf7962 port-setting
ruckus(config-apgrp-port)# show
PORTS:
LAN ID:
1:
Enable LAN = Yes
LAN Type= trunk
Untag ID= 1
Members= 1-4094
802.1X= disabled
DHCP opt82= Disabled
LAN ID:
2:
Enable LAN = Yes
LAN Type= trunk
Untag ID= 1
Members= 1-4094
802.1X= disabled
DHCP opt82= Disabled
ruckus(config-apgrp-port)#
no lan
To disable a LAN port on APs in an AP group, use the following command:
no lan <NUMBER>
Syntax Description
no lan
Disable a specific port
<NUMBER>
Disable this port
Defaults
None.
Example
ruckus(config-apgrp-port)# no lan 2
ruckus(config-apgrp-port)#
lan
To enable a LAN port on APs in an AP group, use the following command:
107
Configuring Controller Settings
Configure AP Group Commands
lan <NUMBER>
Syntax Description
lan
Enable a specific port
<NUMBER>
Enable this port
Defaults
None.
Example
ruckus(config-apgrp-port)# lan 2
ruckus(config-apgrp-port)#
lan uplink
To set port type, use the following command:
lan <NUMBER> uplink <WORD>
Syntax Description
Defaults
lan
Configure a specific port
<NUMBER>
Configure this port
uplink
Set the port type
<WORD>
Port type (Trunk port, Access port, General port)
All AP ports other than ZF 7025: Trunk
ZF 7025 port 5: Trunk
ZF 7025 LAN 1-LAN 4: Access
Example
ruckus(config-apgrp)# model zf7962 port-setting
ruckus(config-apgrp-port)# lan 2 uplink access
ruckus(config-apgrp-port)# show
PORTS:
LAN ID:
1:
Enable LAN = Yes
LAN Type= trunk
Untag ID= 1
Members= 1-4094
802.1X= disabled
DHCP opt82= Disabled
LAN ID:
2:
108
Configuring Controller Settings
Configure AP Group Commands
Enable LAN = Yes
LAN Type= access
Untag ID= 1
Members= 1
802.1X= disabled
DHCP opt82= Disabled
ruckus(config-apgrp-port)#
lan untag
To configure untag VLAN settings for a model-specific port, use the following
command:
lan <NUMBER> untag <NUMBER>
Syntax Description
lan untag
Configure port untag VLAN
<NUMBER>
Configure this port
<NUMBER>
Set untag VLAN to this number
Defaults
1
Example
ruckus(config-apgrp-port)# lan 2 untag 20
ruckus(config-apgrp-port)#
lan member
To set the LAN port VLAN membership (only General ports have configurable
membership; Trunk ports are members of all VLANs, and Access port membership
must be the same as the Untag VLAN), use the following command:
lan <NUMBER> member <NUMBER>
Syntax Description
Defaults
lan member
Set the LAN port VLAN membership
<NUMBER>
Specify the LAN port to configure
<NUMBER>
Set the VLAN membership (1~4094, range
separated by hyphen, multiple VLANs separated
by commas)
1
109
Configuring Controller Settings
Configure AP Group Commands
Example
ruckus(config-apgrp-port)# lan 2 uplink general
ruckus(config-apgrp-port)# lan 2 member 1-10,100,200
ruckus(config-apgrp-port)# show
PORTS:
LAN ID:
1:
Enable LAN = Yes
LAN Type= trunk
Untag ID= 1
Members= 1-4094
802.1X= disabled
DHCP opt82= Disabled
LAN ID:
2:
Enable LAN = Yes
LAN Type= general
Untag ID= 20
Members= 1-10,100,200
802.1X= disabled
DHCP opt82= Disabled
ruckus(config-apgrp-port)#
lan opt82
To enable or disable DHCP option 82 for a LAN port, use the following command:
lan <NUMBER> opt82 [enable|disable]
Syntax Description
lan opt82
Enable or disable DHCP option 82
enable
Enable option 82
disable
Disable option 82
Defaults
Disabled
Example
ruckus(config-apgrp-port)# lan 2 opt82 enable
ruckus(config-apgrp-port)#
110
Configuring Controller Settings
Configure AP Group Commands
dot1x
To enable 802.1X on ports of all APs of a specific model in an AP group, use the
following command:
model <WORD> dot1x
lan <NUMBER> dot1x [disable|supplicant|auth-port-based|authmac-based]
Syntax Description
lan dot1x
Configure 802.1X settings for this port
<NUMBER>
LAN port number to configure
disable
Disable 802.1X
supplicant
Configure this LAN port as an 802.1X supplicant
auth-port-based
Configure this LAN port as an 802.1X
authenticator (port-based)
auth-mac-based
Configure this LAN port as an 802.1X
authenticator (MAC-based)
Defaults
Disabled
Example
ruckus(config-apgrp)# model zf7025 port-setting
ruckus(config-apgrp-port)# lan 1 dot1x supplicant
ruckus(config-apgrp-port)# show
PORTS:
LAN ID:
1:
Enable LAN = Yes
LAN Type= access
Untag ID= 1
Members= 1
802.1X= supp
DHCP opt82= Disabled
dot1x authsvr
To configure 802.1X authentication server, use the following command:
dot1x authsvr <WORD>
Syntax Description
dot1x authsvr
Configure 802.1X authentication server
<WORD>
Name of AAA server
111
Configuring Controller Settings
Configure AP Group Commands
Defaults
None
Example
ruckus(config-apgrp-port)# dot1x authsvr radius
ruckus(config-apgrp-port)#
dot1x acctsvr
To configure 802.1X accounting server, use the following command:
dot1x acctsvr <WORD>
Syntax Description
dot1x acctsvr
Configure 802.1X accounting server
<WORD>
Name of AAA server
Defaults
None
Example
ruckus(config-apgrp-port)# dot1x acctsvr radius-acct
ruckus(config-apgrp-port)#
dot1x mac-auth-bypass
To configure 802.1X MAC authentication bypass, use the following command:
dot1x mac-auth-bypass
Syntax Description
dot1x mac-auth-bypass
Enable 802.1X MAC authentication bypass
Defaults
Disabled
Example
ruckus(config-apgrp-port)# dot1x mac-auth-bypass
ruckus(config-apgrp-port)#
dot1x supplicant username
To configure 802.1X supplicant user name, use the following command:
dot1x supplicant username <WORD>
Syntax Description
dot1x supplicant username Configure 802.1X supplicant user name
112
Configuring Controller Settings
Configure AP Group Commands
<WORD>
Set the 802.1X supplicant user name
Defaults
None
Example
ruckus(config-apgrp-port)# dot1x supplicant username johndoe
ruckus(config-apgrp-port)#
dot1x supplicant password
To configure 802.1X supplicant password, use the following command:
dot1x supplicant password <WORD>
Syntax Description
dot1x supplicant password Configure 802.1X supplicant password
<WORD>
Set the 802.1X supplicant password
Defaults
None
Example
ruckus(config-apgrp-port)# dot1x supplicant password test123
ruckus(config-apgrp-port)#
dot1x supplicant mac
To set the 802.1X supplicant user name and password as the AP’s MAC address, use
the following command:
dot1x supplicant mac
Syntax Description
dot1x supplicant mac
Set the supplicant user name and password as the
AP’s MAC address
Defaults
None
Example
ruckus(config-apgrp-port)# dot1x supplicant mac
ruckus(config-apgrp-port)#
no dot1x
To disable 802.1X settings for an AP model, use the following command:
113
Configuring Controller Settings
Configure Certificate Commands
no dot1x [authsvr] [acctsvr] [mac-auth-bypass]
Syntax Description
no dot1x
Disable dot1x settings for the AP
authsvr
Disable authentication server
acctsvr
Disable accounting server
mac-auth-bypass
Disable MAC authentication bypass
Defaults
None
Example
ruckus(config-apgrp-port)# no dot1x authsvr
ruckus(config-apgrp-port)#
Configure Certificate Commands
Use the config-certificate commands to restore the default ZoneDirector
certificate or to regenerate the private key. To run these commands, you must first
enter the config-certificate context.
quit
To exit the config-certificate context without saving changes, use the quit
command.
quit
Syntax Description
quit
Exit the certificate settings without saving
changes
Defaults
None.
Example
ruckus(config-certificate)# quit
No changes have been saved.
restore
To restore the default ZoneDirector certificate and private key, use the following
command.
restore
114
Configuring Controller Settings
Configure Certificate Commands
Syntax Description
restore
Restore the default ZoneDirectory certificate and
private key. The restore process will be completed
after ZoneDirector is rebooted.
Defaults
None.
Example
ruckus(config-certificate)# restore
ZoneDirector will restart now to apply the changes in the certificate
settings. If you want to configure other settings, log in again
after ZoneDirector has completed restarting.
re-generate-private-key
To regenerate the ZoneDirector private key, use the following command:
re-generate-private-key {1024|2048}
Syntax Description
re-generate-private-key
Regenerate the ZoneDirector private key
{1024|2048}
Specify the length of the private key as either
1024 or 2048.
Defaults
None.
Example
ruckus(config-certificate)# re-generate-private-key 1024
ZoneDirector will restart now to apply the changes in the certificate
settings. If you want to configure other settings, log in again
after ZoneDirector has completed restarting.
The operation doesn't execute successfully. Please try again.
115
Configuring Controller Settings
Configure Hotspot Redirect Settings
Configure Hotspot Redirect Settings
To configure Hotspot redirect settings, use the following command:
hotspot_redirect_https
To enable Hotspot redirect, use the following command:
hotspot_redirect_https
Defaults
None.
Example
ruckus(config)# hotspot_redirect_https
/bin/hotspot_redirect_https enable
ruckus(config)#
no hotspot_redirect_https
To disable Hotspot redirect, use the following command:
no hotspot_redirect_https
Defaults
None.
Example
ruckus(config)# no hotspot_redirect_https
/bin/hotspot_redirect_https disable
ruckus(config)#
no blocked-client
To remove a blocked client from the blocked clients list, use the following command:
no blocked-client <MAC>
Defaults
None.
Example
ruckus(config)# no blocked-client dc:2b:61:13:f7:72
The L2 ACL 'dc:2b:61:13:f7:72' has been deleted.
ruckus(config)#
116
Configuring Controller Settings
Configure Layer 2 Access Control Commands
Configure Layer 2 Access Control Commands
Use the layer2 access control commands to configure the Layer 2 Access
Control List settings. To run these commands, you must first enter the config-l2acl
context.
To enter the config-l2acl context, run this command:
ruckus# config
ruckus(config)# l2acl L2ACL-policy
ruckus(config-l2acl-L2ACL-policy)#
abort
To exit the config-l2acl context without saving changes, use the following
command:
abort
Syntax Description
abort
Exit the config-l2acl context without saving changes
Defaults
None.
Example
ruckus(config-l2-acl)# abort
No changes have been saved.
ruckus(config)#
end
To save changes, and then exit the config-l2acl context, use the following
command:
end
Syntax Description
end
Save changes and exit the config-l2acl context
Defaults
None.
Example
ruckus(config-l2-acl)# end
The L2 ACL entry has saved successfully.
Your changes have been saved.
ruckus(config)#
117
Configuring Controller Settings
Configure Layer 2 Access Control Commands
exit
To save changes, and then exit the config-l2acl context, use the following
command:
exit
Syntax Description
exit
Save changes and exit the config-l2acl context
Defaults
None.
Example
ruckus(config-l2-acl)# exit
The L2 ACL entry has saved successfully.
Your changes have been saved.
ruckus(config)#
quit
To exit the config-l2acl context without saving changes, use the following
command:
quit
Syntax Description
quit
Exit the config-l2acl context without saving changes
Defaults
None.
Example
ruckus(config-l2-acl)# abort
No changes have been saved.
ruckus(config)#
show
To displays the L2 ACL settings, use the show command. You must run this command
from within the config-l2acl context.
show
Syntax Description
Defaults
show
Display the Layer 2 access control list settings
None.
118
Configuring Controller Settings
Configure Layer 2 Access Control Commands
Example
ruckus(config-l2-acl)# show
L2/MAC ACL:
ID:
3:
Name= test
Description=
Restriction: Deny only the stations listed below
Stations:
MAC Address= 00:01:02:34:44:55
MAC Address= 00:01:02:34:44:56
no acl
To delete an L2 ACL, use the following command:
no acl {ACL name}
Syntax Description
no acl
Delete an existing ACL
{ACL name}
Delete this ACL
Defaults
None.
Example
ruckus# config
ruckus(config)# no acl L2_ACL_NAME
The L2 ACL 'L2_ACL_NAME' has been deleted.
acl
To create a new L2 ACL entry or update an existing entry, use the following command:
acl {ACL name}
Syntax Description
acl
Create a new ACL
{ACL name}
Assign this name to the new ACL
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
ruckus(config-l2acl-L2_ACL_NAME)#
119
Configuring Controller Settings
Configure Layer 2 Access Control Commands
abort
To exit the config-l2acl-{ACL name} context without saving changes, use the
following command:
acl {ACL name} abort
Syntax Description
acl
ACL context
{ACL name}
Name of the ACL context
abort
Exit the context without saving changes
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
ruckus(config-l2acl-L2_ACL_NAME)# abort
No changes have been saved.
end
To save changes, and then exite the config-l2acl-{ACL name} context, use the
following command:
acl {ACL name} end
Syntax Description
acl
ACL context
{ACL name}
Name of the ACL context
end
Exit the context without saving changes
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
ruckus(config-l2acl-L2_ACL_NAME)# end
Your changes have been saved.
exit
To save changes, and then exit the config-l2acl-{ACL name} context, use the
following command:
120
Configuring Controller Settings
Configure Layer 2 Access Control Commands
acl {ACL name} exit
Syntax Description
acl
ACL context
{ACL name}
Name of the ACL context
exit
Exit the context without saving changes
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
ruckus(config-l2acl-L2_ACL_NAME)# exit
Your changes have been saved.
quit
To exit the config-l2acl-{ACL name} context without saving changes, use the
following command:
acl {ACL name} quit
Syntax Description
acl
ACL context
{ACL name}
Name of the ACL context
quit
Exit the context without saving changes
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
ruckus(config-l2acl-L2_ACL_NAME)# quit
Your changes have been saved.
acl name
To rename an L2 ACL entry, use the following command:
acl {ACL name} name
Syntax Description
acl
ACL context
121
Configuring Controller Settings
Configure Layer 2 Access Control Commands
{ACL name}
Name of the ACL context
name {new name}
Rename the ACL to {new name}
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
ruckus(config-l2acl-L2_ACL_NAME)# name L2_ACL_New_Name
The command was executed successfully.
acl description
To set the description of an L2 ACL entry, use the following command:
description {description}
Syntax Description
description {description}
Set the L2 ACL description to {description}
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
ruckus(config-l2acl-L2_ACL_NAME)# description Description-123
The command was executed successfully.
add mac
To add a MAC address to the L2 ACL, use the following command:
add mac <MAC>
Syntax Description
add mac
Add a MAC address to the ACL
<MAC>
Add this MAC address
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
122
Configuring Controller Settings
Configure Layer 2 Access Control Commands
ruckus(config-l2acl-L2_ACL_NAME)# add mac 00:11:22:33:44:55
The station '00:11:22:33:44:55' has been added to the ACL.
add-mac
To add a MAC address to the L2 ACL, use the following command:
add-mac {MAC}
Syntax Description
add-mac
Add a MAC address to the L2 ACL
{MAC}
Add this MAC address
Defaults
None.
Example
ruckus(config-l2-acl)# add-mac 00:01:02:34:44:55
The station '00:01:02:34:44:55' has been added to the ACL.
ruckus(config-l2-acl)# add-mac 00:01:02:34:44:55
The station '00:01:02:34:44:55' already exists in the list.
mode allow
To set the ACL mode to 'allow',use the following command:
mode allow
Syntax Description
mode allow
Set the ACL mode to allow
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
ruckus(config-l2acl-L2_ACL_NAME)# mode allow
The command was executed successfully.
mode deny
To set the ACLmode to 'deny', use the following command:
mode deny
Syntax Description
mode allow
Set the ACL mode to deny
123
Configuring Controller Settings
Configure Layer 2 Access Control Commands
Defaults
None.
Example
ruckus# config
ruckus(config)# l2acl L2_ACL_NAME
The L2 ACL entry 'L2_ACL_NAME' has been created.
ruckus(config-l2acl-L2_ACL_NAME)# mode deny
The command was executed successfully.
no-mac
To delete a MAC address from an L2 ACL, use the following command:
no-mac <MAC>
Syntax Description
no-mac
Delete a MAC address from the ACL
<MAC>
Delete this <MAC>
Defaults
None.
Example
ruckus(config-l2-acl)# no-mac 00:01:02:34:44:55
The station '00:01:02:34:44:55' has been removed from the ACL.
ruckus(config-l2-acl)# no-mac 00:01:02:34:44:55
The station '00:01:02:34:44:55' could not be found. Please check
the spelling, and then try again.
124
Configuring Controller Settings
Configure Layer 3 Access Control Commands
Configure Layer 3 Access Control Commands
Use the l3acl commands to configure the Layer 3 Access Control List settings. To
run these commands, you must first enter the config-l3acl or config-l3aclipv6 context.
l3acl
To enter the config-l3acl context, run this command:
l3acl <WORD>
Syntax Description
l3acl
Create or configure a Layer 3 Access Control List
<WORD>
Name of the L3 ACL
Defaults
None.
Example
ruckus(config)# l3acl "ACL 1"
The L3/L4/IP ACL entry 'ACL 1' has been created.
ruckus(config-l3acl)#
l3acl-ipv6
To enter the config-l3acl-ipv6 context, run this command:
l3acl-ipv6 <WORD>
Syntax Description
l3acl-ipv6
Create or configure a Layer 3 Access Control List
<WORD>
Name of the L3 ACL
Defaults
None.
Example
ruckus(config)# l3acl-ipv6 "ACL 2"
The L3/L4/IPv6 ACL entry 'ACL 2' has been created.
ruckus(config-l3acl-ipv6)#
no l3acl
To delete an L3/L4 ACL entry, use the following command:
no l3acl <WORD>
125
Configuring Controller Settings
Configure Layer 3 Access Control Commands
Syntax Description
no l3acl
Delete a Layer 3 ACL
<WORD>
Name of the L3 ACL
Defaults
None.
Example
ruckus(config)# no l3acl "ACL test"
The L3/L4/IP ACL 'ACL test' has been deleted.
ruckus(config)#
abort
To exit the config-l3acl context without saving changes, use the following
command:
abort
Syntax Description
abort
Exit the context without saving changes
Defaults
None.
Example
ruckus(config-l3acl)# abort
No changes have been saved.
ruckus(config)#
end
To save changes, and then exit the config-l3acl context, use the following command:
end
Syntax Description
end
Save changes and exit the context
Defaults
None.
Example
ruckus(config-l3acl)# end
The L3/L4/IP ACL entry has saved successfully.
Your changes have been saved.
ruckus(config)#
126
Configuring Controller Settings
Configure Layer 3 Access Control Commands
exit
To save changes, and then exit the config-l3acl context, use the following
command:
exit
Syntax Description
exit
Save changes and exit the context
Defaults
None.
Example
ruckus# config-l3acl
ruckus(config-l3acl)# exit
Your changes have been saved.
quit
To exit the config-l3acl context without saving changes, use the following
command:
quit
Syntax Description
quit
Exit the context without saving changes
Defaults
None.
Example
ruckus(config-l3acl)# quit
No changes have been saved.
ruckus(config)#
show
To display the L3ACL settings, use the show command. You must run this command
from within the config-l3acl context.
show
Syntax Description
show
Display the Layer 3 access control list settings
Defaults
None.
Example
ruckus(config-l3acl)# show
L3/L4/IP ACL:
127
Configuring Controller Settings
Configure Layer 3 Access Control Commands
ID:
3:
Name= test_newname
Description= justfortestCLI
Default Action if no rule is matched= Deny all by default
Rules:
Order= 1
Description=
Type= Allow
Destination Address= Any
Destination Port= 53
Protocol= Any
Order= 2
Description=
Type= Allow
Destination Address= Any
Destination Port= 67
Protocol= Any
name
To set the name of anL3/L4/IP ACL entry, use the following command:
name <WORD>
Syntax Description
name
Set the name of anL3/L4/IP ACL entry
<WORD>
Name of the L3/L4/IP ACL entry
Defaults
None.
Example
ruckus(config-l3acl)# name test_newname
The command was executed successfully. To save the changes, type
'end' or 'exit'.
description
To set the description of an L3/L4/IP ACL entry, use the following command:
description <WORD>
Syntax Description
description
Set the L3/L4/IP ACL entry description
<WORD>
Set to this description
128
Configuring Controller Settings
Configure Layer 3 Access Control Commands
Defaults
None.
Example
ruckus(config-l3acl)# description justfortestCLI
The command was executed successfully. To save the changes, type
'end' or 'exit'.
mode allow
To set the ACL mode to ‘allow’, use the following command:
mode allow
Syntax Description
mode
Set the ACL mode
allow
Set the mode to ‘allow’
Defaults
None.
Example
ruckus(config-l3acl)# mode allow
The command was executed successfully. To save the changes, type
'end' or 'exit'.
mode deny
To set the ACL mode to ‘deny’, use the following command:
mode deny
Syntax Description
mode
Set the ACL mode
deny
Set the mode to ‘deny’
Defaults
None.
Example
ruckus(config-l3acl)# mode deny
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no rule-order
To delete a rule from the L3/L4/IP ACL, use the following command:
no rule-order <NUMBER>
129
Configuring Controller Settings
Configure Layer 3 Access Control Commands
Syntax Description
no rule-order
Delete a rule from the L3/L4/IP ACL
<NUMBER>
Delete this rule ID
Defaults
None.
Example
ruckus(config-l3acl)# no rule-order 3
The rule '3' has been removed from the ACL.
rule-order
To create or modify a rule in the L3/L4/IP ACL, use the following command:
rule-order <NUMBER>
Syntax Description
rule-order
Create a new rule or modify an existing one
<NUMBER>
Create or modify this rule ID
Defaults
None.
Example
For example, to set the current rule as the third ACL rule to apply, use the following
command:
ruckus(config-l3acl)# rule-order 3
ruckus(config-l3acl-rule)#
Configure Layer 3 Access Control Rule Commands
Use the l3acl-rule commands to configure the Layer 3/Layer 4/IP Access Control
List rules. To run these commands, you must first enter the config-l3acl-rule
context.
To enter the config-l3acl-rule context, run this command:
rule <NUMBER>
end
To save changes, and then exit the config-l3acl-{ACL name} context, use the
following command:
end
Syntax Description
end
Save changes, and then exit the context
130
Configuring Controller Settings
Configure Layer 3 Access Control Commands
Defaults
None.
Example
ruckus(config-l3acl-rule)# end
ruckus(config-l3acl)#
exit
To save changes, and then exit the config-l3acl-{ACL name} context, use the
following command:
exit
Syntax Description
exit
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-l3acl-rule)# exit
ruckus(config-l3acl)#
order
To set the L3/L4/IP ACL rule order, use the following command:
order <NUMBER>
Example
ruckus(config-l3acl-rule)# order 1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-l3acl-rule)#
description
To set the description of an L3/L4/IP ACL rule, use the following command:
description <WORD>
Syntax Description
Defaults
description
Set the L3/L4/IP ACL rule description
<WORD>
Set to this description
None.
131
Configuring Controller Settings
Configure Layer 3 Access Control Commands
Example
ruckus(config-l3acl-rule)# description thirdl3rule
The command was executed successfully. To save the changes, type
'end' or 'exit'.
type allow
To set the ACL rule type to ‘allow’, use the following command:
type allow
Syntax Description
type
Set the ACL rule type
allow
Set the rule type to ‘allow’
Defaults
None.
Example
ruckus(config-l3acl-rule)# type allow
The command was executed successfully. To save the changes, type
'end' or 'exit'.
type deny
To set the ACL rule type to ‘deny’, use the following command:
type deny
Syntax Description
type
Set the ACL rule type
deny
Set the rule type to ‘deny’
Defaults
None.
Example
ruckus(config-l3acl-rule)# type deny
The command was executed successfully. To save the changes, type
'end' or 'exit'.
destination address
To set the destination address of the rule, use the following command:
destination address <IP-ADDR/WORD>
Syntax Description
destination address
Set the destination address of the rule
IP-ADDR/WORD
Set the destination to this IP address
132
Configuring Controller Settings
Configure Layer 3 Access Control Commands
Defaults
None.
Example
ruckus(config-l3acl-rule)# destination address 192.168.1.22
The destination IP address is invalid. Please enter 'Any' or check
the IP address(for example:192.168.0.1/24), and then please try
again.
ruckus(config-l3acl-rule)# destination address 192.168.1.22/24
The command was executed successfully. To save the changes, type
'end' or 'exit'.
destination port
To set the destination port of the rule, use the following command:
destination port <NUMBER/WORD>
Syntax Description
destination port
Set the destination port of the rule
<NUMBER/WORD>
Set the destination to this port number
Defaults
None.
Example
ruckus(config-l3acl-rule)# destination port 580
The command was executed successfully. To save the changes, type
'end' or 'exit'.
protocol
To set the protocol for the rule, use the following command:
protocol <NUMBER/WORD>
Syntax Description
protocol
Set the protocol for the rule
<NUMBER/WORD>
Set to this protocol
Defaults
None.
Example
ruckus(config-l3acl-rule)# protocol tcp
The protocol must be a number between 0 and 254.
ruckus(config-l3acl-rule)# protocol Any
The command was executed successfully. To save the changes, type
'end' or 'exit'.
133
Configuring Controller Settings
Configure Load Balancing Commands
Configure Load Balancing Commands
Use the load-balancing commands to configure the controller’s load balancing
settings. To run these commands, you must first enter the config-loadbalancing context.
load-balancing
To enable load-balancing and enter the config-load-balancing context, use the
following command:
load-balancing
Example
ruckus(config)# load-balancing
ruckus(config-load-balancing)#
abort
To exit the config-load-balancing context without saving changes, use the
abort command.
abort
Syntax Description
Defaults
abort
Exit the service settings without saving changes
None.
end
To save changes, and then exit the config-load-balancing context, use the
following command:
end
Syntax Description
Defaults
end
Save changes, and then exit the context
None.
exit
To save changes, and then exit the config-load-balancing context, use the
following command:
exit
134
Configuring Controller Settings
Configure Load Balancing Commands
Syntax Description
Defaults
exit
Save changes, and then exit the context
None.
quit
To exit the config-load-balancing context without saving changes, use the quit
command.
quit
Syntax Description
Defaults
quit
Exit the context without saving changes
None.
adj-threshold
To configure the adjacent threshold for load balancing, use the following command:
adj-threshold [wifi0|wifi1] <NUMBER>
Syntax Description
Defaults
adj-threshold
Configure the adjacent threshold for load
balancing
wifi0, wifi1
Configure this interface
<NUMBER>
Set the adjacent threshold value (1~100)
Wifi0: 38
Wifi1: 50
weak-bypass
To configure the weak bypass for load balancing, use the following command:
weak-bypass [wifi0|wifi1] <NUMBER>
Syntax Description
Defaults
weak-bypass
Configure the weak bypass for load balancing
wifi0, wifi1
Configure this interface
<NUMBER>
Set the weak-bypass value (1~100)
20
135
Configuring Controller Settings
Configure Load Balancing Commands
strong-bypass
To configure the strong bypass for load balancing, use the following command:
strong-bypass [wifi0|wifi1] <NUMBER>
Syntax Description
Defaults
strong-bypass
Configure the strong bypass for load balancing
wifi0, wifi1
Configure this interface
<NUMBER>
Set the strong-bypass value (1~100)
50
act-threshold
To configure the activation threshold for load balancing, use the following command:
act-threshold [wifi0|wifi1] <NUMBER>
Syntax Description
Defaults
act-threshold
Configure the activation threshold for load
balancing
wifi0, wifi1
Configure this interface
<NUMBER>
Set the activation threshold value (1~100)
1
show
To display the current service settings, use the following command:
show
Syntax Description
show
Display the current service settings
Defaults
None.
Example
ruckus(config-load-balancing)# show
Load Balancing:
Status= Disabled
Radio:
0:
AdjacentThreshold= 38
WeakBypass= 20
136
Configuring Controller Settings
Configure STP Commands
StrongBypass= 50
ActivationThreshold= 1
NewTrigger= 50
Headroom= 30
1:
AdjacentThreshold= 45
WeakBypass= 20
StrongBypass= 50
ActivationThreshold= 1
NewTrigger= 1
Headroom= 1
Configure STP Commands
stp
To enable Spanning Tree Protocol, use the following command:
stp
no stp
To disable Spanning Tree Protocol, use the following:
no stp
137
Configuring Controller Settings
Configure System Commands
Configure System Commands
Use the sys or system command to configure the controller’s system settings,
including its host name, FlexMaster server, NTP server, SNMP, and QoS settings. To
run these commands, you must first enter the config-sys context.
system
To enter the config-sys context and configure system settings, use the following
command:
system
Example
ruckus(config)# system
ruckus(config-sys)#
dot11-country-code
To set the controller’s country code, use the following command:
dot11-country-code <COUNTRY-CODE>
Syntax Description
dot11-countrycode
Configure the controller’s country code setting
<COUNTRY-CODE>
Set the country code to this value
Defaults
None.
Example
To set the country code to US, enter the following command:
ruckus# config
ruckus(config)# system
ruckus(config-sys)# dot11-country-code US
The country code settings have been updated.
ruckus(config-sys)#
hostname
To set the system hostname, use the following command:
hostname
Syntax Description
hostname
Set the controller’s system hostname
138
Configuring Controller Settings
Configure System Commands
Defaults
None
Example
ruckus(config-sys)# hostname ruckus-xjoe
The system identity/hostname settings have been updated.
Configure Interface Commands
Use the interface commands to configure the controller’s IP address and VLAN
settings. To run these commands, you must first enter the config-sys-if context.
interface
To enter the config-sys-if context and configure IP address and VLAN settings,
use the following command:
interface
Example
ruckus(config-sys)# interface
ruckus(config-sys-if)#
ip enable
To enable IPv4 addressing, use the following command:
ip enable
ip route gateway
To set the controller's gateway IP address, use the following command:
ip route gateway <GATEWAY-ADDR>
Syntax Description
ip route gateway
Configure the controller’s gateway IP address
<GATEWAY-ADDR>
Set the controller’ gateway IP address to this value
Defaults
None.
Example
ruckus# config
ruckus(config)# system
ruckus(config-sys)# interface
ruckus(config-sys-if)# ip route gateway 192.168.0.1
The command was executed successfully.
139
Configuring Controller Settings
Configure System Commands
ip name-server
To set the controller's DNS servers, use the ip name-server command. Use a space to
separate the primary and secondary DNS servers.
ip name-server <DNS-ADDR> [<DNS-ADDR>]
Syntax Description
ip name-server
Configure the controller’s DNS server address or addresses
DNS-ADDR
Set the DNS server address to this value. If entering primary
and secondary DNS server addresses, use a space to
separate the two addresses.
Defaults
None.
Example
ruckus# config
ruckus(config)# system
ruckus(config-sys)# interface
ruckus(config-sys-if)# ip name-server 192.168.0.1
The command was executed successfully.
ip addr
To set the controller's IP address and netmask, use the following command:
ip addr <IP-ADDR> <NET-MASK>
Use a space to separate the IP address and netmask.
Syntax Description
ip addr
Configure the controller’s IP address and netmask
<IP-ADDR>
Set the controller’s IP address to this value
<NET-MASK>
Set the controller’s netmask to this value
Defaults
None.
Example
ruckus# config
ruckus(config)# system
ruckus(config-sys)# interface
ruckus(config-sys-if)# ip addr 192.168.0.1 255.255.255.0
The command was executed successfully.
ip mode
To set the controller's IP address mode, use the following command:
140
Configuring Controller Settings
Configure System Commands
ip mode <dhcp|static>
Syntax Description
ip mode
Configure the controller’s IP address mode
dhcp
Set the controller’s IP address mode to DHCP
static
Set the controller’s IP address mode to static
Defaults
None.
Example
To set the controller’s IP address mode to DHCP, enter the following command:
ruckus# config
ruckus(config)# system
ruckus(config-sys)# interface
ruckus(config-sys-if)# ip mode dhcp
The command was executed successfully.
show
To display the current management interface settings, use the following command:
show
Syntax Description
show
Display the current management interface settings
Defaults
None.
Example
ruckus# config
ruckus(config)# system
ruckus(config-sys)# interface
ruckus(config-sys-if)# show
Protocol Mode= IPv4-Only
Device IP Address:
Mode= Manual
IP Address= 192.168.11.100
Netmask= 255.255.255.0
Gateway Address= 192.168.11.1
Primary DNS= 192.168.11.1
Secondary DNS= 168.95.1.1
Management VLAN:
Status= Disabled
141
Configuring Controller Settings
Configure System Commands
VLAN ID=
ruckus(config-sys-if)#
ipv6 enable
To enable IPv6 addressing, use the following command:
ipv6 enable
ipv6 route gateway
To set the controller’s IPv6 gateway addressing, use the following command:
ipv6 route gateway <GATEWAY-ADDR>
ipv6 name-server
To set the IPv6 DNS server, use the following command:
name-server <DNS-ADDR> [<DNS-ADDR>]
ipv6 addr
To set the IPv6 addressing, use the following command:
addr <IPv6-ADDR> <IPv6-PREFIX>
ipv6 mode
To set the IPv6 address mode, use the following command:
ipv6 mode [auto|manual]
vlan
To enable the management VLAN and set the VLAN ID, use the following command:
vlan <NUMBER>
no vlan
To disable the management VLAN, use the following command:
no vlan
no ip
To disable IPv4 addressing, use the following command:
no ip
142
Configuring Controller Settings
Configure System Commands
no ipv6
To disable IPv6 addressing, use the following command:
no ipv6
no ntp
To disable the NTP client, use the following command:
no ntp
Syntax Description
no ntp
Disable the NTP client on the controller.
Defaults
Enabled. The default NTP server addresss is ntp.ruckuswireless.com.
Example
ruckus(config-sys)# no ntp
The NTP settings have been updated.
ntp
To enable the NTP client, use the following command:
ntp <IP-ADDR/DOMAIN-NAME>
Syntax Description
ntp
Enable the NTP client
<IP-ADDR/DOMAINNAME>
Set the NTP server address to this IP address/domain name
Defaults
None.
Example
ruckus(config-sys)# ntp 192.168.2.21
The NTP settings have been updated.
ruckus(config-sys)# ntp sohu.com
The NTP settings have been updated.
ftp-anon
To enable FTP anonymous access, use the following command:
ftp-anon
no ftp-anon
To disable FTP anonymouse access, use the following command:
143
Configuring Controller Settings
Configure System Commands
no ftp-anon
kt-hotspot
Toset KT hotspot authentication message encrypt key, use the following command:
kt-hotspot <ENCRYPT-KEY> [<LOGOUT-URL>] [<AUTH-PORT>] [<IPADDR>]
Syntax Description
kt-hotspot
Enable KT hotspot. Use a space ( ) to separate the logout
URL, authentication port and receive authentication
message public IP address if ZD set up internal network. It
will take effect after system reboot.
ENCRYPT-KEY
Set the KT hotspot encryption key
LOGOUT-URL
Set the KT hotspot logout URL
AUTH-PORT
Set the KT hotspot authentication port
IP-ADDR
Set the KT hotspot public IP address
Defaults
None.
Example
ruckus(config-sys)# kt-hotspot key123 logout.url.com 223
192.0.11.100
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-sys)#
Configure Smart Redundancy Commands
To configure the Smart Redundancy settings, you must first enter the config-syssmart-redundancy context from within the config-sys context.
smart-redundancy
To enter the config-sys-smart-redundancy context and configure Smart Redundancy
settings, use the following command:
smart-redundancy
Example
ruckus# config
ruckus(config)# system
ruckus(config-sys)# smart-redundancy
ruckus(config-sys-smart-redundancy)#
144
Configuring Controller Settings
Configure System Commands
peer-addr
To configure the Smart Redundancy peer IP address, use the following command
peer-addr <IP-ADDR>
secret
To configure the Smart Redundancy shared secret, use the following command:
secret <WORD>
Configure Management Interface Commands
To configure management interface settings, you must first enter the config-sysmgmt-if context from the config-sys context.
mgmt-if
To enter the config-sys-mgmt-if context and configure the management interface settings, use the following command:
mgmt-if
Syntax Description
mgmt-if
Configure the management interface settings
Defaults
None.
Example
ruckus(config-sys)# mgmt-if
ruckus(config-sys-mgmt-if)#
no mgmt-if
To disable the management interface, use the following command:
no mgmt-if
Syntax Description
no mgmt-if
Disable the management interface
Defaults
None.
Example
ruckus(config-sys)# no mgmt-if
The management interface has been updated.
145
Configuring Controller Settings
Configure System Commands
ip addr
To set the management interface IP address, use the following command:
ip addr <IP-ADDR> <NET-MASK>
gateway
To set the management interface gateway address, use the following command:
gateway <GATEWAY-ADDR>
no gateway
To disable the management interface gateway address, use the following command:
no gateway
vlan
To enable the management VLAN and set the VLAN ID, use the following command:
vlan <NUMBER>
no vlan
To disable the management VLAN, use the following command:
no vlan
mgmt-if-ipv6
To enter the config-sys-mgmt-if-ipv6 context and configure the management
interface settings, use the following command:
mgmt-if-ipv6
Syntax Description
mgmt-if-ipv6
Configure the management interface settings
Defaults
None.
Example
ruckus(config-sys)# mgmt-if-ipv6
ruckus(config-sys-mgmt-if-ipv6)#
no mgmt-if-ipv6
To disable the management interface, use the following command:
no mgmt-if-ipv6
146
Configuring Controller Settings
Configure System Commands
Syntax Description
no mgmt-if-ipv6
Disable the management interface
Defaults
None.
Example
ruckus(config-sys)# no mgmt-if-ipv6
The management interface has been updated.
ipv6 addr
To set the management interface IP address, use the following command:
ip addr <IPv6-ADDR> <IPv6-PREFIX>
gateway
To set the management interface gateway address, use the following command:
gateway <GATEWAY-ADDR>
no gateway
To disable the management interface gateway address, use the following command:
no gateway
vlan
To enable the management VLAN and set the VLAN ID, use the following command:
vlan <NUMBER>
no vlan
To disable the management VLAN, use the following command:
no vlan
flexmaster
To set the FlexMaster server address and the periodic inform interval, use the following
command:
flexmaster <IP-ADDR/DOMAIN-NAME> interval <NUMBER>
Syntax Description
flexmaster
Configure the FlexMaster server settings
<IP-ADDR/DOMAINNAME>
Set to this URL or IP address
interval
Configure the periodic inform interval
147
Configuring Controller Settings
Configure System Commands
<NUMBER>
Set to this interval (in minutes)
Defaults
None.
Example
ruckus(config-sys)# flexmaster http://172.18.30.118 interval 30
The FlexMaster Management settings have been updated.
no flexmaster
To disable FlexMaster management of the controller, use the following command:
no flexmaster
Syntax Description
no flexmaster
Disable FlexMaster management of the controller
Defaults
None
Example
ruckus(config-sys)# no flexmaster
FlexMaster Management has been disabled.
snmpv2
To configure the SNMPv2 settings, use the following command:
snmpv2
Executing this command enters the config-sys-snmpv2 context.
Syntax Description
Defaults
snmpv2
Configure the SNMPv2 settings
ruckus(config-sys)# snmpv2
ruckus(config-sys-snmpv2)#
support-kt
To enable special MIB note for KT, use the following command:
support-kt
contact
To enable SNMPv2 agent and set the system contact, use the following command:
contact <WORD>
148
Configuring Controller Settings
Configure System Commands
location
To enable SNMPv2 agent and set the system location, use the following command:
location <WORD>
ro-community
To set the read-only (RO) community name, use the following command:
ro-community <WORD>
Syntax Description
ro-community
Configure the read-only community name
<WORD>
Set the read-only community name to this value
Defaults
None.
Example
ruckus(config-sys-snmpv2)# ro-community private-123
The command was executed successfully
rw-community
To set the read-write (RW) community name, use the following command:
rw-community <WORD>
This command must be entered from within the snmp-agent context.
Syntax Description
rw-community
Configure the read-write community name
<WORD>
Set the read-write community name to this value
Defaults
None.
Example
ruckus(config-sys-snmpv2)# rw-community private-123
The command was executed successfully. To save the changes, type
'end' or 'exit'.
snmpv3
To configure the SNMPv3 settings, use the following command:
snmpv3
Executing this command enters the config-sys-snmpv3 context.
149
Configuring Controller Settings
Configure System Commands
Syntax Description
Defaults
snmpv3
Configure the SNMPv3 settings
ruckus(config-sys)# snmpv3
ruckus(config-sys-snmpv3)#
ro-user
To set the SNMPv3 Read Only User, use the following command:
ro-user <WORD> [MD5|SHA] <WORD> [DES|AES|NONE] <WORD>
rw-user
To set the SNMPv3 Read Write User, use the following command:
rw-user <WORD> [MD5|SHA] <WORD> [DES|AES|NONE] <WORD>
snmp-trap-format
To set the SNMP trap format to SNMPV2 or SNMPV3, use the following command:
snmp-trap-format [SNMPv2 | SNMPv3]
Syntax Description
snmp-trap-format
Set the SNMP trap format
[SNMPv2 | SNMPv3]
Set to either SNMPv2 or SNMPv3
Defaults
SNMPv2
Example
ruckus(config-sys)# snmp-trap-format SNMPV2
The SNMP trap settings have been updated.
snmpv2-trap
To enable the SNMPv2 trap and set the IP address of the trap server, use the following
command:
snmpv2-trap <NUMBER> <IP/IPv6-ADDR>
Syntax Description
Defaults
snmpv2-trap
Enable the SNMPv2 trap and set the trap server’s IP address
<NUMBER>
Assign the trap receiver ID (1-4)
<IP/IPv6-ADDR>
Set the trap receiver IP address
None
150
Configuring Controller Settings
Configure System Commands
Example
ruckus(config-sys)# snmpv2-trap 1 192.168.10.22
The SNMP trap settings have been updated.
snmpv3-trap
To enable and configure the SNMPv3 trap parameters, use the following command:
snmpv3-trap <user_name> <snmp_trap_server_ip> [MD5 | SHA]
<auth_pass_phrase> [DES <privacy_phrase>|AES <privacy_phrase>|
None]
Syntax Description
snmpv3-trap
Enable the SNMPv3 trap and configure the trap parameters
<user_name>
Trap user name
<snmp_trap_server Trap server IP address
_ip>
[MD5 | SHA]
Authentication method
<auth_pass_phrase Authentication passphrase
>
Privacy method and privacy phrase
[DES
<privacy_phrase>|
AES
<privacy_phrase>|
None]
Defaults
None
Example
ruckus(config-sys)#snmpv3-trap test1234 192.168.0.22 MD5
test1234 DES test4321
The command was executed successfully.
Configure Syslog Settings Commands
Use the syslog commands to configure the controller’s syslog notification settings.
To run these commands, you must first enter the config-sys context.
no syslog
To disable syslog notification, use the following command:
no syslog
Syntax Description
no syslog
Disable syslog notification
151
Configuring Controller Settings
Configure System Commands
Defaults
Disabled.
Example
ruckus# config
ruckus(config)# system
ruckus(config-sys)# no syslog
The command was executed successfully.
syslog
To enable syslog notifications and set the syslog server address,use the following
command:
syslog <IPADDR>
Syntax Description
syslog
Enable syslog notification
<IPADDR>
Send syslog notifications to this IP address or host name
Defaults
Disabled.
Example
ruckus# config
ruckus(config)# system
ruckus(config-sys)# syslog 192.168.0.1
The command was executed successfully.
mgmt-acl
To create or configure a management ACL, use the following command:
mgmt-acl <WORD>
Executing this command enters the config-mgmt-acl context.
For the commands that you can execute within the config-mgmt-acl context, refer
to “Configure Management ACL Commands” on page 158.
Syntax Description
mgmt-acl
Create or configure a management ACL
<WORD>
Create or configure this management ACL
Defaults
None.
Example
ruckus(config-sys)# mgmt-acl macl1
152
Configuring Controller Settings
Configure System Commands
The management ACL 'macl1' has been created. To save the Management
ACL, type 'end' or 'exit'.
ruckus(config-mgmt-acl)#
mgmt-acl-ipv6
To create or configure an IPv6 management ACL, use the following command:
mgmt-acl-ipv6 <WORD>
Executing this command enters the config-mgmt-acl context.
For the commands that you can execute within the config-mgmt-acl context, refer
to “Configure Management ACL Commands” on page 158.
Syntax Description
mgmt-acl-ipv6
Create or configure a management ACL
<WORD>
Create or configure this management ACL
Defaults
None.
Example
ruckus(config-sys)# mgmt-acl-ipv6 macl1
The management ACL 'macl1' has been created. To save the Management
ACL, type 'end' or 'exit'.
ruckus(config-mgmt-acl)#
qos
To enable and configure Quality of Service settings on the controller, use the following
command:
qos
Executing this command enters the config-sys-qos context. The following values
can be configured within the qos context:
Syntax Description
Defaults
qos
Enable and configure QoS on the controller
tx-failedthreshold
Set the transmit failed threshold value
heuristics
Set heuristics values
tos
classification
Set TOS classification values
None.
153
Configuring Controller Settings
Configure System Commands
Example
ruckus(config-sys)# qos
ruckus(config-sys-qos)#
no qos
To disable QoS on the controller, use the following command:
no qos
Syntax Description
qos
Disable QoS on the controller
Defaults
None.
Example
ruckus(config-sys)# no qos
Changes are saved!
System QoS function has been disabled.
tunnel-mtu
To set the tunnel MTU, use the following command:
tunnel-mtu <NUMBER>
Syntax Description
tunnel-mtu
Set the tunnel MTU
Defaults
None.
Example
ruckus(config-sys)# tunnel-mtu 1500
The Tunnel MTU settings have been updated.
ruckus(config-sys)#
telnetd
To enable the telnet server, use the following command:
telnetd
Syntax Description
Defaults
telnetd
Enable the telnet server
None.
154
Configuring Controller Settings
Configure System Commands
Example
ruckus(config-sys)# telnetd
The telnet server settings have been updated.
ruckus(config-sys)#
static-route
To create and configure static route settings, use the following command:
static-route <WORD>
Syntax Description
static-route
Create and configure a static route
name <WORD>
Set the name of the static route
subnet <IPSUBNET>
Set the subnet for the destination network. Use a slash (/)
to separate IP address and subnet
gateway <GATEWAY- Set the gateway address
ADDR>
show
Show a list of all static routes
Defaults
None.
Example
ruckus(config-sys)# static-route route1
The static route 'route1' has been created. To save the static
route, type 'end' or 'exit'.
ruckus(config-static-route)# subnet 192.168.11.1/24
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-static-route)# gateway 192.168.11.1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-static-route)# show
Static Route:
ID=
Name= route1
IP subnet= 192.168.11.1/24
IP gateway= 192.168.11.1
ruckus(config-static-route)#
static-route ipv6
To create and configure IPv6 static route settings, use the following command:
155
Configuring Controller Settings
Configure System Commands
static-route-ipv6 <WORD>
Syntax Description
static-route-ipv6 Create and configure a static route
name <WORD>
Set the name of the static route
prefix <IPv6PREFIX>
Set the subnet for the destination network. Use a slash (/)
to separate IP address and prefix length
gateway <GATEWAY- Set the gateway address
ADDR>
show
Show a list of all static routes
Defaults
None.
Example
ruckus(config-sys)# static-route route1
The static route 'route1' has been created. To save the static
route, type 'end' or 'exit'.
ruckus(config-static-route)# subnet 192.168.11.1/24
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-static-route)# gateway 192.168.11.1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-static-route)# show
Static Route:
ID=
Name= route1
IP subnet= 192.168.11.1/24
IP gateway= 192.168.11.1
ruckus(config-static-route)#
support-entitle
o”- returns “System error”
no snmpv2
To disable the SNMPv2 agent, use the following command:
no snmpv2
Syntax Description
no snmpv2
Disables the SNMPv3 agent
156
Configuring Controller Settings
Configure System Commands
Defaults
None.
Example
ruckus(config-sys)# no snmpv2
The SNMP v2 agent settings have been updated.
no snmpv3
To disable the SNMPv3 agent, use the following command:
no snmpv3
Syntax Description
no snmpv3
Disables the SNMPv3 agent
Defaults
None.
Example
ruckus(config-sys)# no snmpv3
The SNMP v3 agent settings have been updated.
no snmp-trap
To disable the SNMP trap notifications, use the following command:
no snmp-trap
Syntax Description
no snmp-trap
Disables SNMP trap notifications
Defaults
None.
Example
ruckus(config-sys)# no snmp-trap
The SNMP trap settings have been updated.
snmp-trap
To set the SNMP trap format, use the following command:
snmp-trap {trap server address}
Syntax Description
Defaults
snmp-trap
Enable SNMP trap notifications
{trap server address}
Set the trap server address to this IP address or host name
None.
157
Configuring Controller Settings
Configure System Commands
Example
ruckus# config
ruckus(config)# system
ruckus(config-sys)# snmp-trap 192.168.0.3
Configure Management ACL Commands
Use the mgmt-acl commands to configure the management ACL settings. To run
these commands, you must first enter the config-mgmt-acl context.
abort
To exit the config-mgmt-acl context without saving changes, use the abort
command.
abort
Syntax Description
abort
Exit the context without saving changes
Defaults
Disabled.
Example
ruckus(config-mgmt-acl)# abort
No changes have been saved.
ruckus(config-sys)#
end
To save changes, and then exit the config-services context, use the following
command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
Disabled.
Example
ruckus(config-mgmt-acl)# end
The management ACL 'macl2' has been updated and saved.
Your changes have been saved.
ruckus(config-sys)#
exit
To save changes, and then exit the config-services context, use the following
158
Configuring Controller Settings
Configure System Commands
command:
exit
Syntax Description
exit
Save changes, and then exit the context
Defaults
Disabled.
Example
ruckus(config-mgmt-acl)# exit
The management ACL 'macl2' has been updated and saved.
Your changes have been saved.
ruckus(config-sys)#
quit
To exit the config-mgmt-acl context without saving changes, use the abort
command.
quit
Syntax Description
quit
Exit the context without saving changes
Defaults
Disabled.
Example
ruckus(config-mgmt-acl)# quit
No changes have been saved.
ruckus(config-sys)#
name
To set the management ACL name, use the following command:
name <WORD>
Syntax Description
name
Set the management ACL name
<WORD>
Set to this name
Defaults
Disabled.
Example
ruckus(config-mgmt-acl)# name macl2
The command was executed successfully. To save the changes, type
'end' or 'exit'.
159
Configuring Controller Settings
Configure System Commands
restrict-type single ip-addr
To set the management ACL restriction type to a single IP address, use the following
command:
restrict-type single ip-addr <ip_address>
Syntax Description
Defaults
Example
restrict-type
single ip-addr
Set the management ACL restriction type to a single IP
address
<ip_address>
Set to this IP address only
Disabled.
ruckus(config-mgmt-acl)# restrict-type single ip-addr
192.168.110.22
The command was executed successfully. To save the changes, type
'end' or 'exit'.
restrict-type subnet ip-subnet
To set the management ACL restriction type to certain subnets, use the following
command:
restrict-type subnet ip-subnet <IP-SUBNET> <IP-SUBNET>
Syntax Description
restrict-type
subnet ip-subnet
Set the management ACL restriction type to a single IP
address
<IP-SUBNET>
Set to this subnet
Defaults
Disabled.
Example
ruckus(config-mgmt-acl)#restrict-type subnet ip-subnet
172.30.110.26 255.255.254.0
The command was executed successfully. To save the changes, type
'end' or 'exit'.
restrict-type range ip-range
To set the management ACL restriction type to an IP address range, use the following
command:
restrict-type range ip-range <ip_address> <ip_address>
160
Configuring Controller Settings
Configure UPNP Settings
Syntax Description
restrict-type range Set the management ACL restriction type to a single IP
ip-range
address
<ip_address>
<ip_address>
Set to this IP address range. The first <ip_address> is for
the startui
Defaults
Disabled.
Example
ruckus(config-mgmt-acl)#restrict-type range ip-range
172.30.110.28 172.30.110.39
The command was executed successfully. To save the changes, type
'end' or 'exit'.
show
To display the current management ACL settings, use the following command:
show
Syntax Description
show
Display the current management ACL settings
Defaults
Disabled.
Example
ruckus(config-mgmt-acl)# show
Management ACL:
ID:
:
Name= macl2
Restriction Type= range
IP range= 172.30.110.28-172.30.110.39
Configure UPNP Settings
Use the following commands to enable or disable Universal Plug and Play:
upnp
upnp
Syntax Description
Defaults
upnp
Enable UPnP
None.
161
Configuring Controller Settings
Configure Zero-IT Settings
Example
ruckus(config)# upnp
UPnP Service is enabled
/bin/upnp enable
ruckus(config)#
no upnp
no upnp
Syntax Description
no upnp
Defaults
None.
Example
ruckus(config)# no upnp
UPnP Service is disabled
/bin/upnp disable
ruckus(config)#
Enable UPnP
Configure Zero-IT Settings
To configure Zero-IT settings, use the following commands.
zero-it-auth-server local
zero-it-auth-server name <WORD>
Syntax Description
zero-it-auth-server
Set Zero-IT authentication server to local
zero-it-auth-server name
Set Zero-IT authentication server to an AAA server
<WORD>
Name of AAA server
Defaults
None.
Example
ruckus(config)# zero-it-auth-server name radius
The Authentication Server of Zero IT Activation has been updated.
ruckus(config)#
Example
ruckus(config)# zero-it-auth-server local
The Authentication Server of Zero IT Activation has been updated.
ruckus(config)#
162
Configuring Controller Settings
Configure Dynamic PSK Expiration
Configure Dynamic PSK Expiration
The following section lists commands for configuring Dynamic Pre-Shared Keys.
dynamic-psk-expiration
To set DPSK expiration, use the following command:
dynamic-psk-expiration <TIME>
yntax Description
dynamic-psk-expiration
Set DPSK expiration
<TIME>
Set DPSK expiration to this time limit (one-day,
one-week, two-weeks, one-month, two-months,
three-months, half-a-year, one-year, two-years)
unlimited
Set DPSKs to never expire
Defaults
None.
Example
ruckus(config)# dynamic-psk-expiration unlimited
The Dynamic psk expiration value has been updated.
ruckus(config)#
Configure WLAN Settings Commands
Use the config-wlan commands to configure the WLAN settings, including the
WLAN’s description, SSID, and its security settings. To run these commands, you must
first enter the config-wlan context.
wlan
To create a WLAN or configure an existing WLAN, use the following command:
wlan <WORD/NAME>
Executing this command enters the config-wlan context.
Syntax Description
Defaults
wlan
Configure a WLAN
<WORD/NAME>
Name of the WLAN service
None.
163
Configuring Controller Settings
Configure WLAN Settings Commands
Example
ruckus(config)# wlan ruckus2
The WLAN service 'ruckus2' has been created. To save the WLAN
service, type 'end' or 'exit'.
ruckus(config-wlan)#
description
To set the WLAN service description, use the following command:
description <WORD>
Syntax Description
description
Configure the WLAN description
<WORD>
Set the WLAN description this value
Defaults
None.
Example
ruckus(config-wlan)# description ruckustestwlan2
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
ssid
To set the WLAN service’s SSID or network name, use the following command:
ssid <SSID>
Syntax Description
ssid
Configure the WLAN service’s SSID
<SSID>
Set the SSID to this value
Defaults
None.
Example
ruckus(config-wlan)# ssid ruckus2
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
164
Configuring Controller Settings
Configure WLAN Settings Commands
beacon-interval
To set the beacon interval for mesh links, use the following command:
beacon-interval <NUMBER>
Syntax Description
beacon-interval
Set the beacon interval for the WLAN
<NUMBER>
Enter the beacon interval (100~1000 TUs)
Defaults
100
Example
ruckus(config-wlan)# beacon-interval 100
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
mgmt-tx-rate
To set the transmit rate for management frames, use the following command:
mgmt-tx-rate <RATE>
Syntax Description
mgmt-tx-rate
Set the max transmit rate for management frames
<RATE>
Set the transmit rate (in Mbps).
Defaults
2
Example
ruckus(config-wlan)# mgmt-tx-rate 2
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
name
To set the name of the WLAN, use the following command:
name <NAME>
Syntax Description
name
Set the WLAN name
<NAME>
Set to this name
165
Configuring Controller Settings
Configure WLAN Settings Commands
Defaults
None.
Example
ruckus(config-wlan)# name ruckus2
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
type
To configure the WLAN type, use the following command:
type [standard-usage | guest-access | hotspot <WORD>]
Syntax Description
type
Set the WLAN type
standard-usage
Set the WLAN type to standard usage
guest-access
Set the WLAN type to guest access
hotspot <WORD>
Set the WLAN type to Hotspot using the hotspot service
specified
Defaults
None.
Example
ruckus(config-wlan)# type standard-usage
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
open none
To set the authentication method to 'open' and encryption method to 'none', use the
following command:
open none
Syntax Description
open
Set the authentication method to 'open'
none
Set the encryption method to 'none'
Defaults
None.
Example
ruckus(config)# wlan randy-wlansvc-01-open
166
Configuring Controller Settings
Configure WLAN Settings Commands
The WLAN service 'randy-wlansvc-01-open' has been created. To save
the WLAN service, type end or exit.
ruckus(config-wlan-randy-wlansvc-01-open)# open none
The command was executed successfully.
open wpa passphrase {PASSPHRASE} algorithm AES
To set the authentication method to 'open', encryption method to 'WPA', and
algorithm to 'AES', use the following command:
open wpa passphrase {passphrase} algorithm AES
Syntax Description
open
Set the authentication method to open
wpa
Set the encryption method to WPA
passphrase
{passphrase}
Set the WPA passphrase to {passphrase}
algorithm AES
Set the encryption algorithm to AES
Defaults
None.
Example
ruckus(config)# wlan randy-wlansvc-01-open
The WLAN service 'randy-wlansvc-01-open' has been created. To save
the WLAN service, type end or exit.
ruckus(config-wlan-randy-wlansvc-01-open)# open wpa passphrase
12345678 algorithm AES
The command was executed successfully.
open wpa passphrase {PASSPHRASE} algorithm TKIP
To set the authentication method to 'open', encryption method to 'WPA', and
algorithm to 'TKIP', use the following command:
open wpa passphrase {passphrase} algorithm TKIP
Syntax Description
Defaults
open
Set the authentication method to open
wpa
Set the encryption method to WPA
passphrase
{passphrase}
Set the WPA passphrase to {passphrase}
algorithm TKIP
Set the encryption algorithm to TKIP
None.
167
Configuring Controller Settings
Configure WLAN Settings Commands
Example
ruckus(config)# wlan randy-wlansvc-01-open
The WLAN service 'randy-wlansvc-01-open' has been created. To save
the WLAN service, type end or exit.
ruckus(config-wlan-randy-wlansvc-01-open)# open wpa passphrase
12345678 algorithm TKIP
The command was executed successfully.
open wpa passphrase {PASSPHRASE} algorithm auto
To set the authentication method to 'open', encryption method to 'WPA', and
algorithm to 'Auto', use the following command:
open wpa passphrase {passphrase} algorithm auto
Syntax Description
open
Set the authentication method to open
wpa
Set the encryption method to WPA
passphrase
{passphrase}
Set the WPA passphrase to {passphrase}
algorithm auto
Set the encryption algorithm to Auto
Defaults
None.
Example
ruckus(config)# wlan randy-wlansvc-01-open
The WLAN service 'randy-wlansvc-01-open' has been created. To save
the WLAN service, type end or exit.
ruckus(config-wlan-randy-wlansvc-01-open)# open wpa passphrase
12345678 algorithm auto
The command was executed successfully.
open wpa2 passphrase {PASSPHRASE} algorithm
AES
To set the authentication method to 'open', encryption method to 'WPA2', and
algorithm to 'AES', use the following command:
open wpa2 passphrase {passphrase} algorithm AES
Syntax Description
open
Set the authentication method to open
wpa2
Set the encryption method to WPA2
passphrase
{passphrase}
Set the WPA2 passphrase to {passphrase}
168
Configuring Controller Settings
Configure WLAN Settings Commands
algorithm AES
Set the encryption algorithm to AES
Defaults
None.
Example
ruckus(config)# wlan randy-wlansvc-01-open
The WLAN service 'randy-wlansvc-01-open' has been created. To save
the WLAN service, type end or exit.
ruckus(config-wlan-randy-wlansvc-01-open)# open wpa2 passphrase
12345678 algorithm AES
The command was executed successfully.
open wpa2 passphrase {PASSPHRASE} algorithm
TKIP
To set the authentication method to 'open', encryption method to 'WPA2', and
algorithm to 'TKIP', use the following command:
open wpa2 passphrase {passphrase} algorithm TKIP
Syntax Description
open
Set the authentication method to open
wpa2
Set the encryption method to WPA2
passphrase
{passphrase}
Set the WPA2 passphrase to {passphrase}
algorithm TKIP
Set the encryption algorithm to TKIP
Defaults
None.
Example
ruckus(config)# wlan randy-wlansvc-01-open
The WLAN service 'randy-wlansvc-01-open' has been created. To save
the WLAN service, type end or exit.
ruckus(config-wlan-randy-wlansvc-01-open)# open wpa2 passphrase
12345678 algorithm TKIP
The command was executed successfully.
open wpa2 passphrase {PASSPHRASE} algorithm
auto
To set the authentication method to 'open', encryption method to 'WPA2', and
algorithm to 'Auto', use the following command:
open wpa2 passphrase {passphrase} algorithm auto
169
Configuring Controller Settings
Configure WLAN Settings Commands
Syntax Description
open
Set the authentication method to open
wpa2
Set the encryption method to WPA2
passphrase
{passphrase}
Set the WPA passphrase to {passphrase}
algorithm auto
Set the encryption algorithm to Auto
Defaults
None.
Example
ruckus(config)# wlan randy-wlansvc-01-open
The WLAN service 'randy-wlansvc-01-open' has been created. To save
the WLAN service, type end or exit.
ruckus(config-wlan-randy-wlansvc-01-open)# open wpa2 passphrase
12345678 algorithm auto
The command was executed successfully.
open wpa-mixed passphrase <PASSPHRASE>
algorithm auto
To set the authentication method to 'open', encryption method to 'WPA2', and
algorithm to 'Auto', use the following command:
open wpa-mixed passphrase <PASSPHRASE> algorithm auto
Syntax Description
open
Set the authentication method to open
wpa2
Set the encryption method to WPA2
passphrase
{passphrase}
Set the WPA passphrase to {passphrase}
algorithm auto
Set the encryption algorithm to Auto
Defaults
None.
Example
ruckus(config-wlan)# open wpa-mixed passphrase pass1234 algo-
rithm auto
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
170
Configuring Controller Settings
Configure WLAN Settings Commands
open wep-64 key {KEY} key-id {KEY-ID}
To set the authentication method to 'open', encryption method to 'WEP-64', key
index, and WEP key, use the following command:
open wep-64 key {key} key-id {key ID}
Syntax Description
open
Set the authentication method to open
wep-64
Set the encryption method to WEP 64-bit
key {key}
Set the WEP key to {key}
key-id {key ID}
Set the WEP key ID to {key ID}
Defaults
None.
Example
ruckus(config)# wlan randy-wlansvc-01-open
The WLAN service 'randy-wlansvc-01-open' has been created. To save
the WLAN service, type end or exit.
ruckus(config-wlan-randy-wlansvc-01-open)# open wep-64 key
1234567890 key-id 1
The command was executed successfully.
open wep-128 key {KEY} key-id {KEY-ID}
To set the authentication method to 'open', encryption method to 'WEP-128', key
index, and WEP key, use the following command:
open wep-128 key {key} key-id {key ID}
Syntax Description
open
Set the authentication method to open
wep-128
Set the encryption method to WEP 128-bit
key {key}
Set the WEP key to {key}
key-id {key ID}
Set the WEP key ID to {key ID}
Defaults
None.
Example
ruckus(config)# wlan randy-wlansvc-01-open
The WLAN service 'randy-wlansvc-01-open' has been created. To save
the WLAN service, type end or exit.
ruckus(config-wlan-randy-wlansvc-01-open)# open wep-128 key
12345678901234567890123456 key-id 1
The command was executed successfully.
171
Configuring Controller Settings
Configure WLAN Settings Commands
mac none auth-server
To set the authentication method to 'MAC Address' and encryption method to 'none',
use the following command:
mac none auth-server {auth server}
Syntax Description
Defaults
Example
mac
Set the authentication method to 'MAC Address'
none
Set the encryption method to 'none'
auth-server {auth
server}
Set the authorization server address to {auth server}
None.
ruckus(config-wlan-randall-wlansvc-01)# mac none auth-server
Ruckus-Auth-01
The command was executed successfully.
mac wpa passphrase {PASSPHRASE} alogrithm AES
auth-server {AUTHSVR-NAME}
To set the authentication method to 'MAC Address', encryption method to 'WPA',
and algorithm to 'AES', use the following command:
mac wpa passphrase {passphrase} algorithm AES auth-server
{AUTHSVR-NAME}
Syntax Description
mac
Set the authentication method to 'MAC Address'
wpa
Set the encryption method to 'WPA'
passphrase
{passphrase}
Set the WPA passphrase to {passphrase}
algorithm AES
Set the encryption algorithm to ‘AES’
auth-server {AUTHSVR- Set the authorization server address to {AUTHSVR-NAME}
NAME}
Defaults
None.
Example
ruckus(config-wlan-randall-wlansvc-01)# mac wpa passphrase
12345678 algorithm AES auth-server Ruckus-Auth-01
The command was executed successfully.
172
Configuring Controller Settings
Configure WLAN Settings Commands
mac wpa passphrase {PASSPHRASE} alogrithm TKIP
auth-server {AUTHSVR-NAME}
To set the authentication method to 'MAC Address', encryption method to 'WPA',
and algorithm to 'TKIP’, use the following command:
mac wpa passphrase {PASSPHRASE} alogrithm TKIP auth-server
{AUTHSVR-NAME}
Syntax Description
mac wpa
Set the authentication method to 'MAC Address' and
encryption method to 'WPA'
passphrase
{passphrase}
Set the WPA passphrase to {passphrase}
algorithm TKIP
Set the encryption algorithm to ‘TKIP’
auth-server {AUTHSVR- Set the authorization server address to {AUTHSVR-NAME}
NAME}
Defaults
None.
Example
ruckus(config-wlan-randall-wlansvc-01)# mac wpa passphrase
12345678 algorithm TKIP auth-server Ruckus-Auth-01
The command was executed successfully.
mac wpa2 passphrase {PASSPHRASE} alogrithm AES
auth-server {AUTHSVR-NAME}
To set the authentication method to 'MAC Address', encryption method to 'WPA2',
and algorithm to 'AES', use the following command:
mac wpa2 passphrase {PASSPHRASE} alogrithm AES auth-server
{AUTHSVR-NAME}
Syntax Description
mac wpa2
Set the authentication method to 'MAC Address' and
encryption method to 'WPA2'
passphrase
{PASSPHRASE}
Set the WPA2 passphrase to {passphrase}
algorithm AES
Set the encryption algorithm to ‘AES’
auth-server {AUTHSVR- Set the authorization server address to {AUTHSVR-NAME}
NAME}
Defaults
None.
173
Configuring Controller Settings
Configure WLAN Settings Commands
Example
ruckus(config-wlan-randall-wlansvc-01)# mac wpa2 passphrase
12345678 algorithm AES auth-server Ruckus-Auth-01
The command was executed successfully.
mac wpa2 passphrase {PASSPHRASE} alogrithm TKIP
auth-server {AUTHSVR-NAME}
To set the authentication method to 'MAC Address', encryption method to 'WPA2',
and algorithm to 'TKIP’, use the following command:
mac wpa2 passphrase {PASSPHRASE} alogithm TKIP auth-server
{AUTHSVR-NAME}
Syntax Description
mac wpa2
Set the authentication method to 'MAC Address' and
encryption method to 'WPA2'
passphrase
{PASSPHRASE}
Set the WPA2 passphrase to {passphrase}
algorithm TKIP
Set the encryption algorithm to ‘TKIP’
auth-server {AUTHSVR- Set the authorization server address to {AUTHSVR-NAME}
NAME}
Defaults
None.
Example
ruckus(config-wlan-randall-wlansvc-01)# mac wpa2 passphrase
12345678 algorithm TKIP auth-server Ruckus-Auth-01
The command was executed successfully.
mac wpa-mixed passphrase <PASSPHRASE>
algorithm AES auth-server <WORD>
To set the authentication method to ‘MAC Address’, encryption method to WPAMixed, and algorithm to AES, use the following command:
mac wpa-mixed passphrase <PASSPHRASE> algorithm AES auth-server
<WORD>
Syntax Description
mac wpa-mixed
Set the authentication method to 'MAC Address' and
encryption method to 'WPA-Mixed'
passphrase
{PASSPHRASE}
Set the WPA2 passphrase to {passphrase}
algorithm AES
Set the encryption algorithm to ‘AES’
174
Configuring Controller Settings
Configure WLAN Settings Commands
auth-server
<WORD>
Set the authorization server to this auth server
Defaults
None.
Example
ruckus(config-wlan)# mac wpa-mixed passphrase pass1234 algorithm
AES auth-server radius
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
mac wpa-mixed passphrase <PASSPHRASE>
algorithm TKIP auth-server <WORD>
To set the authentication method to 'MAC Address', encryption method to 'WPAMixed', algorithm to TKIP, use the following command:
mac wpa-mixed passphrase <PASSPHRASE> algorithm TKIP auth-server
<WORD>
Syntax Description
mac wpa-mixed
Set the authentication method to 'MAC Address' and
encryption method to 'WPA-Mixed'
passphrase
{PASSPHRASE}
Set the WPA2 passphrase to {passphrase}
algorithm TKIP
Set the encryption algorithm to ‘TKIP’
auth-server
<WORD>
Set the authorization server to this auth server
Defaults
None.
Example
ruckus(config-wlan)# mac wpa-mixed passphrase pass1234 algorithm
TKIP auth-server radius
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
175
Configuring Controller Settings
Configure WLAN Settings Commands
mac wep-64 key {KEY} key-id {KEY-ID} auth-server
{AUTHSVR-NAME}
To set the authentication method to 'MAC Address', encryption method to 'WEP-64',
key index, and WEP key, use the following command:
mac wep-64 key {KEY} key-id {KEY-ID} auth-server {AUTHSVR-NAME}
Syntax Description
mac
Set the authentication method to MAC address
wep-64
Set the encryption method to WEP 64-bit
key {KEY}
Set the WEP key to {KEY}
key-id {KEY-ID}
Set the WEP key ID to {KEY-ID}
auth-server
{AUTHSVR-NAME}
Set the authorization server address to {AUTHSVR-NAME}
Defaults
None.
Example
ruckus(config-wlan-randy-wlansvc-01-wpa2)# mac wep-64 key
15791BD8F2 key-id 2 auth-server Ruckus-Auth-01
The command was executed successfully.
mac wep-128 key {KEY} key-id {KEY-ID} auth-server
{AUTHSVR-NAME}
To set the authentication method to 'MAC Address', encryption method to 'WEP-128',
key index, and WEP key, use the following command:
mac wep-128 key {KEY} key-id {KEY-ID} auth-server {AUTHSVR-NAME}
Syntax Description
mac
Set the authentication method to MAC address
wep-128
Set the encryption method to WEP 128-bit
key {KEY}
Set the WEP key to {key}
key-id {KEY-ID}
Set the WEP key ID to {key ID}
auth-server
{AUTHSVR-NAME}
Set the authorization server address to {AUTHSVR-NAME}
Defaults
None.
Example
ruckus(config-wlan-randy-wlansvc-01-wpa2)# mac wep-128 key
15715791BD8F212345691BD8F2 key-id 2 auth-server Ruckus-Auth-01
The command was executed successfully.
176
Configuring Controller Settings
Configure WLAN Settings Commands
shared wep-64 key {KEY} key-id {KEY-ID}
To set the authentication method to 'Shared', encryption method to 'WEP-64', key
index, and WEP key, use the following command:
shared wep-64 key {KEY} key-id {KEY-ID}
Syntax Description
shared
Set the authentication method to ‘Shared’
wep-64
Set the encryption method to WEP 64-bit
key {KEY}
Set the WEP key to {key}
key-id {KEY-ID}
Set the WEP key ID to {KEY-ID}
Defaults
None.
Example
ruckus(config-wlan-randy-wlansvc-01-wpa2)# shared authentication
encryption wep-64 key 15791BD8F2 key-id 2
The command was executed successfully.
shared wep-128 key {KEY} key-id {KEY-ID}
To set the authentication method to 'Shared', encryption method to 'WEP-128', key
index, and WEP key, use the following command:
shared wep-128 key {KEY} key-id {KEY-ID}
Syntax Description
Defaults
Example
shared
Set the authentication method to ‘Shared’
wep-128
Set the encryption method to WEP 128-bit
key {KEY}
Set the WEP key to {key}
key-id {KEY-ID}
Set the WEP key ID to {KEY-ID}
None.
ruckus(config-wlan-randy-wlansvc-01-wpa2)# shared wep-128 key
15791B15791BD8F2123456D8F2 key-id 2
The command was executed successfully.
dot1x eap-type EAP-SIM auth-server
To set the authentication method to 'EAP-SIM', use the following command:
dot1x eap-type EAP-SIM auth-server[local | name <WORD>]
177
Configuring Controller Settings
Configure WLAN Settings Commands
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
eap-type
Set the EAP type
EAP-SIM
Set the authentication method to EAP-SIM
auth-server
Set authentication server
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
Defaults
None.
Example
ruckus(config-wlan)# dot1x eap-type EAP-SIM auth-server local
The command was executed successfully. To save the changes, type
'end' or 'exit'.
dot1x eap-type PEAP auth-server
To set the authentication method to 'PEAP', use the following command:
dot1x eap-type PEAP auth-server [local | name <WORD>]
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
eap-type
Set the EAP type
PEAP
Set the authentication method to PEAP
auth-server
Set authentication server
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
Defaults
None.
Example
ruckus(config-wlan)# dot1x eap-type PEAP auth-server local
The command was executed successfully. To save the changes, type
'end' or 'exit'.
dot1x wpa algorithm AES auth-server
To set the authentication method to '802.1x EAP', encryption method to 'WPA', and
algorithm to 'AES', use the following command:
178
Configuring Controller Settings
Configure WLAN Settings Commands
dot1x wpa algorithm AES auth-server [{local | name {AUTHSVRNAME}]
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
wpa
Set the encryption method to WPA
algorithm AES
Set the algorithm to AES
auth-server
Set authentication server
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x wpa algorithm AES auth-
server Ruckus-Auth-01
The command was executed successfully.
dot1x wpa algorithm TKIP auth-server {AUTHSVRNAME}
To set the authentication method to '802.1x EAP', encryption method to 'WPA', and
algorithm to 'TKIP', use the following command:
dot1x wpa algorithm TKIP auth-server {AUTHSVR-NAME}
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
wpa
Set the encryption method to WPA
algorithm TKIP
Set the algorithm to TKIP
auth-server
Set authentication server
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x wpa algorithm TKIP auth-
server Ruckus-Auth-01
The command was executed successfully.
179
Configuring Controller Settings
Configure WLAN Settings Commands
dot1x wpa algorithm auto auth-server
To set the authentication method to '802.1x EAP', encryption method to 'WPA', and
algorithm to 'Auto', use the following command:
dot1x wpa algorithm auto auth-server [local | name <WORD>]
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
wpa
Set the encryption method to WPA
algorithm auto
Set the algorithm to Auto
auth-server
Set authentication server
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x wpa algorithm auto auth-
server Ruckus-Auth-01
The command was executed successfully.
dot1x wpa2 algorithm AES auth-server {AUTHSVRNAME}
To set the authentication method to '802.1x EAP', encryption method to 'WPA2', and
algorithm to 'AES', use the following command:
dot1x wpa2 algorithm AES auth-server [local | name <WORD>]
Syntax Description
Defaults
dot1x
Set the authentication method to ‘802.11x’
wpa2
Set the encryption method to WPA2
algorithm AES
Set the algorithm to AES
auth-server
Set authentication server
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
None.
180
Configuring Controller Settings
Configure WLAN Settings Commands
Example
ruckus(config-wlan-randy-wlansvc-01-open)# dot1x wpa2 algorithm
AES auth-server Ruckus-RADIUS
The command was executed successfully.
dot1x wpa2 algorithm TKIP auth-server {AUTHSVRNAME}
To set the authentication method to '802.1x EAP', encryption method to 'WPA2', and
algorithm to 'TKIP', use the following command:
dot1x wpa2 algorithm TKIP auth-server [local | name <WORD>]
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
wpa2
Set the encryption method to WPA2
algorithm TKIP
Set the algorithm to TKIP
auth-server
Set authentication server
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x authentication encryption
wpa2 algorithm TKIP auth-server Ruckus-Auth-01
The command was executed successfully.
dot1x wpa2 algorithm auto auth-server
To set the authentication method to '802.1x EAP', encryption method to 'WPA2', and
algorithm to 'Auto', use the following command:
dot1x wpa2 algorithm auto auth-server [local | name <WORD>]
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
wpa2
Set the encryption method to WPA2
algorithm auto
Set the algorithm to auto
auth-server
Set authentication server
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
181
Configuring Controller Settings
Configure WLAN Settings Commands
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x wpa2 algorithm auto auth-
server Ruckus-Auth-01
The command was executed successfully.
dot1x wpa-mixed algorithm AES auth-server
To set the authentication method to 802.1x EAP, encryption method to WPA-Mixed,
and encryption method to AES, use the following command:
dot1x wpa-mixed algorithm AES auth-server [local | name <WORD>]
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
wpa-mixed
Set the encryption method to WPA-Mixed
algorithm AES
Set the algorithm to AES
auth-server
Set authentication server
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x wpa-mixed algorithm AES
auth-server local
The command was executed successfully.
dot1x wpa-mixed algorithm TKIP auth-server
To set the authentication method to 802.1x EAP, encryption method to WPA-Mixed,
and encryption method to TKIP, use the following command:
dot1x wpa-mixed algorithm TKIP auth-server [local | name <WORD>]
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
wpa-mixed
Set the encryption method to WPA-Mixed
algorithm TKIP
Set the algorithm to TKIP
local
Set the authentication server to ‘local database’
182
Configuring Controller Settings
Configure WLAN Settings Commands
name
Set the auth server
<WORD>
Name of the auth server
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x wpa-mixed algorithm AES
auth-server local
The command was executed successfully.
dot1x wpa-mixed algorithm auto auth-server
To set the authentication method to 802.1x EAP, encryption method to WPA-Mixed,
and encryption method to Auto, use the following command:
dot1x wpa-mixed algorithm auto auth-server [local | name <WORD>]
Syntax Description
dot1x
Set the authentication method to ‘802.11x’
wpa-mixed
Set the encryption method to WPA-Mixed
algorithm auto
Set the algorithm to Auto
local
Set the authentication server to ‘local database’
name
Set the auth server
<WORD>
Name of the auth server
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x wpa-mixed algorithm AES
auth-server local
The command was executed successfully.
dot1x authentication encryption wep-64 auth-server
To set the authentication method to '802.1x EAP', encryption method to 'WEP-64',
key index, and WEP key, use the following command:
dot1x authentication encryption wep-64 auth-server {auth server}
Syntax Description
dot1x authentication
Set the authentication method to ‘802.11x’
encryption wep-64
Set the encryption method to WEP 64-bit
183
Configuring Controller Settings
Configure WLAN Settings Commands
auth-server {auth
server}
Set the auth server to {auth server}
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x authentication encryption
wep-64 auth-server Ruckus-Auth-01
The command was executed successfully.
dot1x authentication encryption wep-128 authserver
To set the authentication method to '802.1x EAP', encryption method to 'WEP-128',
key index, and WEP key, use the following command:
dot1x authentication encryption wep-128 auth-server
Syntax Description
dot1x authentication
Set the authentication method to ‘802.11x’
encryption wep-128
Set the encryption method to WEP 128-bit
auth-server {auth
server}
Set the auth server to {auth server}
Defaults
None.
Example
ruckus(config-wlan-wlansvc-012)# dot1x authentication encryption
wep-128 auth-server Ruckus-Auth-01
The command was executed successfully.
bgscan
To enable background scanning on the WLAN, use the following command:
bgscan
Example
ruckus(config-wlan)# bgscan
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
no bgscan
To disable background scanning on the WLAN, use the following command:
184
Configuring Controller Settings
Configure WLAN Settings Commands
no bgscan
Example
ruckus(config-wlan)# no bgscan
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
client-isolation
To enable client isolation, use the following command:
client-isolation [local|full]
Syntax Description
Example
client-isolation
Enable client isolation for this WLAN
local
Wireless clients associated with the same AP will be unable
to communicate with one another locally.
full
Wireless clients will be unable to
communicate
with each other or access any of the restricted subnets.
ruckus(config-wlan)# client-isolation local
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
no client-isolation
To enable client isolation, use the following command:
no client-isolation
Syntax Description
Example
no client-isolation Disable client isolation for this WLAN
ruckus(config-wlan)# no client-isolation
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
load-balancing
To enable load balancing for this WLAN, use the following command:
load-balancing
185
Configuring Controller Settings
Configure WLAN Settings Commands
Example
ruckus(config-wlan)# load-balancing
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
no load-balancing
To disable load balancing for this WLAN, use the following command:
no load-balancing
Example
ruckus(config-wlan)# no load-balancing
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
send-eap-failure
To enable send EAP failure messages, use the following command:
send-eap-failure
Example
ruckus(config-wlan)# send-eap-failure
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
no send-eap-failure
To disable send EAP failure messages, use the following command:
no send-eap-failure
Example
ruckus(config-wlan)# no send-eap-failure
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
pap-authenticator
To enable RADIUS message authenticator in PAP requests, use the following
command:
pap-authenticator
186
Configuring Controller Settings
Configure WLAN Settings Commands
Example
ruckus(config-wlan)# pap-authenticator
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
no pap-authenticator
To enable RADIUS message authenticator in PAP requests, use the following
command:
no pap-authenticator
Example
ruckus(config-wlan)# no pap-authenticator
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
nasid-type
To set the NAS ID type, use the following command:
nasid-type [<wlan-bssid>|<model-name>]
Syntax Description
Example
nasid-type
Set the NAS ID type
wlan-bssid
Set NAS ID type WLAN-BSSID
model-name
Set NAS ID type model name
ruckus(config-wlan)# nasid-type wlan-bssid
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
priority low
To set the WLAN priority to low, use the following command:
priority low
priority high
To set the WLAN priority to high, use the following command:
priority high
187
Configuring Controller Settings
Configure WLAN Settings Commands
web-auth
To enable Web authentication, use the following command:
web-auth [local | name <WORD>]
Syntax Description
web-auth
Enable Web authentication
local
Use local database as auth server
name
Specify an external auth server
<WORD>
The AAA server to use for Web authentication
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# web-auth Ruckus-RADIUS
The command was executed successfully.
ruckus(config-wlan-wlan-123)#
no web-auth
To disable Web authentication, use the following command:
no web-auth
Syntax Description
no web-auth
Disable Web authentication
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# no web-auth
The command was executed successfully.
grace-period
To set the grace period (idle timeout), use the following command:
grace-period <NUMBER>
188
Configuring Controller Settings
Configure WLAN Settings Commands
Syntax Description
grace-period
Enables and Sets a maximum time (in minutes) for which
users must re-authenticate after disconnecting.
Defaults
Disabled.
Example
ruckus(config-wlan)# grace-period 20
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no grace-period
To disable the grace period (idle timeout), use the following command:
no grace-period <NUMBER>
Syntax Description
no grace-period
Disables grace period timeout.
Defaults
Disabled.
Example
ruckus(config-wlan)# no grace-period
The command was executed successfully. To save the changes, type
'end' or 'exit'.
acct-server
To set the accounting server, use the following command:
acct-server <WORD>
Syntax Description
acct-server
Configure the AAA server
<WORD>
Set the AAA server to this address
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# acct-server Ruckus-Acct-01
The command was executed successfully.
189
Configuring Controller Settings
Configure WLAN Settings Commands
acct-server interim-update
To configure the interim update frequency (in minutes) of the AAA server, use the
following command:
acct-server {AAA name} interim-update {minutes}
Syntax Description
acct-server {AAA name} Confgure the interim update frequency of the AAA server
interimupdate{minutes}
Set the update frequency to this value (in minutes)
Defaults
5 (minutes)
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# acct-server Ruckus-Acct-01 intrim-
update 5
The command was executed successfully.
no acct-server
To disable the AAA server, use the following command:
no acct-server
Syntax Description
no acct-server
Disable AAA server authentication
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# no acct-server
The command was executed successfully.
inactivity-timeout
To enable and set the inactivity timeout, use the following command:
inactivity-timeout <NUMBER>
Syntax Description
inactivity-timeout
Enable and set the inactivity timeout
<NUMBER>
Set the inactivity timeout in minutes
190
Configuring Controller Settings
Configure WLAN Settings Commands
Defaults
5
Example
ruckus(config-wlan)# inactivity-timeout 15
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
vlan
To enable the management VLAN and set the VLAN ID, use the following command:
vlan {VLAN ID}
Syntax Description
vlan
Enable management VLAN
{VLAN ID}
Set the VLAN ID to this value
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# vlan 12
The command was executed successfully.
no vlan
To disable the management VLAN, use the following command:
no vlan
Syntax Description
no vlan
Disable the management VLAN
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# no vlan
The command was executed successfully.
dynamic-vlan
To enable dynamic VLAN, use the following command:
191
Configuring Controller Settings
Configure WLAN Settings Commands
dynamic-vlan
Syntax Description
dynamic-vlan
Enable dynamic VLAN
Defaults
None.
Example
ruckus(config-wlan)# dynamic-vlan
The command was executed successfully. To save the changes, type
'end' or 'exit'
no dynamic-vlan
To disable dynamic VLAN, use the following command:
no dynamic-vlan
Syntax Description
no dynamic-vlan
Disable dynamic VLAN
Defaults
None.
Example
ruckus(config-wlan)# no dynamic-vlan
The dynamic vlan can't be enabled or disabled when the authentication
method is not '802.1x-EAP' or 'MAC Address' and Encryption method
is not WPA,WPA2,WPA mixed,or none.
ruckus(config-wlan)# no dynamic-vlan
The command was executed successfully. To save the changes, type
'end' or 'exit'.
hide-ssid
To hide an SSID from wireless users, use the following command.Wireless users who
know the SSID will still be able to connect to the WLAN service.
hide-ssid
Syntax Description
hide-ssid
Hide SSID from wireless users
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# hide-ssid
192
Configuring Controller Settings
Configure WLAN Settings Commands
The command was executed successfully.
no hide-ssid
To unhide or broadcast an SSID to wireless users, use the following command:
no hide-ssid
Syntax Description
no hide-ssid
Broadcast SSID to wireless users
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# no hide-ssid
The command was executed successfully
ofdm-only
To enable support of OFDM rates only, use the following command:
ofdm-only
no ofdm-only
To disable OFDM only rates, use the following command:
no ofdm-only
bss-minrate
To set the minimum BSS transmission rate of the WLAN (in Mbps), use the following
command:
bss-minrate <NUMBER>
yntax Description
bss-minrate
Set the minimum BSS transmission rate in Mbps.
<NUMBER>
Minimum BSS transmission rate
Defaults
None.
Example
ruckus(config-wlan)# bss-minrate 2
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
193
Configuring Controller Settings
Configure WLAN Settings Commands
no bss-minrate
To disable the minimum BSS transmission rate for the WLAN, use the following
command:
no bss-minrate
tunnel-mode
To enable tunnel mode, use the following command:
tunnel-mode
Syntax Description
tunnel-mode
Enable tunnel mode
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# tunnel-mode
The command was executed successfully.
no tunnel-mode
To disable the tunnel mode, use the following command:
no tunnel-mode
Syntax Description
no tunnel-mode
Disable the tunnel mode
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# no tunnel-mode
The command was executed successfully.
option82
To enable DHCP option82, use the following command:
option82
194
Configuring Controller Settings
Configure WLAN Settings Commands
no option82
To disable DHCP option 82, use the following command:
no option82
max-clients
To set the maximum number of clients for a specific WLAN, use the following
command:
max-clients <NUMBER>
Syntax Description
max-clients
Configure the maximum number of clients that the WLAN
can support
<NUMBER>
Set the maximum clients to this value
Defaults
None.
Example
To set the maximum number of clients on WLAN-123 to 50, enter this command:
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# max-clients 50
The command was executed successfully.
auto-proxy
To enable auto-proxy and set the location of the wpad.dat file, use the following
command:
auto-proxy [<wpad-saved-on-zd | wpad-saved-on-external-server>]
url <WORD>
Syntax Description
Defaults
auto-proxy
Enable auto-proxy and specify the location of the wpad.dat
file
wpad-saved-on-ZD
WPAD.DAT file is saved on ZoneDirector
wpad-saved-onexternal-server
WPAD.DAT file is saved on an external server
url
Specify the WPAD URL configured on DHCP/DNS server
<WORD>
Auto-proxy path and file name
None.
195
Configuring Controller Settings
Configure WLAN Settings Commands
Example
ruckus(config-wlan)# auto-proxy wpad-saved-on-zd url
192.168.0.2/wpad.dat
The file has been loaded into ZoneDirector successfully,Please use
'import' to apply it
ruckus(config-wlan)#
import
To import the wpad.dat file into ZoneDirector, use the following command:
import
pmk-cache
To set the PMK cache time to the speficied number in minutes, use the following
command:
pmk-cache <NUMBER>
no auto-proxy
To disable auto-proxy, use the following command:
no auto-proxy
zero-it-activation
To enable Zero-IT activation, use the following command:
zero-it-activation
Syntax Description
zero-it-activation
Enable Zero-IT activation
Defaults
None.
Example
ruckus(config-wlan)# zero-it-activation
The Zero-IT Activation can't be enabled or disabled when the wlan
type is Guest Access or Hotspot Service Or Encryption method is
WPA-Mixed Or Authentication method is 802.1X/EAP + MAC Address Or
Authentication method is 802.1X/EAP and Authentication Server is
Local Database Or Encryption Algorithm is Auto.
ruckus(config-wlan)# zero-it-activation
The command was executed successfully. To save the changes, type
'end' or 'exit'.
196
Configuring Controller Settings
Configure WLAN Settings Commands
no zero-it-activation
To disable Zero-IT activation, use the following command:
no zero-it-activation
Syntax Description
no zero-it-activation
Disable Zero-IT activation
Defaults
None.
Example
ruckus(config-wlan)# no zero-it-activation
The command was executed successfully. To save the changes, type
'end' or 'exit'.
dynamic-psk enable
To enable Dynamic Pre-Shared Keys, use the following command:
dynamic-psk enable
Syntax Description
dynamic-psk enable
Enable Dynamic PSK
Defaults
None.
Example
ruckus(config-wlan)# dynamic-psk enable
The DPSK can't be enabled or disabled when the wlan type is not
Standard Usage and Encryption method is not WPA or WPA2 and
Authentication method is not open and Zero-IT is not enabled.
ruckus(config-wlan)# zero-it
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)# dynamic-psk enable
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
dynamic-psk passphrase-len
To set the Dynamic Pre-Shared Key passphrase length, use the following command:
dynamic-psk passphrase-len <NUMBER>
197
Configuring Controller Settings
Configure WLAN Settings Commands
no dynamic-psk
To disable Dynamic Pre-Shared Keys on the WLAN, use the following command:
no dynamic-psk
no l2acl
To disable Layer 2 Access Control Lists, use the following command:
no l2acl
no l3acl
To disable Layer 3/4 ACLs, use the following command:
no l3acl
no l3acl-ipv6
To disable Layer 3/4 IPv6 ACLs, use the following command:
no l3acl-ipv6
rate-limit-uplink
To set the uplink rate limit, use the following command:
rate-limit-uplink [disabled |100K | 250K |500K |1M |2M |5M |10M
|20M |50M]
Syntax Description
rate-limit-uplink
Set the uplink rate limit
disabled
Disable uplink rate limiting
100K | 250K |500K |1M Enable uplink rate limiting and set it to this value
|2M |5M |10M |20M |50M
Defaults
None.
no rate-limit-uplink
To disable the uplink rate limit, use the following command:
no rate-limit-uplink
Syntax Description
Defaults
no rate-limit-uplink
Disable the downlink rate limit
None.
198
Configuring Controller Settings
Configure WLAN Settings Commands
Example
ruckus(config-wlan)# rate-limit-uplink disabled
The command was executed successfully. To save the changes, type
'end' or 'exit'.
rate-limit-downlink
To set the downlink rate limit, use the following command:
rate-limit-uplink [disabled |100K | 250K |500K |1M |2M |5M |10M
|20M |50M]
Syntax Description
rate-limit-downlink
Set the downlink rate limit
disabled
Disable downlink rate limiting
100K | 250K |500K |1M Enable downlink rate limiting and set it to this value
|2M |5M |10M |20M |50M
Defaults
None.
no rate-limit-downlink
To disable the downlink rate limit, use the following command:
no rate-limit-downlink
Syntax Description
no rate-limit-downlink
Disable the downlink rate limit
Defaults
None.
Example
ruckus(config-wlan)# rate-limit-downlink disabled
The command was executed successfully. To save the changes, type
'end' or 'exit'.
acl
To apply an Access Control List to this WLAN, use the following command:
acl [<l2acl>|<l3acl>|<l3acl-ipv6>] <WORD>
Syntax Description
acl
Apply a previously saved ACL to this WLAN
l2acl
Apply a Layer 2 ACL
l3acl
Apply a Layer 3/Layer 4/IP ACL
l3acl-ipv6
Apply an IPv6 L3/L4/IP ACL
199
Configuring Controller Settings
Configure WLAN Settings Commands
<WORD>
The name of the ACL
Defaults
None.
Example
ruckus(config-wlan)# acl l2acl acl1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-wlan)#
qos classification
To enable Quality of Service classification, use the following command:
qos classification
no qos classification
To disable Quality of Service classification, use the following command:
no qos classification
qos heuristics-udp
To enable QoS heuristics for UDP traffic, use the following command:
qos heuristics-udp
no qos heuristics-udp
To disable QoS heuristics for UDP traffic, use the following command:
no qos heuristics-udp
qos directed-multicast
To enable QoS directed multicast, use the following command:
qos directed-multicast
no qos directed-multicast
To disable QoS directed multicast, use the following command:
no qos directed-multicast
qos igmp-snooping
To disable QoS directed multicast, use the following command:
qos igmp-snooping
200
Configuring Controller Settings
Configure WLAN Settings Commands
no qos igmp-snooping
To disable QoS IGMP snooping, use the following command:
no qos igmp-snooping
qos mld-snooping
To enable QoS MLD snooping, use the following command:
no qos mld-snooping
no qos mld-snooping
To disable QoS MLD snooping, use the following command:
no qos mld-snooping
no qos tos-classification
To disable QoS TOS classification, use the following command:
no qos tos-classification
qos priority
To set the QoS priority, use the following command:
qos priority [high|low]
qos directed-threshold
To set the QoS directed threshold, use the following command:
qos directed-threshold <NUMBER>
acl l2
To configure the L2 ACL, use the following command:
acl l2 <WORD>
Syntax Description
acl l2
Configure the L2 ACL
<WORD>
The name of the L2 ACL that you want to configure
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# acl l2 L2-ACL-name
The command was executed successfully.
201
Configuring Controller Settings
Configure WLAN Settings Commands
acl l3
To configure the L3/L4/IP ACL, use the following command:
acl l3 <WORD>
Syntax Description
acl l3
Configure the L3 ACL
<WORD>
The name of the L3 ACL that you want to configure
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan wlan-123
ruckus(config-wlan-wlan-123)# acl l3 L3-ACL-name
The command was executed successfully.
show
To display the WLAN settings, use the following command:
show
Syntax Description
show
Defaults
None.
Example
ruckus> en
Display WLAN settings
ruckus# conf wlan show
WLAN Service
========================================================
ID: 1
Name: corporate
Description:
Authentication: open
Encryption: wpa
Algorithm: aes
Passphrase: test1234
Authentication Server: Disabled
Accounting Server: Disabled
Tunnel Mode: Disabled
202
Configuring Controller Settings
Configure WLAN Group Settings Commands
Max Clients: 100
Web Authentication: Disabled
Client Isolation: Disabled
VLAN: Disabled
Closed System: Disabled (Broadcast SSID)
L2/MAC: No ACLS
L3/L4/IP address: No ACLS
--------------------------------------------------------
Configure WLAN Group Settings Commands
Use the wlan-group commands to configure the settings of a particular WLAN
group.
wlan-group
To create a new WLAN group or update an existing WLAN group, use the following
command:
wlan-group {WLAN group name}
Syntax Description
wlan-group
Configure the WLAN group
{WLAN group name}
Create or edit this WLAN group
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
The WLAN group has been created. To save the WLAN group, type end
or exit.
no wlan-group
To delete a WLAN group from the list, use the following command:
no wlan-group {WLAN group name}
Syntax Description
Defaults
wlan-group
Configure the WLAN group
{WLAN group name}
Create or edit this WLAN group
None.
203
Configuring Controller Settings
Configure WLAN Group Settings Commands
Example
ruckus# config
ruckus(config)# no wlan-group wlangrp-01
The WLAN group has been deleted.
abort
To exit the wlan-group context without saving changes, use the abort command.
Enter this command from within the context of the WLAN group that you are
configuring.
abort
Syntax Description
abort
Exit the WLAN group without saving changes
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# abort
No changes have been saved.
end
To save changes to the WLAN group settings and exit the wlan-group context, use
the following command. Enter this command from within the context of the WLAN
group that you are configuring.
end
Syntax Description
end
Save changes, and then exit the WLAN group
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# end
The WLAN group 'hello-wlangrp' has been updated.
Your changes have been saved.
204
Configuring Controller Settings
Configure WLAN Group Settings Commands
exit
To save changes to the WLAN group settings and exit the wlan-group context, use
the exit command. Enter this command from within the context of the WLAN group
that you are configuring.
exit
Syntax Description
exit
Save changes, and then exit the WLAN group
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# exit
The WLAN group 'hello-wlangrp' has been updated.
Your changes have been saved.
quit
To exit the wlan-group context without saving changes, use the following command.
Enter this command from within the context of the WLAN group that you are
configuring.
quit
Syntax Description
quit
Exit the WLAN group without saving changes
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# quit
No changes have been saved.
name
To set the WLAN group name, use the following command. Enter this command from
within the context of the WLAN group that you are configuring.
name {WLAN group name}
Syntax Description
name
Configure the WLAN group name
205
Configuring Controller Settings
Configure WLAN Group Settings Commands
{WLAN group name}
Set the WLAN group name to this value
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# name hello-wlangrp
The command was executed successfully.
description
To set the WLAN group description, use the following command. Enter this command
from within the context of the WLAN group that you are configuring.
description {WLAN group description}
Syntax Description
description
Configure the WLAN group description
{WLAN group
description}
Set the WLAN group description to this value
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# description my-description-
123
The command was executed successfully.
no wlan
To delete a WLAN service, use the following command. Enter this command from
within the context of the WLAN group that you are configuring.
no wlan {WLAN name to be deleted}
Syntax Description
Defaults
no wlan
Delete an existing WLAN service
{WLAN name to be
deleted}
Delete the WLAN service with this name
None.
206
Configuring Controller Settings
Configure WLAN Group Settings Commands
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# no wlan wlansvc-012
The command was executed successfully.
wlan
To add a WLAN service to the WLAN group, use the following command. Enter this
command from within the context of the WLAN group that you are configuring.
wlan {WLAN name to be created}
Syntax Description
wlan
Create a WLAN service
{WLAN name to be
created}
Name of the new WLAN
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# wlan wlansvc-012
The command was executed successfully.
wlan vlan override none
To add a WLAN service to the WLAN group and set the VLAN tag to 'No Change',
use the following command. Enter this command from within the context of the WLAN
group that you are configuring.
wlan <NAME> vlan override none
Syntax Description
wlan <NAME>
Add the <NAME> to the WLAN group
vlan override none
Set the VLAN tag of <NAME> to No Change
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# wlan wlansvc-012 vlan override
none
The command was executed successfully.
207
Configuring Controller Settings
Configure WLAN Group Settings Commands
wlan vlan override untag
To add a WLAN service to the WLAN group and set the VLAN tag to 'Untag', use the
following command:
wlan <NAME> vlan override untag
Syntax Description
wlan <NAME>
Add the <NAME> to the WLAN group
vlan override untage
Set the VLAN tag of <NAME> to Untagged
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group wlangrp-01
ruckus(config-wlangrp-wlangrp-01)# wlan wlansvc-012 vlan override
untag
The command was executed successfully.
wlan vlan override tag
To add a WLAN service to the WLAN group and set the VLAN tag to 'Tag', use the
following command:
wlan <NAME> vlan override tag {vlan ID}
Syntax Description
wlan <NAME>
Add the <NAME> to the WLAN group
vlan override tag {vlan
ID}
Set the VLAN tag of <NAME> to Tagged for {vlan ID}
Defaults
None.
Example
ruckus# config
ruckus(config)# wlan-group RW-group
The WLAN group 'RW-group' has been created. To save the WLAN
group, type end or exit.
ruckus(config-wlangrp-RW-group)# wlan corporate vlan override
tag 33
The WLAN service (SSID) 'corporate' has been added.
ruckus(config-wlangrp-RW-group)#
208
Configuring Controller Settings
Configure Role Commands
Configure Role Commands
Use the role commands to configure user roles on the controller. To run these
commands, you must first enter the config-role context.
role
To create a new role or modify an existing role, use the following command:
role <WORD>
Syntax Description
role
Create or modify a user role
<WORD>
Name of role
Defaults
None.
Example
ruckus(config)# role role1
The role entry ‘role1’ has been created
ruckus(config-role)#
no role
To delete a role entry from the list, use the following command:
no role <WORD>
Syntax Description
no role
Delete a user role
<WORD>
Name of role
Defaults
None.
Example
ruckus(config)# no role role1
The Role 'role1' has been deleted.
ruckus(config)#
abort
To exit the config-role context without saving changes, use the abort command.
Enter this command from within the context of the role that you are configuring.
abort
209
Configuring Controller Settings
Configure Role Commands
Syntax Description
abort
Exit the role without saving changes
Defaults
None.
Example
ruckus(config-role)# abort
No changes have been saved.
ruckus(config)#
end
To save changes, and then exit the config-role context, use the following
command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-role)# end
The Role entry has saved successfully.
Your changes have been saved.
ruckus(config)#
exit
To save changes, and then exit the config-role context, use the following
command:
exit
Syntax Description
exit
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-role)# exit
The Role entry has saved successfully.
Your changes have been saved.
ruckus(config)#
210
Configuring Controller Settings
Configure Role Commands
quit
To exit the config-role context without saving changes, use the quit command.
Enter this command from within the context of the role that you are configuring.
quit
Syntax Description
quit
Exit the role without saving changes
Defaults
None.
Example
ruckus(config-role)# quit
No changes have been saved.
ruckus(config)#
name
To set the name of a user role, use the following command:
name <WORD>
Syntax Description
name
Set the name of a user role
<WORD>
Set to this role
Defaults
None.
Example
ruckus(config-role)# name guest33
The command was executed successfully. To save the changes, type
'end' or 'exit'.
description
To set the description for a user role, use the following command:
description <description>
Syntax Description
description
Set the description of a user role
<description>
Set to this description
Defaults
None.
Example
ruckus(config-role)# description testforCLI
211
Configuring Controller Settings
Configure Role Commands
The command was executed successfully. To save the changes, type
'end' or 'exit'.
group-attributes
To set the group attributes of a user role, use the following command:
group-attributes <attributes>
Syntax Description
group-attributes
Set the attributes of a user role
<attributes>
Set to this attribute
Defaults
None.
Example
ruckus(config-role)# group-attributes ruckus1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
wlan-allowed
To set the WLANs to which a user role will have access, use the following command:
wlan-allowed [all | specify-wlan]
Syntax Description
wlan-allowed
Set the WLANs to which a role will have access
all
Grant access to all WLANs
specify-wlan
Grant access to a specific WLAN
Defaults
None.
Example
ruckus(config-role)# wlan-allowed all
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-role)# wlan-allowed specify-wlan
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no specify-wlan-access
To remove a particular WLAN from the list of WLANs that a user role can access, use
the following command:
no specify-wlan-access <wlan_ssid>
212
Configuring Controller Settings
Configure Role Commands
Syntax Description
no specify-wlan-access
Remove access to a WLAN by a user role
<wlan_ssid>
Remove access to this WLAN
Defaults
None.
Example
ruckus(config-role)# no specify-wlan-access joejoe98
The wlan 'joejoe98' has been removed from the Role.
specify-wlan-access
To adda particular WLAN to the list of WLANs that a user role can access, use the
following command:
specify-wlan-access <wlan_ssid>
Syntax Description
specify-wlan-access
Add access to a WLAN by a user role
<wlan_ssid>
Add access to this WLAN
Defaults
None.
Example
ruckus(config-role)# specify-wlan-access joejoe98
The wlan 'joejoe98' has been added to the Role.
no guest-pass-generation
To remove guest pass generation privileges from a user role, use the following
command:
no guest-pass-generation
Syntax Description
no guest-pass-generation
Remove guest pass generation privileges from a
user role
Defaults
None.
Example
ruckus(config-role)# no guest-pass-generation
The command was executed successfully. To save the changes, type
'end' or 'exit'.
213
Configuring Controller Settings
Configure Role Commands
guest-pass-generation
To add guest pass generation privileges to a user role, use the following command:
guest-pass-generation
Syntax Description
guest-pass-generation
Add guest pass generation privileges to a user
role
Defaults
None.
Example
ruckus(config-role)# guest-pass-generation
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no admin
To remove ZoneDirector administration privileges from a user role, use the following
command:
no admin
Syntax Description
no admin
Remove ZoneDirector administration privileges
from a user role
Defaults
None.
Example
ruckus(config-role)# no admin
The command was executed successfully. To save the changes, type
'end' or 'exit'.
admin [super|operator|monitoring]
To add ZoneDirector administration privileges to a user role, use the following
command:
admin [super|operator|monitoring]
Syntax Description
Defaults
admin
Add ZoneDirector administration privileges to a
user role
[super|operator|monitoring]
Set administration privileges
None.
214
Configuring Controller Settings
Configure User Commands
Example
ruckus(config-role)# admin super
The command was executed successfully. To save the changes, type
'end' or 'exit'.
show
To display the settings of a role, use the following command:
show
Syntax Description
show
Display the settings of a role
Defaults
None.
Example
ruckus(config-role)# show
Role:
ID:
2:
Name= guest
Description=
Group Attributes=
Guest Pass Generation= Disallowed
ZoneDirector Administration= Allowed
Allow ZoneDirector Administration:Super Admin
Allow All WLANs= Specify WLAN access
Configure User Commands
Use the user commands to configure a user’s name, password, and role.To run these
commands, you must first enter the config-user context.
user
To create a user or modify an existing user and enter the config-user context, use
the following command:
user <WORD>
Syntax Description
Defaults
user
Create or modify a user entry
<WORD>
Name of the user
None.
215
Configuring Controller Settings
Configure User Commands
Example
rruckus(config)# user johndoe
The User entry 'johndoe' has been created.
ruckus(config-user)#
no user
To delete a user record, use the following command:
no user <WORD>
Syntax Description
user
Create or modify a user entry
<WORD>
Name of the user
Defaults
None.
Example
ruckus(config)# no user johndoe
The User 'johndoe' has been deleted.
ruckus(config)#
abort
To exit the config-user context without saving changes, use the abort command.
Enter this command from within the context of the user that you are configuring.
abort
Syntax Description
abort
Defaults
None.
Example
ruckus(config-user)# abort
No changes have been saved.
ruckus(config)#
Exit the user settings without saving changes
end
To save changes, and then exit the config-user context, use the following
command:
end
216
Configuring Controller Settings
Configure User Commands
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-user)# end
The User entry has saved successfully.
Your changes have been saved.
ruckus(config)#
exit
To save changes, and then exit the config-user context, use the following
command:
exit
Syntax Description
exit
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-user)# exit
The User entry has saved successfully.
Your changes have been saved.
ruckus(config)#
quit
To exit the config-user context without saving changes, use the quit command.
Enter this command from within the context of the user that you are configuring.
quit
Syntax Description
quit
Defaults
None.
Example
ruckus(config-role)# quit
No changes have been saved.
ruckus(config)#
Exit the user settings without saving changes
217
Configuring Controller Settings
Configure User Commands
user-name
To set the name of a user, use the following command:
user-name <user_name>
Syntax Description
user-name
Set the name of a user
<user_name>
Set to this user name
Defaults
None.
Example
ruckus(config-user)# user-name joe1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
full-name <full_name>
To set the full name of a user, use the following command:
full-name <full_name>
Syntax Description
full-name
Set the full name of a user
<full_name>
Set to this full name
Defaults
None.
Example
ruckus(config-user)# full-name joejoe
The command was executed successfully. To save the changes, type
'end' or 'exit'.
password <password>
To set the password of a user, use the following command:
password <password>
Syntax Description
password
Set the password of a user
<password>
Set to this password
Defaults
None.
Example
ruckus(config-user)# password 1234
218
Configuring Controller Settings
Configure User Commands
The command was executed successfully. To save the changes, type
'end' or 'exit'.
role
To assign a role to a user, use the following command:
role <WORD>
Syntax Description
role
Assign a role to a user
<WORD>
Assign this role
Defaults
None.
Example
ruckus(config-user)# role guest
The command was executed successfully. To save the changes, type
'end' or 'exit'.
show
To display the settings of a user, use the following command:
show
Syntax Description
show
Defaults
None.
Example
ruckus(config-user)# show
User:
ID:
:
User Name= joe1
Full Name= joejoe
Password= 1234
Role= guest
Show user settings
219
Configuring Controller Settings
Configure Guest Access Commands
Configure Guest Access Commands
Use the guest-access commands to configure the guest access settings. To run
these commands, you must first enter the config-guest-access context.
guest-access
To configure Guest Access settings and enter the config-guest-access context, use
the following command:
guest-access
Example
ruckus(config)# guest-access
ruckus(config-guest-access)#
abort
To exit the config-guest-access context without saving changes, use the abort
command.
abort
Syntax Description
abort
Exit the guest access settings without saving
changes
Defaults
None.
Example
ruckus(config-guest-access)# abort
No changes have been saved.
ruckus(config)#
end
To save changes, and then exit the config-guest-access context, use the
following command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-guest-access)# end
220
Configuring Controller Settings
Configure Guest Access Commands
Your changes have been saved.
ruckus(config)#
exit
To save changes, and then exit the config-guest-access context, use the
following command:
exit
Syntax Description
exit
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-guest-access)# exit
Your changes have been saved.
ruckus(config)#
quit
To exit the config-guest-access context without saving changes, use the quit
command.
quit
Syntax Description
quit
Exit the guest access settings without saving
changes
Defaults
None.
Example
ruckus(config-guest-access)# quit
No changes have been saved.
ruckus(config)#
no authentication
To disable guest access authentication, use the following command:
no authentication
Syntax Description
Defaults
exit
Disable guest access authentication
None.
221
Configuring Controller Settings
Configure Guest Access Commands
Example
ruckus(config-guest-access)# no authentication
The command was executed successfully.
authentication guest-pass
To allow multiple users to share a single guest pass, use the following command:
authentication guest-pass [shared | no-shared]
Syntax Description
authentication guestpass
Configure guest pass authentication
shared
Allow multiple users to share a single guest pass
no-shared
Allow only a single user to use a guest pass
Defaults
None.
Example
ruckus(config-guest-access)# authentication guest-pass shared
The command was executed successfully.
no term-of-use
To hide the Terms of Use text on the guest pass access page, use the following
command:
no term-of-use
Syntax Description
no term-of-use
Hide Terms of Use
Defaults
None.
Example
ruckus(config-guest-access)# no term-of-use
The command was executed successfully.
term-of-use
To display and specify the Terms of Use text on the guest pass access page, use the
following command:
term-of-use <term_of_use_text>
Syntax Description
term-of-use
Display Terms of Use
<term_of_use_text>
Use this text
222
Configuring Controller Settings
Configure Guest Access Commands
Defaults
None.
Example
ruckus(config-guest-access)# term-of-use test.guest
The command was executed successfully.
redirect
To set the URL to which to redirect a guest user after passing authentication, use the
following command:
redirect [original | url <start_page_url>]
Syntax Description
redirect
Set the URL to which the guest user will be redirected
original
Redirect user to the original page that he intended to visit
url <start_page_url>
Redirect user to a different URL. Specify the URL in
<start_page_url>.
Defaults
original
Example
ruckus(config-guest-access)# redirect url
http://www.ruckuswireless.com
The command was executed successfully.
auth-server
To set the authentication server for guest user authentication, use the following
command:
auth-server [local | name <auth_server_name>]
Syntax Description
auth-server
Set the authentication server for guest users
local
Use the controller as the authentication server
name
<auth_server_name>
Use an external authentication server. Specify the
authentication server name in <auth_server_name>.
Defaults
local
Example
ruckus(config-guest-access)# auth-server local
The command was executed successfully.
223
Configuring Controller Settings
Configure Guest Access Commands
guestpass-effective
To set the duration during which the guest pass will be effective, use the following
command:
guestpass-effective [now | first_use_expired <days>]
Syntax Description
guestpass-effective
Set the guest pass effectivity period
now
Set the guest pass effective as soon as it is generated
first_use_expired
<days>
Set the guest pass to be effective upon first use and
toexpire after a specified number of days. Set the number
of days in <days>.
Defaults
now
Example
ruckus(config-guest-access)# guestpass-effective first-use-
expired 4
The command was executed successfully.
welcome-text
To configure the text to display when a guest user accesses the network, use the
following command:
welcome-text <WORD>
Syntax Description
welcome-text
Configure the welcome message
<WORD>
Use this as the welcome message
Defaults
Welcome to the Guest Access login page.
Example
ruckus(config-guest-access)# welcome-text welcome.txt
The command was executed successfully.
show
To display the guest pass settings, use the following command:
show
Syntax Description
Defaults
show
Display the guest pass settings
None.
224
Configuring Controller Settings
Configure Guest Access Commands
Example
ruckus(config-guest-access)# show
Guest Access:
Authentication= Use guest pass authentication.
Multiple users to share a single guest pass= Allowed
Terms of Use= Enabled
Terms= test.guest
Redirection= To the following URL.
URL= http://ruckuswireless.com
Validity Period= Effective from first use.
Expire Days= 4
Title= welcome.txt
Restricted Subnet Access:
Name= Guest
Description=
Default Action if no rule is matched= Deny all by default
Rules:
Order= 1
Description=
Type= Deny
Destination Address= local
Destination Port= Any
Protocol= Any
Order= 2
Description=
Type= Deny
Destination Address= 10.0.0.0/8
Destination Port= Any
Protocol= Any
Order= 3
Description=
Type= Deny
Destination Address= 172.16.0.0/12
Destination Port= Any
Protocol= Any
Order= 4
Description=
Type= Deny
Destination Address= 192.168.0.0/16
Destination Port= Any
Protocol= Any
225
Configuring Controller Settings
Configure Guest Access Commands
no restrict-access-order
To delete a restrict access order, use the following command:
no restrict-access-order <order_id>
Syntax Description
no restrict-access-order Delete a restrict access order
<order_id>
Delete this order ID
Defaults
None.
Example
ruckus(config-guest-access)# no restrict-access-order 4
The Restricted Subnet Access entry has been removed from the Guest
Access.
restrict-access-order
To add a restrict access order, use the following command:
restrict-access-order <order_id>
Syntax Description
restrict-access-order
Add a restrict access order
<order_id>
Add this order ID
Defaults
None.
Example
ruckus(config-guest-access)# restrict-access-order 5
Sorry,please enter the order 4 if you want to add a new one.
ruckus(config-guest-access)# restrict-access-order 3
ruckus(config-guest-restrict-access)#
Configure Guest Access Restriction Commands
Use the guest-restrict-access commands to configure network segments to
which guest access will be blocked. To run these commands, you must first enter the
config-guest-restrict-access context.
abort
To exit the config-guest-restrict-access context without saving changes,
use the abort command.
abort
226
Configuring Controller Settings
Configure Guest Access Commands
Syntax Description
abort
Exit the guest access restriction settings without
saving changes
Defaults
None.
Example
ruckus(config-guest-restrict-access)# abort
No changes have been saved.
ruckus(config-guest-access)#
end
To save changes, and then exit the config-guest-restrict-access context,
use the following command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-guest-restrict-access)# end
The Restricted Subnet Access entry has been added to the Guest
Access.
Your changes have been saved.
ruckus(config-guest-access)#
exit
To save changes, and then exit the config-guest-restrict-access context,
use the following command:
exit
Syntax Description
exit
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-guest-restrict-access)# exit
The Restricted Subnet Access entry has been added to the Guest
Access.
Your changes have been saved.
227
Configuring Controller Settings
Configure Guest Access Commands
ruckus(config-guest-access)#
quit
To exit the config-guest-restrict-access context without saving changes,
use the quit command.
quit
Syntax Description
quit
Exit the guest access restriction settings without
saving changes
Defaults
None.
Example
ruckus(config-guest-restrict-access)# quit
No changes have been saved.
ruckus(config-guest-access)#
show
To display guest access restriction settings, use the following command:
show
Syntax Description
Defaults
show
Display guest access restriction settings
None.
order
To configure the guest access rule order, use the following command:
order <rule_order_id>
Syntax Description
order
Set the order of a guest access rule
<rule_order_id>
Assign the rule this order
Defaults
None.
Example
ruckus(config-guest-restrict-access)# order 3
The command was executed successfully.
228
Configuring Controller Settings
Configure Guest Access Commands
description
To set the description of a guest access rule, use the following command:
description <description>
Syntax Description
description
Set the description of a guest access rule
<description>
Set this as description
Defaults
None.
Example
ruckus(config-guest-restrict-access)# description guestd3
The command was executed successfully.
type allow
To set the guest access rule type to ‘allow’, use the following command:
type allow
Syntax Description
type
Set the guest access rule type
allow
Set the rule type to ‘allow’
Defaults
None.
Example
ruckus(config-guest-restrict-access)# type allow
The command was executed successfully.
type deny
To set the guest access rule type to ‘deny’, use the following command:
type deny
Syntax Description
type
Set the guest access rule type
deny
Set the rule type to ‘deny’
Defaults
None.
Example
ruckus(config-guest-restrict-access)# type deny
The command was executed successfully.
229
Configuring Controller Settings
Configure Guest Access Commands
destination address
To set the destination address of the rule, use the following command:
destination address <IP-ADDR/WORD>
Syntax Description
destination address
Set the destination address of the rule
IP-ADDR/WORD
Set the destination to this IP address
Defaults
None.
Example
ruckus(config-guest-restrict-access)# destination address
192.168.0.20/24
The command was executed successfully.
destination port
To set the destination port of the rule, use the following command:
destination port <NUMBER/WORD>
Syntax Description
destination port
Set the destination port of the rule
<NUMBER/WORD>
Set the destination to this port number
Defaults
None.
Example
ruckus(config-guest-restrict-access)# destination port 562
The command was executed successfully.
protocol
To set the protocol for the rule, use the following command:
protocol <NUMBER/WORD>
Syntax Description
protocol
Set the protocol for the rule
<NUMBER/WORD>
Set to this protocol
Defaults
None.
Example
ruckus(config-guest-restrict-access)# protocol 69
The command was executed successfully.
230
Configuring Controller Settings
Configure Hotspot Commands
Configure Hotspot Commands
Use the hotspot commands to configure the controller’s hotspot settings. To run
these commands, you must first enter the config-hotspot context.
hotspot
To create a new hotspot or edit an existing entry and enter the config-hotspot context,
use the following command:
hotspot <WORD>
Syntax Description
hotspot
Create or edit a hotspot service
<WORD>
Name of hotspot service
Defaults
None.
Example
ruckus(config)# hotspot hotspot1
The Hotspot entry 'hotspot1' has been loaded. To save the Hotspot
entry, type end or exit.
ruckus(config-hotspot)#
no hotspot
To delete a hotspot record from the list, use the following command:
no hotspot <WORD>
Syntax Description
hotspot
Create or edit a hotspot service
<WORD>
Name of hotspot service
Defaults
None.
Example
ruckus(config)# hotspot hotspot1
The Hotspot entry 'hotspot1' has been loaded. To save the Hotspot
entry, type end or exit.
ruckus(config-hotspot)#
231
Configuring Controller Settings
Configure Hotspot Commands
abort
To exit the config-hotspot context without saving changes, use the abort
command.
abort
Syntax Description
abort
Exit the hotspot settings without saving changes
Defaults
None.
Example
ruckus(config-hotspot)# abort
No changes have been saved.
ruckus(config)#
end
To save changes, and then exit the config-hotspot context, use the following
command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-hotspot)# end
The login page url can't be empty.
ruckus(config-hotspot)# end
The Hotspot entry has saved successfully.
Your changes have been saved.
ruckus(config)#
exit
To save changes, and then exit the config-hotspot context, use the following
command:
exit
Syntax Description
Defaults
exit
Save changes, and then exit the context
None.
232
Configuring Controller Settings
Configure Hotspot Commands
Example
ruckus(config-hotspot)# exit
The login page url can't be empty
ruckus(config-hotspot)# exit
The Hotspot entry has saved successfully.
Your changes have been saved.
quit
To exit the config-hotspot context without saving changes, use the quit
command.
quit
Syntax Description
quit
Exit the hotspot settings without saving changes
Defaults
None.
Example
ruckus(config-hotspot)# quit
No changes have been saved.
ruckus(config)#
show
To display the current hotspot settings, use the following command:
show
Syntax Description
show
Display the current hotspot settings
Defaults
None.
Example
ruckus(config-hotspot)# show
Hotspot:
ID:
1:
Name= h1
Login Page Url= http://172.18.110.122
Start Page= redirect to the URL that the user intends to visit.
Session Timeout= Disabled
Idle Timeout= Enabled
Timeout= 60 Minutes
Authentication Server= Local Database
233
Configuring Controller Settings
Configure Hotspot Commands
Accounting Server= Disabled
Location ID=
Location Name=
Walled Garden 1=
Walled Garden 2=
Walled Garden 3=
Walled Garden 4=
Walled Garden 5=
Rules:
Order= 1
Description= h1_order1
Type= Deny
Destination Address= 192.168.20.20/24
Destination Port= 920
Protocol= 58
name
To set the hotspot name, use the following command
name <WORD>
Syntax Description
name
Set the hotspot name
<WORD>
Set to this name
Defaults
None.
Example
ruckus(config-hotspot)# name ruckus1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
login-page
To set the URL of the hotspot login, use the following command:
login-page [original|<WORD>]
Syntax Description
Defaults
login-page
Set the URL of the hotspot login
<WORD>
Set to this URL
original
Redirect to the URL that the user intends to visit
None.
234
Configuring Controller Settings
Configure Hotspot Commands
Example
ruckus(config-hotspot)# login-page http://ruckuswireless.com
The command was executed successfully. To save the changes, type
'end' or 'exit'.
start-page
To set the URL or page to which the user will be redirected after logging into the
hotspot, use the following command:
start-page [original | url <start_page_url>]
Syntax Description
start-page
Set the URL or page to which the user will be
redirected after logging into the hotspot
original
Redirect user to the original page he or she
intended to visit
url <start_page_url>
Redirect use to another page. Set the URL of the
page in <start_page_url>.
Defaults
original
Example
ruckus(config-hotspot)# start-page url
http://www.ruckuswireless.com
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no session-timeout
To disable the session timeout for hotspot usage, use the following command:
no session-timeout
Syntax Description
no session-timeout
Disable the session timeout for hotspot usage
Defaults
None.
Example
ruckus(config-hotspot)# no session-timeout
The command was executed successfully. To save the changes, type
'end' or 'exit'.
235
Configuring Controller Settings
Configure Hotspot Commands
session-timeout
To enable and set the session timeout for hotspot usage, use the following command:
session-timeout <minutes>
Syntax Description
session-timeout
Disable the session timeout for hotspot usage
<minutes>
Set the session timeout to this value (in minutes)
Defaults
1440 minutes
Example
ruckus(config-hotspot)# session-timeout 20
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no grace-period
To disable the grace period (idle timeout) for hotspot users, use the following
command:
no grace-period
Syntax Description
no grace-period
Disable the idle timeout for hotspot users
Defaults
None.
Example
ruckus(config-hotspot)# no grace-period
The command was executed successfully. To save the changes, type
'end' or 'exit'.
grace-period
To enable and set the grace period (idle timeout) for hotspot users, use the following
command:
grace-period <minutes>
Syntax Description
Defaults
grace-period
Set the idle timeout for hotspot users
<minutes>
Set the idle timeout to this value (in minutes)
60 minutes
236
Configuring Controller Settings
Configure Hotspot Commands
Example
ruckus(config-hotspot)# grace-period 20
The command was executed successfully. To save the changes, type
'end' or 'exit'.
auth-server local
To use ZoneDirector as the authentication server for hotspot users, use the following
command:
auth-server local
Syntax Description
auth-server
Set an authentication server for hotspot users
local
Use ZoneDirector as the authentication server
Defaults
local
Example
ruckus(config-hotspot)# auth-server local
The command was executed successfully. To save the changes, type
'end' or 'exit'.
auth-server name
To use an external server for authenticating hotspot users, use the following
command:
auth-server name <auth_server_name> [no-mac-bypass | macbypass]
Syntax Description
auth-server name
Set an external authentication server for hotspot
users
<auth_server_name>
Use this server as the authentication server
no-mac-bypass
Disable MAC bypass
mac-bypass
Enable MAC bypass
Defaults
None.
Example
ruckus(config-hotspot)# auth-server name rad1
The AAA server 'rad1' could not be found. Please check the spelling,
and then try again.
237
Configuring Controller Settings
Configure Hotspot Commands
acct-server
To enable the accounting server for hotspot usage, use the following command:
acct-server <WORD>
Syntax Description
acct-server
Enable the accounting server for hotspot usage
<WORD>
Name of the AAA server
Defaults
None.
Example
ruckus(config-hotspot)# acct-server "RADIUS Accounting"
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-hotspot)#
no acct-server
To disable the accounting server for hotspot usage, use the following command:
no acct-server
Syntax Description
no acct-server
Disable the accounting server for hotspot usage
Defaults
None.
Example
ruckus(config-hotspot)# no acct-server
The command was executed successfully. To save the changes, type
'end' or 'exit'.
acct-server interim-update
To enable and set the accounting server for hotspot usage, use the following
command:
acct-server <acct_server_name> interim-update <minutes>
Syntax Description
no acct-server
Enable and set the accounting server for hotspot
usage
<acct_server_name>
Set to this accounting server
interim-update
Set the interim update interval
<minutes>
Set to this interval (in minutes)
238
Configuring Controller Settings
Configure Hotspot Commands
Defaults
5 minutes
Example
ruckus(config-hotspot)# acct-server asd interim-update 10
The AAA server 'asd' could not be found. Please check the spelling,
and then try again.
ruckus(config-hotspot)# acct-server acct1 interim-update 20
The command was executed successfully. To save the changes, type
'end' or 'exit'.
client-isolation
To enable wireless client isolation and set the level of isolation, use the following
command:
client-isolation [local|full]
Syntax Description
client-isolation
Enable client isolation
local
Set client isolation to local. Wireless clients
associated with the same AP will be unable to
communicate with one another locally.
full
Set client isolation to full. Wireless clients will be
unable to communicate with each other or access
any of the restricted subnets.
Defaults
None
Example
ruckus(config-hotspot)# client-isolation local
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-hotspot)#
no client-isolation
To disable wireless client isolation, use the following command:
no client-isolation
Example
ruckus(config-hotspot)# no lient-isolation
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-hotspot)#
239
Configuring Controller Settings
Configure Hotspot Commands
location-id
To set the location ID of the hotspot, use the following command:
location-id <location-id>
Syntax Description
location-id
Set the location ID of the hotspot
<location-id>
Set to this location ID
Defaults
None.
Example
ruckus(config-hotspot)# location-id us
The command was executed successfully. To save the changes, type
'end' or 'exit'.
location-name
To set the location name of the hotspot, use the following command:
location-name <location-name>
Syntax Description
location-name
Set the location name of the hotspot
<location-name>
Set to this location name
Defaults
None.
Example
ruckus(config-hotspot)# location-name shenzhen
The command was executed successfully. To save the changes, type
'end' or 'exit'.
walled-garden
To set a hotspot “walled garden” URL, use the following command:
walled-garden <INDEX> <WORD>
Syntax Description
Defaults
walled-garden
Create a walled garden rule
<INDEX>
Enter walled garden URL index. (1~35)
<WORD>
Destination URL
None.
240
Configuring Controller Settings
Configure Hotspot Commands
Example
ruckus(config-hotspot)# walled-garden 1 www.ruckuswireless.com
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-hotspot)#
no walled-garden
To delete a walled garden URL, use the following command
no walled-garden <INDEX>
Syntax Description
walled-garden
Delete a walled garden rule
<INDEX>
Enter walled garden URL index. (1~35)
Defaults
None.
Example
ruckus(config-hotspot)# no walled-garden 1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-hotspot)#
restrict-access-order
To add a restrict access order, use the following command:
restrict-access-order <order_id>
Syntax Description
restrict-access-order
Add a restrict access order
<order_id>
Add this order ID
Defaults
None.
Example
ruckus(config-hotspot)# restrict-access-order 3
Sorry,please enter the order 1 if you want to add a new one.
ruckus(config-hotspot)# restrict-access-order 1
ruckus(config-hotspot-restrict-access)#
no restrict-access-order
To delete a restrict access order, use the following command:
241
Configuring Controller Settings
Configure Hotspot Commands
no restrict-access-order <order_id>
Syntax Description
no restrict-access-order Delete a restrict access order
<order_id>
Delete this order ID
Defaults
None.
Example
ruckus(config-hotspot)# no restrict-access-order 1
The rule '1' has been removed from the Hotspot.
restrict-access-order-ipv6
To add a restrict access order, use the following command:
restrict-access-order-ipv6 <order_id>
Syntax Description
restrict-access-orderipv6
Add a restrict access order
<order_id>
Add this order ID
Defaults
None.
Example
ruckus(config-hotspot)# restrict-access-order-ipv6 3
Sorry,please enter the order 1 if you want to add a new one.
ruckus(config-hotspot)# restrict-access-order-ipv6 1
ruckus(config-hotspot-restrict-access)#
no restrict-access-order-ipv6
To delete a restrict access order, use the following command:
no restrict-access-order-ipv6 <order_id>
Syntax Description
no restrict-access-order Delete a restrict access order
<order_id>
Delete this order ID
Defaults
None.
Example
ruckus(config-hotspot)# no restrict-access-order-ipv6 1
The rule '1' has been removed from the Hotspot.
242
Configuring Controller Settings
Configure Hotspot Commands
icmpv6-type
To set the ICMPv6 type, use the following command:
icmpv6-type [any|number<NUMBER>]
Defaults
Any.
Example
ruckus(config-hotspot-restrict-access-ipv6)# icmpv6-type any
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-hotspot-restrict-access-ipv6)#
Configure Hotspot Access Restriction Commands
Use the hotspot-restrict-access commands to configure network segments
to which hotspot access will be blocked. To run these commands, you must first enter
the config-hotspot-restrict-access context.
The same commands are available for IPv6 networks from the config-hotspotrestrict-access-ipv6 context.
end
To save changes, and then exit the config-hotspot-restrict-access context,
use the following command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-hotspot-restrict-access)# end
ruckus(config-hotspot)#
exit
To save changes, and then exit the config-hotspot-restrict-access context,
use the following command:
exit
Syntax Description
exit
Save changes, and then exit the context
243
Configuring Controller Settings
Configure Hotspot Commands
Defaults
None.
Example
ruckus(config-hotspot-restrict-access)# exit
ruckus(config-hotspot)#
show
To display hotspot access restriction settings, use the following command:
show
Syntax Description
Defaults
show
Display the hotspot access restriction settings
None.
order
To configure the hotspot access rule order, use the following command:
order <rule_order_id>
Syntax Description
order
Set the order of a hotspot access rule
<rule_order_id>
Assign the rule this order
Defaults
None.
Example
ruckus(config-hotspot-restrict-access)# order 1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
description
To set the description of a hotspot access rule, use the following command:
description <description>
Syntax Description
Defaults
description
Set the description of a hotspot access rule
<description>
Set this as description
None.
244
Configuring Controller Settings
Configure Hotspot Commands
Example
ruckus(config-hotspot-restrict-access)# description h1_order1
The command was executed successfully. To save the changes, type
'end' or 'exit'.
type allow
To set the hotspot access rule type to ‘allow’, use the following command:
type allow
Syntax Description
type
Set the hotspot access rule type
allow
Set the rule type to ‘allow’
Defaults
None.
Example
ruckus(config-hotspot-restrict-access)# type allow
The command was executed successfully. To save the changes, type
'end' or 'exit'.
type deny
To set the hotspot access rule type to ‘deny’, use the following command:
type deny
Syntax Description
type
Set the hotspot access rule type
deny
Set the rule type to ‘deny’
Defaults
None.
Example
ruckus(config-hotspot-restrict-access)# type deny
The command was executed successfully. To save the changes, type
'end' or 'exit'.
destination address
To set the destination address of the rule, use the following command:
destination address <IP-ADDR/WORD>
Syntax Description
destination address
Set the destination address of the rule
IP-ADDR/WORD
Set the destination to this IP address
245
Configuring Controller Settings
Configure Hotspot Commands
Defaults
Example
None.
ruckus(config-hotspot-restrict-access)# destination address
192.168.20.20/24
The command was executed successfully. To save the changes, type
'end' or 'exit'.
destination port
To set the destination port of the rule, use the following command:
destination port <NUMBER/WORD>
Syntax Description
destination port
Set the destination port of the rule
<NUMBER/WORD>
Set the destination to this port number
Defaults
None.
Example
ruckus(config-hotspot-restrict-access)# destination port 920
The command was executed successfully. To save the changes, type
'end' or 'exit'.
protocol
To set the protocol for the rule, use the following command:
protocol <NUMBER/WORD>
Syntax Description
protocol
Set the protocol for the rule
<NUMBER/WORD>
Set to this protocol
Defaults
None.
Example
ruckus(config-hotspot-restrict-access)# protocol 58
The command was executed successfully. To save the changes, type
'end' or 'exit'.
246
Configuring Controller Settings
Configure Mesh Commands
Configure Mesh Commands
Use the mesh commands to configure the controller’s mesh networking settings. To
run these commands, you must first enter the config-mesh context.
mesh
Use the mesh command to enter the config-mesh context and configure the meshrelated settings.
mesh
Syntax Description
mesh
Configure mesh settings
Defaults
none
Example
ruckus(config)# mesh
ruckus(config-mesh)#
abort
To exit the config-mesh context without saving changes, use the abort command.
abort
Syntax Description
abort
Exit the mesh settings without saving changes
Defaults
None.
Example
ruckus(config-mesh)# abort
No changes have been saved.
ruckus(config)#
end
To save changes, and then exit the config-mesh context, use the following
command:
end
Syntax Description
end
Save changes, and then exit the context
247
Configuring Controller Settings
Configure Mesh Commands
Defaults
None.
Example
ruckus(config-mesh)# end
Are you sure you want to enable mesh[Y/n]
Your changes have been saved.
ruckus(config)#
exit
To save changes, and then exit the config-mesh context, use the following
command:
exit
Syntax Description
exit
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-mesh)# exit
Are you sure you want to enable mesh[Y/n]
Your changes have been saved.
ruckus(config)#
quit
To exit the config-mesh context without saving changes, use the quit command.
quit
Syntax Description
quit
Defaults
None.
Example
ruckus(config-mesh)# quit
No changes have been saved.
ruckus(config)#
Exit the mesh settings without saving changes
show
To display the current mesh settings, use the following command:
248
Configuring Controller Settings
Configure Mesh Commands
show
Syntax Description
show
Display the current mesh settings
Defaults
None.
Example
ruckus(config-mesh)# show
Mesh Settings:
Mesh Status= Enabled
Mesh Name(ESSID)= Mesh-000000000311
Mesh Passphrase= GdxW5CUgNn_SEHOPyCSxv_chHSca MH-OpnRGfX
sRvwXBJLwUsD64eK8CMEZfm
Mesh Hop Detection:
Status= Disabled
Mesh Downlinks Detection:
Status= Disabled
Tx. Rate of Management Frame=2Mbps
Beacon Interval= 200ms
ruckus(config-mesh)#
no mesh
To disable mesh networking on the controller, use the following command:
no mesh
Syntax Description
Defaults
no mesh
Disable mesh networking on the controller
None.
ssid
To set the SSID of the mesh network, use the following command:
ssid <WORD/SSID>
Syntax Description
Defaults
ssid
Set the SSID of the mesh network
<WORD/SSID>
Set to this SSID
None.
249
Configuring Controller Settings
Configure Mesh Commands
Example
ruckus(config-mesh)# ssid rks_mesh
The command was executed successfully. To save the changes, type
'end' or 'exit'.
passphrase
To set the passphrase that allows access to the mesh network, use the following
command:
passphrase <WORD>
Syntax Description
passphrase
Set the passphrase that allows access to the mesh
network
<WORD>
Set to this passphrase
Defaults
None.
Example
ruckus(config-mesh)# passphrase test123456
The command was executed successfully. To save the changes, type
'end' or 'exit'.
hops-warn-threshold
To enable and configure the mesh hop threshold, use the following command:
hops-warn-threshold <NUMBER>
Syntax Description
hops-warn-threshold
Set the mesh hop threshold (max hops)
<NUMBER>
Set to this threshold value
Defaults
5
Example
ruckus(config-mesh)# hops-warn-threshold 6
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no detect-hops
To disable the mesh hop threshold, use the following command:
no detect-hops
250
Configuring Controller Settings
Configure Mesh Commands
Syntax Description
no detect-hops
Disable the mesh hop threshold
Defaults
None.
Example
ruckus(config-mesh)# no detect-hops
The command was executed successfully. To save the changes, type
'end' or 'exit'.
fan-out-threshold
To enable and configure the mesh downlink threshold, use the following command:
fan-out-threshold <NUMBER>
Syntax Description
fan-out-threshold
Set the mesh downlink threshold (max downlinks)
<NUMBER>
Set to this threshold value
Defaults
5
Example
ruckus(config-mesh)# fan-out-threshold 8
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no detect-fanout
To disable the mesh downlink threshold, use the following command:
no detect-fanout
Syntax Description
no detect-fanout
Disable the mesh downlink threshold
Defaults
None.
Example
ruckus(config-mesh)# no detect-fanout
The command was executed successfully. To save the changes, type
'end' or 'exit'.
beacon-interval
To set the beacon interval for mesh links, use the following command:
beacon-interval <NUMBER>
251
Configuring Controller Settings
Configure Alarm Commands
Syntax Description
beacon-interval
Set the beacon interval for mesh links
<NUMBER>
Enter the beacon interval (100~1000 TUs)
Defaults
200
Example
ruckus(config-mesh)# beacon-interval 200
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-mesh)#
mgmt-tx-rate
To set the transmit rate for management frames, use the following command:
mgmt-tx-rate <RATE>
Syntax Description
mgmt-tx-rate
Set the max transmit rate for management frames
<RATE>
Set the transmit rate (in Mbps).
Defaults
2
Example
ruckus(config-mesh)# mgmt-tx-rate 2
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-mesh)#
Configure Alarm Commands
Use the alarm commands to configure the controller’s alarm notification settings. To
run these commands, you must first enter the config-alarm context.
alarm
To enter the config-alarm context, use the following command.
alarm
Example
ruckus(config)# alarm
ruckus(config-alarm)#
252
Configuring Controller Settings
Configure Alarm Commands
abort
To exit the config-alarm context without saving changes, use the abort
command.
abort
Syntax Description
abort
Exit the alarm settings without saving changes
Defaults
None.
Example
ruckus(config-alarm)# abort
No changes have been saved.
ruckus(config)#
end
To save changes, and then exit the config-alarm context, use the following
command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-alarm)# end
The Alarm settings have been updated.
Your changes have been saved.
ruckus(config)#
exit
To save changes, and then exit the config-alarm context, use the following
command:
exit
Syntax Description
Defaults
exit
Save changes, and then exit the context
None.
253
Configuring Controller Settings
Configure Alarm Commands
Example
ruckus(config-alarm)# exit
The Alarm settings have been updated.
Your changes have been saved.
quit
To exit the config-alarm context without saving changes, use the quit command.
quit
Syntax Description
quit
Exit the alarm settings without saving changes
Defaults
None.
Example
ruckus(config-alarm)# quit
No changes have been saved.
ruckus(config)#
show
To display the current alarm settings, use the following command:
show
Syntax Description
show
Display the current alarm settings
Defaults
None.
Example
ruckus(config-alarm)# show
Alarm:
Status= Enabled
Email Address= johndoe@gmail.com
E-mail From = zonedirector@ruckuswireless.com
SMTP Server Name= smtp.gmail.com
SMTP Server Port= 25
SMTP Authentication Username= johndoe@gmail.com
SMTP Authentication Password= test123
wait time=
SMTP Encryption Options:
TLS= Enabled
STARTTLS= Enabled
Alarm Events Notify By Email:
254
Configuring Controller Settings
Configure Alarm Commands
MSG_rogue_AP_detected= disabled
MSG_ad_hoc_network_detected= disabled
MSG_AP_lost= enabled
MSG_SSID_spoofing_AP_detected= enabled
MSG_MAC_spoofing_AP_detected=enabled
MSG_admin_rogue_dhcp_server= enabled
MSG_admin_templic_oneday=disabled
MSG_lanrogue_AP_detected=enabled
MSG_RADIUS_service_outage= disabled
MSG_AP_hardware_problem= enabled
MSG_ZD_Sensor_problem= disabled
MSG_AP_no_mesh_uplink= enabled
MSG_AP_keep_no_AC_cfg= disabled
MSG_cltr_change_to_active= disabled
MSG_cltr_active_connected= disabled
MSG_cltr_standby_connected=disabled
MSG_cltr_active_disconnected=disabled
MSG_cltr_standby_disconnected= disabled
ruckus(config-alarm)#
e-mail
To set the email address to which alarm notifications will be sent, use the following
command:
e-mail <WORD>
Syntax Description
e-mail
Set the email address to which alarm notifications
will be sent
<WORD>
Send alarm notifications to this email address
Defaults
None.
Example
ruckus(config-alarm)# e-mail joe@163.com
The command was executed successfully. To save the changes, type
'end' or 'exit'.
from
To set the sender from address for email alarms, use the following command:
from <WORD>
255
Configuring Controller Settings
Configure Alarm Commands
Syntax Description
from
Set the email address from which alarm
notifications will be sent
<WORD>
Send alarm notifications from this email address
Defaults
None.
Example
ruckus(config-alarm)# from zonedirector@zonedirector.com
The command was executed successfully. To save the changes, type
'end' or 'exit'.
ruckus(config-alarm)#
smtp-server-name
To set the SMTP server that ZoneDirector uses to send alarm notifications, use the
following command:
smtp-server-name <WORD>
Syntax Description
smtp-server-name
Set the SMTP server that ZoneDirector uses to
send alarm notifications
<WORD>
Set to this SMTP server name
Defaults
None.
Example
ruckus(config-alarm)# smtp-server-name smtp.163.com
The command was executed successfully. To save the changes, type
'end' or 'exit'.
smtp-server-port
To set the SMTP server port that ZoneDirector uses to send alarm notifications, use
the following command:
smtp-server-name <NUMBER>
Syntax Description
Defaults
smtp-server-port
Set the SMTP server port that ZoneDirector uses
to send alarm notifications
<NUMBER>
Set to this SMTP server port
587
256
Configuring Controller Settings
Configure Alarm Commands
Example
ruckus(config-alarm)# smtp-server-port 25
The command was executed successfully. To save the changes, type
'end' or 'exit'.
smtp-auth-name
To set the user name that ZoneDirector uses to authenticate with the SMTP server,use
the following command:
smtp_auth_name <WORD>
Syntax Description
smtp_auth_name
Set the user name that ZoneDirector uses to
authenticate with the SMTP server
<WORD>
Set to this user name
Defaults
None.
Example
ruckus(config-alarm)# smtp-auth-name joe
The command was executed successfully. To save the changes, type
'end' or 'exit'.
smtp-auth-password
To set the password that ZoneDirector uses to authenticate with the SMTP server,use
the following command:
smtp-auth-password <WORD>
Syntax Description
smtp-auth-password
Set the password that ZoneDirector uses to
authenticate with the SMTP server
<WORD>
Set to this password
Defaults
None.
Example
ruckus(config-alarm)# smtp-auth-password 123456
The command was executed successfully. To save the changes, type
'end' or 'exit'.
tls-smtp-encryption
To enable TLS for SMTP encryption of alarm notifications, use the following command:
tls-smtp-encryption [tls|starttls]
257
Configuring Controller Settings
Configure Alarm Commands
Syntax Description
tls-smtp-encryption
Enable SMTP encryption of alarm notifications
tls
Enable TLS encryption for alarm notifications
starttls
Enable STARTTLS encryption for alarm
notifications
Defaults
None.
Example
ruckus(config-alarm)# tls-smtp-encryption tls
The command was executed successfully. To save the changes, type
'end' or 'exit'.
no tls-smtp-encryption
To disable TLS for SMTP encryption of alarm notifications, use the following
command:
no tls-smtp-encryption [tls|starttls]
Syntax Description
no tls-smtp-encryption
Disable SMTP encryption of alarm notifications
tls
Disable TLS encryption
starttls
Disable STARTTLS encryption
Defaults
None.
Example
ruckus(config-alarm)# no tls-smtp-encryption tls
The command was executed successfully. To save the changes, type
'end' or 'exit'.
event
To enable email alarm notifications for specific event types, use the following
command:
event <event_name>
Syntax Description
event
Enable email alarms for this event type
all
Enable email alarms for all event types
rogue-ap-detected
Rogue AP detected
rogue-device-detectedq
Ad hoc network detected
258
Configuring Controller Settings
Configure Alarm Commands
ap-lost-contacted
AP lost contact
ssid-spoofing-ap-detected
SSID spoofing AP detected
mac-spoofing-ap-detected
MAC spoofing AP detected
rogue-dhcp-server-detected
Rogue DHCP server detected
temporary-license-expired
Temporary license has expired
temporary-license-will-expire
Temporary license will expire
lan-rogue-ap-detected
LAN Rogue AP detected
aaa-server-unreachable
AAA server unreachable
ap-has-hardware-problem
AP hardware problem detected
sensor-has-problem
Sensor problem detected
uplink-ap-lost
Mesh AP uplink connection lost
incomplete-primary/secondaryip-settings
AP fails to maintain primary/secondary ZD IP
address settings
smart-redundancy-statechanged
Smart Redundancy device status change
detected
smart-redundancy-activeconnected
Smart Redundancy device active device
connected
smart-redundancy-standbyconnected
Smart Redundancy standby device connected
smart-redundancy-activedisconnected
Smart Redundancy active device disconnected
smart-redundancy-standbydisconnected
Smart Redundancy standby device disconnected
Defaults
all
Example
ruckus(config-alarm)# no event all
ruckus(config-alarm)# event uplink-ap-lost
ruckus(config-alarm)# show
Alarm:
Status= Enabled
Email Address= johndoe@gmail.com
E-mail From = zonedirector@ruckuswireless.com
SMTP Server Name= smtp.gmail.com
SMTP Server Port= 25
SMTP Authentication Username= johndoe@gmail.com
SMTP Authentication Password= test123
wait time=
SMTP Encryption Options:
259
Configuring Controller Settings
Configure Alarm Commands
TLS= Enabled
STARTTLS= Enabled
Alarm Events Notify By Email:
MSG_rogue_AP_detected= disabled
MSG_ad_hoc_network_detected= disabled
MSG_AP_lost= disabled
MSG_SSID_spoofing_AP_detected= disabled
MSG_MAC_spoofing_AP_detected=disabled
MSG_admin_rogue_dhcp_server= disabled
MSG_admin_templic_oneday=disabled
MSG_lanrogue_AP_detected=disabled
MSG_RADIUS_service_outage= disabled
MSG_AP_hardware_problem= disabled
MSG_ZD_Sensor_problem= disabled
MSG_AP_no_mesh_uplink= enabled
MSG_AP_keep_no_AC_cfg= disabled
MSG_cltr_change_to_active= disabled
MSG_cltr_active_connected= disabled
MSG_cltr_standby_connected=disabled
MSG_cltr_active_disconnected=disabled
MSG_cltr_standby_disconnected= disabled
ruckus(config-alarm)#
no event
To disable email alarm notifications for specific event types, use the following
command:
no event <event_name>
Syntax Description
no event
Disable email alarms for this event type
all
Disable email alarms for all event types
rogue-ap-detected
Rogue AP detected
rogue-device-detectedq
Ad hoc network detected
ap-lost-contacted
AP lost contact
ssid-spoofing-ap-detected
SSID spoofing AP detected
mac-spoofing-ap-detected
MAC spoofing AP detected
rogue-dhcp-server-detected
Rogue DHCP server detected
temporary-license-expired
Temporary license has expired
260
Configuring Controller Settings
Configure Alarm Commands
temporary-license-will-expire
Temporary license will expire
lan-rogue-ap-detected
LAN Rogue AP detected
aaa-server-unreachable
AAA server unreachable
ap-has-hardware-problem
AP hardware problem detected
sensor-has-problem
Sensor problem detected
uplink-ap-lost
Mesh AP uplink connection lost
incomplete-primary/secondaryip-settings
AP fails to maintain primary/secondary ZD IP
address settings
smart-redundancy-statechanged
Smart Redundancy device status change
detected
smart-redundancy-activeconnected
Smart Redundancy device active device
connected
smart-redundancy-standbyconnected
Smart Redundancy standby device connected
smart-redundancy-activedisconnected
Smart Redundancy active device disconnected
smart-redundancy-standbydisconnected
Smart Redundancy standby device disconnected
test-alarm ap-lose-connection
To send a test email for the event type “AP Lost Contact”, use the following command:
test-alarm ap-lose-connection
Example
ruckus(config-alarm)# test-alarm ap-lose-connection
ap lose connection alarm sent out
ruckus(config-alarm)#
261
Configuring Controller Settings
Configure Services Commands
Configure Services Commands
Use the services commands to configure miscellaneous service settings, such as
wireless intrusion prevention, automatic power and channel selection settings, ChannelFly, background scanning, rogue AP and rogue DHCP server detection, etc. To run
these commands, you must first enter the config-services context.
abort
To exit the config-services context without saving changes, use the abort
command.
abort
Syntax Description
abort
Exit the service settings without saving changes
Defaults
None.
Example
ruckus(config-services)# abort
No changes have been saved.
ruckus(config)#
end
To save changes, and then exit the config-services context, use the following
command:
end
Syntax Description
end
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-services)# end
Your changes have been saved.
ruckus(config)#
exit
To save changes, and then exit the config-services context, use the following
command:
exit
262
Configuring Controller Settings
Configure Services Commands
Syntax Description
exit
Save changes, and then exit the context
Defaults
None.
Example
ruckus(config-services)# exit
Your changes have been saved.
ruckus(config)#
quit
To exit the config-services context without saving changes, use the quit
command.
quit
Syntax Description
quit
Exit the service settings without saving changes
Defaults
None.
Example
ruckus(config-services)# quit
No changes have been saved.
ruckus(config)#
show
To display the current service settings, use the following command:
show
Syntax Description
show
Display the current service settings
Defaults
None.
Example
ruckus(config-services)# show
Services:
Automatically adjust ap radio power= Enabled
Automatically adjust ap channel= Enabled
Channelfly works on 2.4GHz radio:
Status= Disabled
Channelfly works on 5GHz radio:
263
Configuring Controller Settings
Configure Services Commands
Status= Disabled
Protect my wireless network against excessive wireless requests=
Disabled
Temporarily block wireless clients with repeated authentication
failures:
Status= Enabled
Time= 30 seconds
Run a background scan on 2.4GHz radio:
Status= Enabled
Time= 65535 seconds
Run a background scan on 5GHz radio:
Status= Enabled
Time= 65535 seconds
Report rogue devices in ZD event log= Enabled
Rogue DHCP server detection= Enabled
AeroScout RFID tag detection= Disabled
ruckus(config-services)#
auto-adjust-ap-power
To enable the auto adjustment of theAP radio power, which helps optimize radio
coverage when radio interference is present, use the following command:
auto-adjust-ap-power
Syntax Description
auto-adjust-ap-power
Enable the auto adjustment of theAP radio power
Defaults
None.
Example
ruckus(config-services)# auto-adjust-ap-power
The command was executed successfully.
no auto-adjust-ap-power
To disable the auto adjustment of theAP radio power, which helps optimize radio
coverage when radio interference is present, use the following command:
no auto-adjust-ap-power
Syntax Description
Defaults
no auto-adjust-ap-power
Disable the auto adjustment of theAP radio power
None.
264
Configuring Controller Settings
Configure Services Commands
Example
ruckus(config-services)# no auto-adjust-ap-power
The command was executed successfully.
auto-adjust-ap-channel
To enable the auto adjustment of theAP radio channel when radio interference is
present, use the following command:
auto-adjust-ap-channel
Syntax Description
auto-adjust-ap-channel
Enable the auto adjustment of theAP radio
channel
Defaults
None.
Example
ruckus(config-services)# auto-adjust-ap-channel
The command was executed successfully.
no auto-adjust-ap-channel
To disable the auto adjustment of theAP radio channel when radio interference is
present, use the following command:
no auto-adjust-ap-channel
Syntax Description
no auto-adjust-ap-channel
Disable the auto adjustment of theAP radio
channel
Defaults
None.
Example
ruckus(config-services)# no auto-adjust-ap-channel
The command was executed successfully.
channelfly
To enable ChannelFly channel management, use the following command:
channelfly [radio-2.4|radio-5] [mtbc] <NUMBER>
Syntax Description
channelfly
Enable ChannelFly automatic adjustment of
theAP radio channel
radio-2.4
Enable ChannelFly on the 2.4 GHz radio
265
Configuring Controller Settings
Configure Services Commands
Defaults
radio-5
Enable ChannelFly on the 5 GHz radio
mtbc (optional)
Set the mean time between channel change
<NUMBER>
Number in minutes (1~1440) to set as mean time
between channel change
Enabled for both 2.4 and 5 GHz radios
MTBC: 100
Example
ruckus(config-services)# channelfly radio-2.4 100
The command was executed successfully.
ruckus(config-services)#
Example
ruckus(config-services)# channelfly radio-2.4-mtbc 100
The command was executed successfully.
ruckus(config-services)#
no channelfly
To disable ChannelFly channel management, use the following command:
no channelfly [radio-2.4|radio-5]
Syntax Description
no channelfly
Disable ChannelFly automatic adjustment of
theAP radio channel
radio-2.4
Disable ChannelFly on the 2.4 GHz radio
radio-5
Disable ChannelFly on the 5 GHz radio
Defaults
None.
Example
ruckus(config-services)#
The command was executed
ruckus(config-services)#
The command was executed
ruckus(config-services)#
no channelfly radio-2.4
successfully.
no channelfly radio-5
successfully.
protect-excessive-wireless-request
To enable protection of the wireless network against excessive wireless requests, use
the following command:
protect-excessive-wireless-request
266
Configuring Controller Settings
Configure Services Commands
Syntax Description
protect-excessive-wirelessrequest
Enable protection of the wireless network against
excessive wireless requests
Defaults
Enabled
Example
ruckus(config-services)# protect-excessive-wireless-request
The command was executed successfully.
no protect-excessive-wireless-request
To disable protection of the wireless network against excessive wireless requests, use
the following command:
no protect-excessive-wireless-request
Syntax Description
no protect-excessive-wirelessrequest
Disable protection of the wireless network against
excessive wireless requests
Defaults
None.
Example
ruckus(config-services)# no protect-excessive-wireless-request
The command was executed successfully.
temp-block-auth-failed-client time
To temporarily block wireless clients that repeatedly fail to authenticate with APs, use
the following command:
temp-block-auth-failed-client time <NUMBER>
Syntax Description
temp-block-auth-failed-client
time
Temporarily block wireless clients that repeatedly
fail to authenticate with APs
<NUMBER>
Block for this number of seconds (10~1200)
Defaults
30 seconds
Example
ruckus(config-services)# temp-block-auth-failed-client time 9
The Block Time must be a number between 10 and 1200.
ruckus(config-services)# temp-block-auth-failed-client time 99
The command was executed successfully.
267
Configuring Controller Settings
Configure Services Commands
no temp-block-auth-failed-client
To allow wireless clients that repeatedly fail to authenticate with APs to continue their
authentication attempt, use the following command:
no temp-block-auth-failed-client
Syntax Description
no temp-block-auth-failed-client Allow wireless clients that repeatedly fail to
authenticate with AP to continue their
authentication attempt
Defaults
None
Example
ruckus(config-services)# no temp-block-auth-failed-client
The command was executed successfully.
background-scan
To enable background scanning and configure the scan interval, use the following
command:
background-scan [radio-2.4-interval|radio-5-interval] <NUMBER>
Syntax Description
background-scan
Enable background scanning and configure the
scan interval
radio-2.4-interval
Configure background scanning interval for the
2.4 GHz radio
radio-5-interval
Configure background scanning interval for
theGHz radio
<NUMBER>
Perform background scan at this interval (in
seconds)
Defaults
20 seconds
Example
ruckus(config-services)# background-scan radio-2.4-interval 6
The command was executed successfully.
no background-scan
To disable background scanning on the 2.4GHz radio, use the following command:
no background-scan [radio-2.4|radio-5]
268
Configuring Controller Settings
Configure Services Commands
Syntax Description
no background-scan
Disable background scanning
radio-2.4
Disable background scanning on the 2.4GHz
radio
radio-5
Disable background scanning on the 5GHz radio
Defaults
None
Example
ruckus(config-services)#
The command was executed
ruckus(config-services)#
The command was executed
no background-scan radio-2.4
successfully.
no background-scan radio-5
successfully.
rogue-report
To enable recording of detected rogue devices in the Event logs, use the following
command:
rogue-report
Syntax Description
rogue-report
Enable recording of detected rogue devices in the
Event logs
Defaults
None
Example
ruckus(config-services)# rogue-report
The command was executed successfully.
no rogue-report
To disable recording of detected rogue devices in the Event logs, use the following
command:
no rogue-report
Syntax Description
no rogue-report
Disable recording of detected rogue devices in
the Event logs
Defaults
None
Example
ruckus(config-services)# no rogue-report
269
Configuring Controller Settings
Configure Services Commands
The command was executed successfully.
rogue-dhcp-detection
To enable recording of detected rogue DHCP servers in the Event logs, use the
following command:
rogue-dhcp-detection
Syntax Description
rogue-dhcp-detection
Enable recording of detected rogue DHCP
servers in the Event logs
Defaults
None
Example
ruckus(config-services)# rogue-dhcp-detection
The command was executed successfully.
no rogue-dhcp-detection
To disable recording of detected rogue DHCP servers in the Event logs, use the
following command:
no rogue-dhcp-detection
Syntax Description
no rogue-dhcp-detection
Disable recording of detected rogue DHCP
servers in the Event logs
Defaults
None
Example
ruckus(config-services)# no rogue-dhcp-detection
The command was executed successfully.
aeroscout-detection
To enable detection of AeroScout RFID Tags by APs that are managed by ZoneDirertor, use the following command:
aeroscout-detection
Syntax Description
Defaults
aeroscout-detection
Enable detection of AeroScout RFID Tags by APs
None
270
Configuring Controller Settings
Configure Services Commands
Example
ruckus(config-services)# aeroscout-detection
The command was executed successfully.
no aeroscout-detection
To disable detection of AeroScout RFID Tags by APs that are managed by ZoneDirertor, use the following command:
no aeroscout-detection
Syntax Description
no aeroscout-detection
Disable detection of AeroScout RFID Tags by APs
Defaults
None
Example
ruckus(config-services)# no aeroscout-detection
The command was executed successfully.
tunnel-enc
To enable tunnel encryption for tunneled traffic, use the following command:
tunnel-enc
Defaults
Disabled
Example
ruckus(config-services)# tunnel-enc
The command was executed successfully.
no tunnel-enc
To diable tunnel encryption for tunneled traffic, use the following command:
no tunnel-enc
Defaults
Disabled
Example
ruckus(config-services)# no tunnel-enc
The command was executed successfully.
271
4
Using Debug Commands
In This Chapter
Debug Commands Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
General Debug Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Accessing a Remote AP CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Working with Debug Logs and Log Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Remote Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
AP Core Dump Collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Script Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
273
273
276
281
283
296
296
298
272
Using Debug Commands
Debug Commands Overview
Debug Commands Overview
This section describes the commands that you can use to debug ZoneDirector,
connected APs, WLANs, clients and log settings. From the priveleged commands
context, type debug to enter the debug context. To show a list of commands available
from within the debug context, type help or ?.
General Debug Commands
The following section describes general debug commands can be executed from
within the debug context.
quit
Exits the debug context without saving changes.
fw_upgrade
To upgrade the controller's firmware, use the following command:
fw_upgrade <protocol>://<server ip|server name>/<path/image
name> [-f]
fw_upgrade OPTIONS
Syntax Description
fw_upgrade
Upgrade the controller’s firmware
<protocol>
Protocol for image transfer (FTP, TFTP, HTTP, KERMIT)
<OPTIONS>
-p: protocol
-s: server IP address or name
-n: image name with path on the server
-f: non-verbose mode
-h: fw_upgrade help message
Defaults
None.
Example
ruckus# debug
ruckus(debug)# fw_upgrade ftp://<user>:<password>@<server ip>/
<image file>
delete-station
To deauthorize the station with the specified MAC address, use the following
command.
273
Using Debug Commands
General Debug Commands
delete-station <MAC>
Syntax Description
delete-station
Delete the station with the specified MAC address
<MAC>
The MAC address of the station that will be deleted
Defaults
None.
Example
ruckus# debug
ruckus(debug)# delete-station 00:10:77:01:00:01
The command was executed successfully.
restart-ap
To restart the device with the specified MAC address, use the restart ap command.
restart-ap <MAC>
Syntax Description
restart-ap
Restart the device with the specified MAC address
<MAC>
The MAC address of the device to be restarted
Defaults
None.
Example
ruckus# debug
ruckus(debug)# restart-ap 00:13:92:EA:43:01
The command was executed successfully.
wlaninfo
Configures and enables debugging of WLAN service settings.
wlaninfo <OPTIONS>
Syntax Description
Defaults
wlaninfo
Enable logging of WLAN info
<OPTIONS>
Configure WLAN debug information options
None.
274
Using Debug Commands
General Debug Commands
Example
ruckus(debug)# wlaninfo -x
wlaninfo -x
ruckus(debug)#
save_debug_info
Saves debug information.
save_debug_info <IP-ADDR> <FILE-NAME>
Syntax Description
save_debug_info
Save debug log file
<IP-ADDR>
The destination IP address
<FILE-NAME>
The destination file name
Defaults
None.
Example
ruckus(debug)# save_debug_info 192.168.0.1 log.log
Creating debug info file ...
Done
Sending debug info file to "log.log@192.168.0.1" ...
tftp: timeout after 12 retries
Failed. Error Reason: 1
save_debug_info 192.168.0.1 log.log
ruckus(debug)#
save-config
Upload the configuration file to the designated TFTP site.
save-config <IP-ADDR> <FILE-NAME>
Syntax Description
save-config
Upload the configuration file
<IP-ADDR>
The destination IP address
<FILE-NAME>
The destination file name
Defaults
None.
Example
ruckus(debug)# save-config 192.168.0.1 config
Creating backup config file
275
Using Debug Commands
Show Commands
Done
Uploading backup config file
Failed to execute TFTP command. Operation failedruckus(debug)#
Show Commands
This section describes the show commands available within the debug context.
show ap
Displays a list of all approved devices.
show ap
Syntax Description
show ap
Display a list of all approved APs
Defaults
None.
Example
ruckus(debug)# show ap
AP:
ID:
1:
MAC Address= 04:4f:aa:0d:b1:00
Model= zf7962
Approved= Yes
Device Name= 7962-MAP
Description= 7962 MAP (Living Room)
Location= sunnyvale-office
GPS= 37.35432,-122.230203
Group Name= System Default
Radio a/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
5.8GHz Channels = Disabled
Tx. Power= Auto
WLAN Group Name= Default
Radio b/g/n:
Channelization= Auto
Channel= Auto
WLAN Services enabled= Yes
276
Using Debug Commands
Show Commands
5.8GHz Channels = Disabled
Tx. Power= Auto
WLAN Group Name= Default
Override global ap-model port configuration= No
Network Setting:
Protocol mode= IPv4 and IPv6
Device IP Settings= Keep AP's Setting
IP Type= DHCP
IP Address= 192.168.11.6
Netmask= 255.255.255.0
Gateway= 192.168.11.1
Primary DNS Server=
Secondary DNS Server=
Device IPv6 Settings= Keep AP's Setting
IPv6 Type= Auto Configuration
IPv6 Address= fc00::1
IPv6 Prefix Length= 7
IPv6 Gateway=
IPv6 Primary DNS Server=
IPv6 Secondary DNS Server=
Mesh:
Status= Enabled
Mode= Auto
Uplink:
Status= Smart
2:
MAC Address= 00:24:83:3f:14:60
Model= zf7363
Approved= Yes
show station
Displays a list of all connected stations (or clients).
show station
Syntax Description
show station
Defaults
Show all connected stations
None.
277
Using Debug Commands
Show Commands
Example
ruckus(debug)# show station
Clients List:
Client:
MAC Address= 6c:62:6d:1b:e3:00
User Name=
IP Address= 192.168.11.11
IPv6 Address=
Access Point= 04:4f:aa:0c:b1:00
WLAN= Ruckus1
Channel= 1
Signal (dB)= 53
Client:
MAC Address= 00:22:fb:ad:1b:2e
User Name=
IP Address= 192.168.11.7
IPv6 Address=
Access Point= 04:4f:aa:0c:b1:00
WLAN= Ruckus1
Channel= 165
Signal (dB)= 42
ruckus(debug)#
show logs
Displays a list of debug log components.
show logs
Syntax Description
show logs
Display debug log components
Defaults
None.
Example
ruckus(debug)# show logs
Debug Logs:
All= Enabled
Sys-mgmt= Enabled
Mesh= Enabled
Web-auth= Enabled
Rf-mgmt= Enabled
Radius= Enabled
Hotspot-srv= Enabled
Aps= Enabled
Net-mgmt= Enabled
278
Using Debug Commands
Show Commands
802.1x= Enabled
Web-svr= Enabled
802.11= Enabled
Dvlan= Enabled
Smart-redundancy= Enabled
Debug logs of specified MAC address:
Status= Disabled
ruckus(debug)#
show remote-troubleshooting
Shows remote-troubleshooting status.
show remote-troubleshooting
Syntax Description
show remotetroubleshooting
Display remote troubleshooting status
Defaults
None.
Example
ruckus(debug)# show remote-troubleshooting
Ruckus CA troubleshooting is stopped!
The server addr is: None
ruckus(debug)#
ps
Displays information about all processes that are running (ps -aux).
ps
Syntax Description
ps
Defaults
None.
Example
ruckus(debug)# ps
PID PPID USER
1
0 ruckus
2
1 ruckus
Display a list of all running processes
VSZ STAT COMMAND
1200 S
init
0 SWN [ksoftirqd/0]
279
Using Debug Commands
Show Commands
3
1 ruckus
4
1 ruckus
5
1 ruckus
6
1 ruckus
7
6 ruckus
8
6 ruckus
9
6 ruckus
10
6 ruckus
12
6 ruckus
11
1 ruckus
13
1 ruckus
14
6 ruckus
15
6 ruckus
17
6 ruckus
18
1 ruckus
29
6 ruckus
104
1 ruckus
airespider-images
110
1 ruckus
242
1 ruckus
243
1 ruckus
246
1 ruckus
260
1 ruckus
266
260 ruckus
267
266 ruckus
268
266 ruckus
269
1 ruckus
277
269 ruckus
278
277 ruckus
299
1 ruckus
316
299 ruckus
317
316 ruckus
318
316 ruckus
322
1 ruckus
-r /etc/air
328
1 ruckus
329
1 ruckus
331
1 ruckus
332
1 ruckus
333
1 ruckus
334
328 ruckus
335
329 ruckus
347
1 ruckus
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
956
SW
SW<
SW<
SW<
SW<
SW<
SW
SW
SW<
SW
SW
SW<
SW<
SW<
SW
SW<
S
[watchdog/0]
[events/0]
[khelper]
[kthread]
[kblockd/0]
[khubd]
[pdflush]
[pdflush]
[aio/0]
[kswapd0]
[mtdblockd]
[scsi_eh_0]
[usb-storage]
[V54_bodygard/0]
[pktgen/0]
[reiserfs/0]
/usr/sbin/in.tftpd -l -s /etc/
660 S
/bin/wd_feeder
2572 S
/bin/emf_repo_flashsync monitor 15
944 S
ttylogd
0 SW< [uif-246]
14492 S
stamgr -d3 -t0
14492 S
stamgr -d3 -t0
14492 S < stamgr -d3 -t0
14492 S
stamgr -d3 -t0
2268 S
apmgr
2268 S
apmgr
2268 S < apmgr
19564 S
emfd
19564 S
emfd
19564 S
emfd
19564 S
emfd
1108 S
/usr/sbin/dropbear -e /bin/login.sh
1188
1188
676
1140
1100
856
680
808
S
S
S
S <
S <
S
S
S
/bin/sh /bin/login.sh
/bin/sh /bin/tacmon.sh
/bin/rhttpd
/bin/zapd
/bin/clusterD
/bin/login
/bin/tacmon -i 30 -r 15
/bin/tsyslogd -r -h -n --rotate=7
280
Using Debug Commands
Accessing a Remote AP CLI
368
277 ruckus
369
277 ruckus
572
1 ruckus
run/udhcpp.p
580
316 ruckus
612
316 ruckus
616
316 ruckus
622
316 ruckus
624
299 ruckus
625
316 ruckus
637
624 ruckus
638
637 ruckus
639
637 ruckus
640
637 ruckus
641
637 ruckus
642
637 ruckus
655
637 ruckus
656
637 ruckus
20503
316 ruckus
30679
1 ruckus
10220
322 ruckus
-r /etc/air
10221 10220 ruckus
10222 10221 ruckus
10223 10222 ruckus
10426 10223 ruckus
10427 10426 ruckus
ruckus(debug)#
2268 S < apmgr
2268 S < apmgr
1184 S
/sbin/udhcpp -i br0 --pidfile=/var/
19564 S
19564 S
19564 S
19564 S
6132 S
19564 S
6132 S
6132 S
6132 S
6132 S
6132 S
6132 S
6132 S
6132 S
19564 S
2672 S
1184 S
1188
856
7972
1188
1188
S
S
S
S
R
emfd
emfd
emfd
emfd
< webs &
emfd
webs &
< webs &
< webs &
< webs &
< webs &
webs &
< webs &
< webs &
emfd
/usr/sbin/vsftpd /etc/vsftpd2.conf
/usr/sbin/dropbear -e /bin/login.sh
/bin/sh /bin/login.sh
/bin/login
ruckus_cli2
sh -c /bin/ps -aux
/bin/ps -aux
Accessing a Remote AP CLI
The following command is used to access the command line interface of a connected
AP and execute AP CLI commands from ZoneDirector. Configuration changes made
through the AP CLI may be overwritten by ZoneDirector settings if the AP is restarted
or reconnects to ZoneDirector.
remote_ap_cli
Use the remote_ap_cli command to access an AP remotely and execute AP CLI
commands.
remote_ap_cli [-q] {-a ap_mac | -A } "cmd arg1 arg2 .."
281
Using Debug Commands
Accessing a Remote AP CLI
Syntax Description
remote_ap_cli
Execute CLI commands in a remote AP
-q
Do not display results
-a
Specify AP by MAC address
ap_mac
The AP’s MAC address
-A
All connected APs
cmd
AP CLI command
arg
AP CLI command argument
Defaults
None.
Example
ruckus(debug)# remote_ap_cli -A get director
---- Command 'rkscli -c "get director "' executed at
04:4f:aa:0c:b1:00
------ ZoneDirector Info -----Primary Controller
: n/a
Secondary Controller : n/a
DHCP Opt43 Code
: 3
The information of the most recent Zone Director:
[1] 192.168.11.100
AP is under management of ZoneDirector: 192.168.11.100 / :: /
00:13:11:01:01:01,
Currently AP is in state: RUN
---- Command 'rkscli -c "get director "' executed at
00:24:82:3f:14:60
------ ZoneDirector Info -----Primary Controller
: n/a
Secondary Controller : n/a
DHCP Opt43 Code
: 3
The information of the most recent Zone Director:
[1] 192.168.11.100
AP is under management of ZoneDirector: 192.168.11.100 / :: /
00:13:11:01:01:01,
Currently AP is in state: RUN
---- Command Execution Summary:
success: 2
failure: 0
282
Using Debug Commands
Working with Debug Logs and Log Settings
total: 2
remote_ap_cli -A get director
ruckus(debug)#
Working with Debug Logs and Log Settings
This section describes the commands that you can use to configure and review
ZoneDirector debug logs.
logs all
Enables debug logs of all debug components.
Syntax Description
logs all
Enable logging of all debug components
Defaults
None.
Example
ruckus(debug)# logs all
The command was executed successfully.
ruckus(debug)# show logs
Debug Logs:
All= Enabled
Sys-mgmt= Enabled
Mesh= Enabled
Web-auth= Enabled
Rf-mgmt= Enabled
Radius= Enabled
Hotspot-srv= Enabled
Aps= Enabled
Net-mgmt= Enabled
802.1x= Enabled
Web-svr= Enabled
802.11= Enabled
Dvlan= Enabled
Smart-redundancy= Enabled
Debug logs of specified MAC address:
Status= Disabled
ruckus(debug)#
283
Using Debug Commands
Working with Debug Logs and Log Settings
logs comp sys-mgmt
Enables debug logs of system management components.
Syntax Description
logs
Enable debug logs
comp sys-mgmt
Component system management
Defaults
None.
Example
ruckus(debug)# logs comp sys-mgmt
The command was executed successfully.
ruckus(debug)# show logs
Debug Logs:
All= Disabled
Sys-mgmt= Enabled
Mesh= Disabled
Web-auth= Disabled
Rf-mgmt= Disabled
Radius= Disabled
Hotspot-srv= Disabled
Aps= Disabled
Net-mgmt= Disabled
802.1x= Disabled
Web-svr= Disabled
802.11= Disabled
Dvlan= Disabled
Smart-redundancy= Disabled
Debug logs of specified MAC address:
Status= Disabled
ruckus(debug)#
logs comp mesh
Enables debug logs of mesh components.
Syntax Description
Defaults
logs
Enable debug logs
comp mesh
Component mesh
None.
284
Using Debug Commands
Working with Debug Logs and Log Settings
Example
ruckus(debug)# logs comp mesh
The command was executed successfully.
ruckus(debug)#
logs comp web-auth
Enables debug logs of web authentication components.
Syntax Description
logs
Enable debug logs
comp web-auth
Component web auth
Defaults
None.
Example
ruckus(debug)# logs comp web-auth
The command was executed successfully.
ruckus(debug)#
logs comp rf-mgmt
Enables debug logs of RF management components.
Syntax Description
logs
Enable debug logs
comp rf-mgmt
Component RF management
Defaults
None.
Example
ruckus(debug)# logs comp rf-mgmt
The command was executed successfully.
ruckus(debug)#
logs comp radius
Enables debug logs of radius components.
Syntax Description
logs
Enable debug logs
285
Using Debug Commands
Working with Debug Logs and Log Settings
comp radius
Component RADIUS
Defaults
None.
Example
ruckus(debug)# logs comp radius
The command was executed successfully.
ruckus(debug)#
logs comp hotspot-srv
Enables debug logs of hotspot services components.
Syntax Description
logs
Enable debug logs
comp hotspot-srv
Component Hotspot services
Defaults
None.
Example
ruckus(debug)# logs comp hotspot-srv
The command was executed successfully.
ruckus(debug)#
logs comp aps
Enables debug logs of AP components.
Syntax Description
logs
Enable debug logs
comp aps
Component APs
Defaults
None.
Example
ruckus(debug)# logs comp aps
The command was executed successfully.
ruckus(debug)#
logs comp net-mgmt
Enables debug logs of network management components.
286
Using Debug Commands
Working with Debug Logs and Log Settings
Syntax Description
logs
Enable debug logs
comp net-mgmt
Component network management
Defaults
None.
Example
ruckus(debug)# logs comp net-mgmt
The command was executed successfully.
ruckus(debug)#
logs comp 802.1x
Enables debug logs of 802.1x components.
Syntax Description
logs
Enable debug logs
comp 802.1x
Component 802.1x
Defaults
None.
Example
ruckus(debug)# logs comp 802.1x
The command was executed successfully.
ruckus(debug)#
logs comp web-svr
Enables debug logs of web server components.
Syntax Description
logs
Enable debug logs
comp web-svr
Component Web server
Defaults
None.
Example
ruckus(debug)# logs comp web-svr
The command was executed successfully.
ruckus(debug)#
287
Using Debug Commands
Working with Debug Logs and Log Settings
logs comp 802.11
Enables debug logs of 802.11 components.
Syntax Description
logs
Enable debug logs
comp 802.11
Component 802.11
Defaults
None.
Example
ruckus(debug)# logs comp 802.11
The command was executed successfully.
ruckus(debug)#
logs comp dvlan
Enables debug logs of dynamic VLAN components.
Syntax Description
logs
Enable debug logs
comp dvlan
Component dynamic VLAN
Defaults
None.
Example
ruckus(debug)# logs comp dvlan
The command was executed successfully.
ruckus(debug)#
logs comp smart-redundancy
Enables debug logs of smart redundancy components.
Syntax Description
Defaults
logs
Enable debug logs
comp smartredundancy
Component Smart Redundancy
None.
288
Using Debug Commands
Working with Debug Logs and Log Settings
Example
ruckus(debug)# logs comp smart-redundancy
The command was executed successfully.
ruckus(debug)#
logs mac
Enables and sets filter running logs based on specified mac address.
logs mac <MAC>
Syntax Description
logs
Enable debug logs
mac
Filter logs by specific MAC address
<MAC>
The MAC address of the device to be filtered
Defaults
None.
Example
ruckus(debug)# logs mac 04:4f:aa:0c:b1:00
The command was executed successfully.
ruckus(debug)#
logs play
Starts displaying logs on console.
Syntax Description
logs
Enable debug logs
play
Start log play
Defaults
None.
Example
ruckus(debug)# logs play
ruckus(debug)# [Feb 15 05:53:30][EMFD][debug]jobServiceFunc():Executing job[user auth attempt_hash_autoexpire] at
1329285210...
[Feb 15 05:53:30][EMFD][debug]jobServiceFunc():Executing job at
1329285210...Done
[Feb 15 05:53:30][EMFD][debug]jobServiceFunc():Executing
job[station auth attempt_hash_autoexpire] at 1329285210...
[Feb 15 05:53:30][EMFD][debug]jobServiceFunc():Executing job at
1329285210...Done
289
Using Debug Commands
Working with Debug Logs and Log Settings
[Feb 15 05:53:33][STAMgr][debug]acsrvc_thread():ACSRVC rcv AP
04:4f:aa:0c:b1:00, IP= 192.168.11.6, IPv6=fc00::1
...
...
ruckus(debug)# no logs play
ruckus(debug)#
no logs all
Disables debug logs of all debug components.
Syntax Description
no logs
Disable debug logs
all
Disable all log components
Defaults
None.
Example
ruckus(debug)# no logs all
The command was executed successfully.
ruckus(debug)#
no logs comp sys-mgmt
Disables debug logs of system management components.
Syntax Description
no logs
Disable debug logs
comp sys-mgmt
Component system management
Defaults
None.
Example
ruckus(debug)# no logs comp sys-mgmt
The command was executed successfully.
ruckus(debug)#
no logs comp mesh
Disables debug logs of mesh components.
290
Using Debug Commands
Working with Debug Logs and Log Settings
Syntax Description
no logs
Disable debug logs
comp mesh
Component Mesh
Defaults
None.
Example
ruckus(debug)# no logs comp mesh
The command was executed successfully.
ruckus(debug)#
no logs comp web-auth
Disables debug logs of web authentication components.
Syntax Description
no logs
Disable debug logs
comp web-auth
Component Web authentication
Defaults
None.
Example
ruckus(debug)# no logs comp web-auth
The command was executed successfully.
ruckus(debug)#
no logs comp rf-mgmt
Disables debug logs of RF management components.
Syntax Description
no logs
Disable debug logs
comp rf-mgmt
Component RF management
Defaults
None.
Example
ruckus(debug)# no logs comp rf-mgmt
The command was executed successfully.
ruckus(debug)#
291
Using Debug Commands
Working with Debug Logs and Log Settings
no logs comp radius
Disables debug logs of radius components.
Syntax Description
no logs
Disable debug logs
comp radius
Component RADIUS
Defaults
None.
Example
ruckus(debug)# no logs comp radius
The command was executed successfully.
ruckus(debug)#
no logs comp hotspot-srv
Disables debug logs of hotspot services components.
Syntax Description
no logs
Disable debug logs
comp hotspot-srv
Component Hotspot services
Defaults
None.
Example
ruckus(debug)# no logs comp hotspot-srv
The command was executed successfully.
ruckus(debug)#
no logs comp aps
Disables debug logs of access points components.
Syntax Description
no logs
Disable debug logs
comp aps
Component APs
Defaults
None.
Example
ruckus(debug)# no logs comp aps
The command was executed successfully.
ruckus(debug)#
292
Using Debug Commands
Working with Debug Logs and Log Settings
no logs comp net-mgmt
Disables debug logs of network management components.
Syntax Description
no logs
Disable debug logs
comp net-mgmt
Component network management
Defaults
None.
Example
ruckus(debug)# no logs comp net-mgmt
The command was executed successfully.
ruckus(debug)#
no logs comp 802.1x
Disables debug logs of 802.1x components.
Syntax Description
no logs
Disable debug logs
comp 802.1x
Component 802.1x
Defaults
None.
Example
ruckus(debug)# no logs comp 802.1x
The command was executed successfully.
ruckus(debug)#
no logs comp web-svr
Disables debug logs of web server components.
Syntax Description
no logs
Disable debug logs
comp web-svr
Component Web server
Defaults
None.
Example
ruckus(debug)# no logs comp web-svr
The command was executed successfully.
ruckus(debug)#
293
Using Debug Commands
Working with Debug Logs and Log Settings
no logs comp 802.11
Disables debug logs of 802.11 components.
Syntax Description
no logs
Disable debug logs
comp 802.11
Component 802.11
Defaults
None.
Example
ruckus(debug)# no logs comp 802.11
The command was executed successfully.
ruckus(debug)#
no logs comp dvlan
Disables debug logs of dynamic vlan components.
Syntax Description
no logs
Disable debug logs
comp dvlan
Component DVLAN
Defaults
None.
Example
ruckus(debug)# no logs comp dvlan
The command was executed successfully.
ruckus(debug)#
no logs comp smart-redundancy
Disables debug logs of smart redundancy components.
Syntax Description
no logs
Disable debug logs
comp smartredundancy
Component Smart Redundancy
Defaults
None.
Example
ruckus(debug)# no logs comp smart-redundancy
The command was executed successfully.
ruckus(debug)#
294
Using Debug Commands
Working with Debug Logs and Log Settings
no logs mac
Disables MAC address filtering on running logs.
Syntax Description
no logs
Disable debug logs
mac
Filter by MAC address
Defaults
None.
Example
ruckus(debug)# no logs mac
The command was executed successfully.
ruckus(debug)#
no logs play
Stops displaying logs on console.
Syntax Description
no logs
Disable debug logs
play
Stop log play
Defaults
None.
Example
rruckus(debug)# logs play
ruckus(debug)# [Feb 15 05:53:30][EMFD][debug]jobServiceFunc():Executing job[user auth attempt_hash_autoexpire] at
1329285210...
[Feb 15 05:53:30][EMFD][debug]jobServiceFunc():Executing job at
1329285210...Done
[Feb 15 05:53:30][EMFD][debug]jobServiceFunc():Executing
job[station auth attempt_hash_autoexpire] at 1329285210...
[Feb 15 05:53:30][EMFD][debug]jobServiceFunc():Executing job at
1329285210...Done
[Feb 15 05:53:33][STAMgr][debug]acsrvc_thread():ACSRVC rcv AP
04:4f:aa:0c:b1:00, IP= 192.168.11.6, IPv6=fc00::1
...
...
ruckus(debug)# no logs play
ruckus(debug)#
295
Using Debug Commands
Remote Troubleshooting
Remote Troubleshooting
This section describes remote troubleshooting commands.
remote-troubleshooting start
Enables remote troubleshooting.
Syntax Description
remotetroubleshooting
Remote troubleshooting
start
Start remote troubleshooting
Defaults
None.
Example
ruckus(debug)# remote-troubleshooting start
ruckus(debug)#
remote-troubleshooting stop
Disables remote troubleshooting.
Syntax Description
remotetroubleshooting
Remote troubleshooting
stop
Stop remote troubleshooting
Defaults
None.
Example
ruckus(debug)# remote-troubleshooting stop
ruckus(debug)#
AP Core Dump Collection
This section lists the AP core dump commands.
296
Using Debug Commands
AP Core Dump Collection
collect_ap_coredump
Enable AP core dump collection.
collect_ap_coredump [all|<MAC>]
Syntax Description
collect_ap_coredu Collect AP core dump
pm
all
Collect core dump from all connected APs
<MAC>
Specific AP MAC address
Defaults
None.
Example
ruckus(debug)# collect_ap_coredump all
---- Command 'apmgrinfo --coredump y ' executed at 04:4f:aa:0c:b1:00
start reporting coredump to ZD!
---- Command 'apmgrinfo --coredump y ' executed at 00:24:82:3f:14:60
start reporting coredump to ZD!
---- Command Execution Summary:
success: 2
failure: 0
total: 2
rm: cannot remove '/etc/airespider-images/firmwares/ap-dump/*': No
such file or directory
sh: codump_server: not found
start collecting AP's coredump !
ok
ruckus(debug)#
no collect_ap_coredump
Disable AP core dump collection.
Syntax Description
no
Stop collecting AP core dump
collect_ap_coredu
mp
Defaults
None.
Example
ruckus(debug)# no collect_ap_coredump all
---- Command 'apmgrinfo --coredump n ' executed at 04:4f:aa:0c:b1:00
stop reporting coredump to ZD!
297
Using Debug Commands
Script Execution
---- Command 'apmgrinfo --coredump n ' executed at 00:24:82:3f:14:60
stop reporting coredump to ZD!
---- Command Execution Summary:
success: 2
failure: 0
total: 2
rm: cannot remove '/etc/airespider-images/firmwares/ap-dump/*': No
such file or directory
stop collecting AP's coredump !
ok
ruckus(debug)#
Script Execution
This section lists the commands that can be executed from the script context. The
script context must be entered from the debug context.
script
Enters the script context from the debug context. You must first enter the script
context before executing a script.
script
Syntax Description
script
Enter the script context
Defaults
None.
Example
ruckus(debug)# script
ruckus(script)#
quit
Exit the script context.
quit
Syntax Description
Defaults
quit
Exit the script context
None.
298
Using Debug Commands
Script Execution
Example
ruckus(script)# quit
ruckus(debug)#
list
List all available scripts.
list
Syntax Description
List all available scripts
list
Defaults
None.
Example
ruckus(script)# list -a
Index
Scripts
1
.version.sh
ruckus(script)#
info
Display script help file
info
Syntax Description
info
Display script information
Defaults
None.
Example
ruckus(script)# info
info <file>
ruckus(script)#
exec
Execute script.
exec <file> {parameter}
Syntax Description
exec
Excecute the script
299
Using Debug Commands
Script Execution
Defaults
None.
Example
ruckus(script)# exec
exec <file> {parameter}
ruckus(script)#
300
Index
A
aaa, 61
aaa all, 11
aaa name, 12
abort, 105, 126, 134, 158, 204, 209, 216, 220,
232, 253
access control l2, 201
access control l3, 202
acct-server, 189, 238
acct-server interim-update, 190, 238
acl, 119, 199
acl abort, 120
acl end, 120, 126
acl exit, 121
acl name, 121
acl quit, 121, 127
active-wired-client, 54
act-threshold, 136
add mac, 122
ad-global-catalog, 66
adj-threshold, 135
admin, 72
admin show, 75
admin-dn, 67
admin-password, 67
aeroscout-detection, 270
alarm, 52, 252
ap all, 13
ap devname, 16
ap mac, 17, 21
ap-auto-approve, 95
ap-group, 100
ap-group all, 19
ap-group name, 21
ap-load-balancing, 98
ap-management-vlan, 94
ap-max-clients, 97
ap-policy, 22, 93
authentication guest-pass, 222
auth-method, 62
auth-server, 74, 223
auth-server local, 237
auth-server name, 237
auto-adjust-ap-channel, 265
auto-adjust-ap-power, 264
auto-proxy, 195
B
background-scan, 268
backup, 69
backup-ip-addr, 70
backup-radius-secret, 70
beacon-interval, 165, 251
bgscan, 184
bss-minrate, 193
C
cband-channels, 84
channelfly, 265
client-isolation, 185, 239
collect_ap_coredump, 297
config wlan dot1x authentication encryption wpa2 algorithm TKIP auth-server,
181
contact, 148
country code, 138
creating a WLAN, 207
current-active-clients, 45
D
delete station, 274
description, 77, 101, 122, 128, 131, 164, 206,
211
destination address, 132
destination port, 133
devname, 76
disabling NTP client, 143
301
disabling SNMP agent, 156–157
disabling SNMP traps, 157
displaying interface settings, 141
domain-name, 65
dot11-country-code, 138
dot1x, 111, 184
dot1x acctsvr, 91, 112
dot1x authentication encryption wep-64
auth-server, 183
dot1x authentication encryption wpa algorithm AES auth-server, 179
dot1x authentication encryption wpa algorithm TKIP auth-server, 179
dot1x authentication encryption wpa2 algorithm AES auth-server, 180
dot1x authsvr, 91, 111
dot1x eap-type EAP-SIM auth-server, 177
dot1x eap-type PEAP auth-server, 178
dot1x mac-auth-bypass, 91, 112
dot1x supplicant mac, 92, 113
dot1x supplicant password, 92, 113
dot1x supplicant username, 92, 112
dot1x wpa algorithm auto auth-server, 180
dot1x wpa2 algorithm auto auth-server,
181
dot1x wpa-mixed algorithm AES authserver, 182
dot1x wpa-mixed algorithm TKIP authserver, 182–183
dynamic-certs, 50
dynamic-psk enable, 197
dynamic-psk passphrase-len, 197
dynamic-psk-expiration, 163
dynamic-psks, 49
dynamic-vlan, 191
E
e-mail, 255
end, 105, 126, 130, 134, 158, 204, 210, 220,
232, 253
event, 258
events-activities, 51
exec, 299
exit, 106, 118, 127, 131, 134, 158, 205, 210,
221, 232, 253
F
fan-out-threshold, 251
flexmaster, 147
from, 255
ftp-anon, 143
fw_upgrade, 273
G
gateway, 139, 146–147
gps, 77
grace-period, 188, 236
group, 78
group-attributes, 212
guest-access, 220
guestpass-effective, 224
guest-passes, 50
guest-pass-generation, 214
H
hide ssid, 192
hops-warn-threshold, 250
hostname, 138
hotspot, 231
hotspot all, 40
hotspot name, 42
hotspot_redirect_https, 116
I
icmpv6-type, 243
import, 196
inactivity-timeout, 190
info, 299
interface, 139
internal-heater, 83
ip, 78
ip addr, 140, 146
IP address, 140
IP address mode, 141
ip enable, 139
ip mode, 140–141
ip name-server, 140
ip route gateway, 139
ip-addr, 63
ip-addr port, 64
302
ipv6, 79
ipv6 addr, 142, 147
ipv6 enable, 142
ipv6 mode, 142
ipv6 name-server, 142
ipv6 route gateway, 142
logs comp smart-redundancy, 288
logs comp sys-mgmt, 284
logs comp web-auth, 285
logs comp web-svr, 287
logs play, 289
lwapp-message-mtu, 98
K
M
key-attribute, 67
mac authentication encryption none authserver, 172
mac authentication encryption wep-128
key key-id auth-server, 176
mac authentication encryption wep-64 key
key-id auth-server, 176
mac authentication encryption wpa passphrase algorithm AES auth-server, 172
mac authentication encryption wpa passphrase algorithm TKIP auth-server, 173
mac authentication encryption wpa2 passphrase algorithm AES auth-server, 173
mac authentication encryption wpa2 passphrase algorithm TKIP auth-server, 174
mac wpa-mixed passphrase algorithm
AES auth-server, 174
mac wpa-mixed passphrase algorithm
TKIP auth-server, 175
max clients, 195
max-clients, 195
mesh, 247
mesh info, 48
mesh mode, 81
mesh topology, 48
mesh uplink-selection, 82
mgmt-acl, 152
mgmt-acl all, 28
mgmt-acl name, 28
mgmt-acl-ipv6, 153
mgmt-acl-ipv6 all, 28
mgmt-acl-ipv6 name, 29
mgmt-if, 145
mgmt-if-ipv6, 146
mgmt-tx-rate, 165
mode allow, 123, 129
mode deny, 123, 129
model, 103
model port-setting, 104
L
l2acl all, 36
l2acl name, 37
l3acl, 125
l3acl all, 38
l3acl name, 39
l3acl-ipv6, 125
l3acl-ipv6 all, 38
l3acl-ipv6 name, 39
lan, 87, 107
lan dot1x, 90
lan member, 109
lan number, 88–89
lan opt82, 90, 110
lan untag, 88, 109
lan uplink, 87, 108
license, 53
limited-zd-discovery, 95
limited-zd-discovery keep-ap-setting, 97
limited-zd-discovery prefer-primary-zd, 96
list, 299
load-balancing, 134, 185
location, 78, 149
location-id, 240
login-page, 234
logs all, 283
logs comp 802.11, 288
logs comp 802.1x, 287
logs comp aps, 286
logs comp dvlan, 288
logs comp hotspot-srv, 286
logs comp mesh, 284
logs comp net-mgmt, 286
logs comp radius, 285
logs comp rf-mgmt, 285
303
monitor ap mac, 55
monitor current-active-clients, 57
monitor sysinfo, 57
N
name, 72, 128, 159, 165, 205, 211, 234
name password, 73
nasid-type, 187
no aaa, 61
no acct-server, 190, 238
no acl, 119
no ad-global-catalog, 65
no admin, 214
no aeroscout-detection, 271
no ap, 76
no ap-auto-approve, 95
no ap-group, 100
no ap-load-balancing, 98
no ap-management-vlan, 94
no authentication, 221
no auth-server, 73
no auto-adjust-ap-channel, 265
no auto-adjust-ap-power, 264
no auto-proxy, 196
no background-scan, 268
no backup, 66
no bgscan, 184
no blocked-client, 116
no bss-minrate, 194
no channelfly, 266
no client-isolation, 185, 239
no collect_ap_coredump, 297
no detect-fanout, 251
no detect-hops, 250
no dynamic-psk, 198
no dynamic-vlan, 192
no event, 260
no flexmaster, 148
no ftp-anon, 143
no gateway, 146–147
no grace-period, 189, 236
no guest-pass-generation, 213
no hide ssid, 193
no hotspot, 231
no hotspot_redirect_https, 116
no ip, 142
no ipv6, 143
no l2acl, 198
no l3acl, 125, 198
no l3acl-ipv6, 198
no lan, 87, 107
no limited-zd-discovery, 96
no load-balancing, 186
no logs all, 290
no logs comp 802.11, 294
no logs comp 802.1x, 293
no logs comp aps, 292
no logs comp dvlan, 294
no logs comp hotspot-srv, 292
no logs comp mesh, 290
no logs comp net-mgmt, 293
no logs comp radius, 292
no logs comp rf-mgmt, 291
no logs comp smart-redundancy, 294
no logs comp sys-mgmt, 290
no logs comp web-auth, 291
no logs comp web-svr, 293
no logs mac, 295
no logs play, 295
no mac, 124
no mesh, 249
no mgmt-if, 145–146
no ntp, 143
no ofdm-only, 193
no option82, 195
no pap-authenticator, 187
no protect-excessive-wireless-request, 267
no qos, 154
no qos classification, 200
no qos directed-multicast, 200
no qos heuristics-udp, 200
no qos igmp-snooping, 201
no qos mld-snooping, 201
no qos tos-classification, 201
no rate-limit-downlink, 199
no rate-limit-uplink, 198
no restrict-access-order, 226, 241
no restrict-access-order-ipv6, 242
no rogue-dhcp-detection, 270
no rogue-report, 269
no role, 209
no rule-order, 129
304
no send eap-failure, 186
no session-timeout, 235
no snmp-agent, 156–157
no snmp-trap, 157
no specify-wlan-access, 212
no stp, 137
no syslog, 151
no temp-block-auth-failed-client, 268
no term-of-use, 222
no tls-smtp-encryption, 258
no tunnel mode, 194
no tunnel-enc, 271
no upnp, 162
no user, 216
no vlan, 142, 146–147, 191
no vlan-qos, 99
no walled-garden, 241
no web authentication, 188
no wlan-group, 203
no zero-it-activation, 197
O
ofdm-only, 193
open authentication encryption wep-128
key key-id, 171
open authentication encryption wep-64
key key-id, 171
open authentication encryption wpa passphrase {passphrase} algorithm AES, 167
open authentication encryption wpa passphrase {passphrase} algorithm auto,
168
open authentication encryption wpa passphrase {passphrase} algorithm TKIP,
167
open authentication encryption wpa passphrase algorithm AES, 167
open authentication encryption wpa passphrase algorithm TKIP, 167–168
open authentication encryption wpa2
passphrase algorithm AES, 168
open authentication encryption wpa2
passphrase algorithm TKIP, 169
open none, 166
open wpa-mixed passphrase algorithm
auto, 170
option82, 194
order, 131
P
pap-authenticator, 186
passphrase, 250
peer-addr, 145
pmk-cache, 196
poe-out, 83
port-setting, 84
protect-excessive-wireless-request, 266
protocol, 133
ps, 279
Q
qos, 153
qos classification, 200
qos directed-multicast, 200
qos directed-threshold, 201
qos heuristics-udp, 200
qos igmp-snooping, 200
qos mld-snooping, 201
qos priority, 201
quit, 106, 114, 127, 135, 159, 205, 211, 221,
233, 254, 273, 298
R
radio, 80, 102
radius-secret, 68
rate-limit-downlink, 199
rate-limit-uplink, 198
read-only community, 149
read-write community, 149
reconnect-primary-interval, 71
redirect, 223
re-generate-private-key, 115
remote_ap_cli, 281
remote-troubleshooting start, 296
remote-troubleshooting stop, 296
request-timeout, 71
restart-ap, 274
restore, 114
restrict-access-order, 226, 241
restrict-access-order-ipv6, 242
retry-count, 71
ro-community, 149
305
rogue-devices, 51
rogue-dhcp-detection, 270
rogue-report, 269
role, 209
role all, 43
role name, 43
ro-user, 150
rule-order, 130
rw-community, 149
rw-user, 150
S
save_debug_info, 275
save-config, 275
script, 298
search-filter, 68
secret, 145
send eap-failure, 186
session-timeout, 54, 236
shared authentication encryption wep-128
key key-id, 177
shared authentication encryption wep-64
key key-id, 177
show, 100, 106, 118, 127, 136, 141, 202, 224,
233, 254
show ap, 276
show logs, 278
show remote-troubleshooting, 279
show station, 277
smart-redundancy, 144
smtp-auth-name, 257
smtp-auth-password, 257
smtp-server-name, 256
smtp-server-port, 256
SNMP RO, 149
SNMP RW, 149
snmp-trap, 157
snmp-trap-format, 150
snmpv2, 148
snmpv2-trap, 150
snmpv3, 149
snmpv3-trap, 151
specify-wlan-access, 213
ssid, 164, 249
start-page, 235
static-route all, 30
static-route name, 30
static-route-ipv6 all, 30
static-route-ipv6 name, 30
status-leds, 82
stp, 137
strong-bypass, 136
support-kt, 148
sysinfo, 23
syslog, 152
syslog notifications, 151–152
syslog server address, 152
sysstats, 25
system, 138
T
techsupport, 26
temp-block-auth-failed-client time, 267
term-of-use, 222
test-alarm ap-lose-connection, 261
tls-smtp-encryption, 257
trap server, 157
tunnel mode, 194
tunnel-enc, 271
tunnel-mtu, 154
type, 166
type ad, 62
type allow, 132
type deny, 132
U
upnp, 161
user, 215
V
vlan, 142, 146–147, 191
vlan-qos, 99
W
walled-garden, 240
weak-bypass, 135
web authentication, 188
web-auth, 188
welcome-text, 224
wlan, 163, 207
306
wlan all, 31
WLAN description, 164
wlan name, 32
WLAN SSID, 164
wlan vlan override none, 207
wlan vlan override tag, 208
wlan vlan override untag, 208
wlan-allowed, 212
wlan-group, 203
wlan-group all, 35
wlan-group name, 36
wlaninfo, 274
Z
zero-it-activation, 196
zero-it-auth-server, 162
ZoneDirector
gateway, 139
IP address, 140
IP address mode, 141
name server, 140
307
308
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising