aaa attribute Operator-Name namespace-id {TADIG|REALM|E212|ICC}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
attribute |
Set attribute parameters for RADIUS Access-Request and Accounting-Request packets
|
Operator-Name |
Set the operator name of the RADIUS Access-Request and Accounting-Request packets (Note: The operator name contains the operator namespace ID and the operator name. The operator name is combined with the namespace ID to uniquely identify the owner of the access network.)
|
namespace-id |
Set the namespace ID parameter of the Operator-Name (Default: realm)
|
TADIG |
Set the Namespace-ID parameter to TADIG (Transferred Account Data Interchange Group; Note: TADIG namespaces include a country code and a company code, and are used in cellular telephone networks.)
|
REALM |
Set the Namespace-ID parameter to REALM (Note: Realm namespaces must be globally unique, so administrators commonly use device fully qualified domain name.)
|
E212 |
Set the Namespace-ID parameter to E212 (Note: The E.212 standard is defined in the ITU (International Telecommunication Union) standard. E.212 namespaces include a mobile country code and a mobile network code, and are used in cellular telephone networks.)
|
ICC |
Set the Namespace-ID parameter to ICC (ITU carrier code; Note: ICC namespaces consist of a country code and the carrier code, and are used in cellular telephone networks.)
|
aaa attribute user-profile-attribute vendor-id <number> attribute-id <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
attribute |
Set attribute parameters for RADIUS Access-Request and Accounting-Request packets
|
user-profile-attribute |
Map a RADIUS attribute to the user profile
|
vendor-id |
Set a vendor ID RADIUS attribute
|
<number> |
Enter the vendor ID number (Range: 1-65535; Note: Aerohive recommends a vendor ID of 26928, which identifies Aerohive as the vendor.)
|
attribute-id |
Set an ID for a private RADIUS attribute
|
<number> |
Enter the private RADIUS attribute ID number to be combined with the vendor ID number(Range: 1-255; Note: Aerohive recommends an attribute ID of 6, which corresponds to the user profile attribute.)
|
aaa ppsk-server radius-server {primary|backup1|backup2|backup3} <ip_addr|string> [ shared-secret <string> ] [ auth-port <number> ] [ via-vpn-tunnel ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
ppsk-server |
Set parameters for the local HiveAP when it is acting as a private PSK server
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
primary |
Set the RADIUS server that is first queried when authenticating users
|
backup1 |
Set the RADIUS server that is queried if the primary server stops responding
|
backup2 |
Set the RADIUS server that is queried if the backup1 server stops responding
|
backup3 |
Set the RADIUS server that is queried if the backup2 server stops responding
|
<ip_addr> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
<string> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
shared-secret |
Set the shared secret for authenticating communications with a RADIUS server
|
<string> |
Enter the shared secret for authenticating communications with a RADIUS server (1-64 chars)
|
auth-port |
Set the RADIUS authentication port number
|
<number> |
Enter the RADIUS authentication port number (Default: 1812; Range: 1-65535)
|
via-vpn-tunnel |
Send all RADIUS traffic through a VPN tunnel (Note: Set this option on VPN clients when the RADIUS server is in a different subnet from the tunnel interface. When they are in the same subnet, tunneling is automatic.)
|
aaa radius-server accounting {primary|backup1|backup2|backup3} <ip_addr|string> [ shared-secret <string> ] [ acct-port <number> ] [ via-vpn-tunnel ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
accounting |
Set parameters for a RADIUS accounting server
|
primary |
Set the RADIUS accounting server to which the HiveAP sends Accounting-Request packets first
|
backup1 |
Set the RADIUS accounting server to which the HiveAP sends Accounting-Request packets if the primary server does not respond
|
backup2 |
Set the RADIUS accounting server to which the HiveAP sends Accounting-Request packets if the backup1 server does not respond
|
backup3 |
Set the RADIUS accounting server to which the HiveAP sends Accounting-Request packets if the backup2 server does not respond
|
<ip_addr> |
Enter the IP address or domain name for the RADIUS accounting server (max 32 chars)
|
<string> |
Enter the IP address or domain name for the RADIUS accounting server (max 32 chars)
|
shared-secret |
Set the shared secret for securing communications with RADIUS accounting servers
|
<string> |
Enter the shared secret (1-64 chars; Note: The RADIUS shared secret is case sensitive and can contain spaces.)
|
acct-port |
Set the RADIUS accounting port number
|
<number> |
Enter the RADIUS accounting port number (Default: 1813; Range: 1-65535)
|
via-vpn-tunnel |
Send all RADIUS traffic through a VPN tunnel (Note: Set this option on VPN clients when the RADIUS server is in a different subnet from the tunnel interface. When they are in the same subnet, tunneling is automatic.)
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} computer-ou <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
computer-ou |
Set the OU (organizational unit) used on the Active Directory server where the AP RADIUS server admin has privileges to add the AP as a computer in the domain
|
<string> |
Enter the OU (Max: 256 chars; Format: ou/sub-ou/sub-ou; Note: If there are any spaces, enclose the entire string in quotation marks.)
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} domain <string> binddn <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the AD domain controller
|
<string> |
Enter the NetBOIS name of the domain (1-64 chars; Note: The domain name cannot contain multiple-level domains delimited by dots.)
|
binddn |
Set the bindDN (distinguished name) under which LDAP searches are done (Note: bindDN must be set if want to get attributes from AD server or want to check TLS username against LDAP server.)
|
<string> |
Enter the bindDN name (1-256 chars)
|
password |
Set the password which authenticate the bindDN
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} domain <string> fullname <string> [ default ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the AD domain controller
|
<string> |
Enter the NetBOIS name of the domain (1-64 chars; Note: The domain name cannot contain multiple-level domains delimited by dots.)
|
fullname |
Set the full DNS name of the domain to which the RADIUS server (local AP) and AD server both belong
|
<string> |
Enter the full DNS name of the domain (1-64 chars)
|
default |
Set the domain as the default domain, which will be added to the RADIUS request if no domain name appears in the request
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} domain <string> server <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the AD domain controller
|
<string> |
Enter the NetBOIS name of the domain (1-64 chars; Note: The domain name cannot contain multiple-level domains delimited by dots.)
|
server |
Set the IP address or resolvable domain name for the AD server (Note: The AD server is the same as the domain controller.)
|
<string> |
Enter the IP address or domain name (1-64 chars)
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} login admin-user <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
login |
Set admin user name and password that the local AP will use to access the AD server
|
admin-user |
Set the admin user name
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password which authenticate the login user
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} {server} <string> [ {via-vpn-tunnel} ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
server |
Set the IP address or resolvable domain name for the AD server
|
<string> |
Enter the IP address or domain name (1-64 chars)
|
via-vpn-tunnel |
Send all traffic from the AP RADIUS authentication server to the AD server through a VPN tunnel (Note: Set this option on VPN clients when the AD server is in a different subnet from the tunnel interface. When they are in the same subnet, tunneling is automatic.)
|
aaa radius-server local db-type active-directory {primary|backup1|backup2|backup3} {tls-enable|global-catalog}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
active-directory |
Set the user database on an AD (Active Directory) server
|
primary |
Set the AD server that is first queried when authenticating users
|
backup1 |
Set the AD server that is queried if the primary server stops responding
|
backup2 |
Set the AD server that is queried if the backup1 server stops responding
|
backup3 |
Set the AD server that is queried if the backup2 server stops responding
|
tls-enable |
Enable TLS authentication that the local AP, as an LDAP client, uses with the AD server (Default: Disabled)
|
global-catalog |
Set the AP to use TCP port 3268 when doing an LDAP search on an AD global catalog server (Default: Disabled)
|
aaa radius-server local db-type ldap-server sub-type edirectory acct-policy-check
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
sub-type |
Set the type of LDAP server
|
edirectory |
Set the user database on an eDirectory LDAP server
|
acct-policy-check |
Enable the Novell eDirectory account policy check and intruder detection for RADIUS users (Default: Disabled)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} basedn <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
basedn |
Set the base DN (distinguished name) where the user profiles are located in the LDAP tree structure
|
<string> |
Enter the base DN (1-256 chars; Note: If there are any spaces, enclose the whole string in quotation marks.)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} binddn <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
binddn |
Set the bind DN (distinguished name) under which LDAP searches are done
|
<string> |
Enter the bind DN (1-256 chars; Note: If there are any spaces, enclose the whole string in quotation marks.)
|
password |
Set the password which authenticate the bindDN
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} filter-attr <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
filter-attr |
Set the LDAP search filter to locate user objects using the name the client supplies during RADIUS authentication
|
<string> |
Enter the filter attribute used to search for the user (Default: "cn"; 1-32 chars)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} no-strip-filter
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
no-strip-filter |
Do not strip the realm name
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} port <number>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
port |
Set the destination port number for communicating with the LDAP server
|
<number> |
Enter the destination port number (Default: 389, 636 for LDAPS; Range: 1-65535)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} protocol {ldap|ldaps}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
protocol |
Set the protocol for communicating with the LDAP server
|
ldap |
Set LDAP as the protocol for communicating with the LDAP server (Default: LDAP)
|
ldaps |
Set LDAPS (Secure LDAP) as the protocol for communicating with the LDAP server (Default: LDAP)
|
aaa radius-server local db-type ldap-server {primary|backup1|backup2|backup3} {server} <string> [ {via-vpn-tunnel} ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
ldap-server |
Set the user database on an LDAP server
|
primary |
Set the LDAP server that is first queried when authenticating users
|
backup1 |
Set the LDAP server that is queried if the primary server stops responding
|
backup2 |
Set the LDAP server that is queried if the backup1 server stops responding
|
backup3 |
Set the LDAP server that is queried if the backup2 server stops responding
|
server |
Set the IP address or resolvable domain name for the LDAP server
|
<string> |
Enter the IP address or domain name (1-32 chars)
|
via-vpn-tunnel |
Send all traffic from the AP RADIUS authentication server to the LDAP server through a VPN tunnel(Note: Set this option on VPN clients when the LDAP server is in a different subnet from the tunnel interface. When they are in the same subnet, tunneling is automatic.)
|
aaa radius-server local db-type library-sip-server {primary} institution-id <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
institution-id |
Set institution ID that the local RADIUS server provides when exchanging messages with the library SIP server
|
<string> |
Enter the institution ID (1-64 chars)
|
aaa radius-server local db-type library-sip-server {primary} login-enable
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
login-enable |
Enable the AP, acting as a library SIP client, to log in when connecting to the library SIP server (Default: Disabled)
|
aaa radius-server local db-type library-sip-server {primary} login-user <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
login-user |
Set the user name that the local RADIUS server submits when logging in to the library SIP server
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password that the local AP RADIUS server submits when logging in to the library SIP server
|
<string> |
Enter the password (1-32 chars)
|
aaa radius-server local db-type library-sip-server {primary} port <port>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
port |
Set the library SIP server port number
|
<port> |
[1~65535]Enter the port number (Default: 6001; Range: 1-65535)
|
aaa radius-server local db-type library-sip-server {primary} separator <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
separator |
Set the character that the library SIP server uses to separate multiple field name + value entries
|
<string> |
Enter the separator (1 char; Default: '|')
|
aaa radius-server local db-type library-sip-server {primary} {server} <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
library-sip-server |
Set parameters for the local RADIUS server to communicate with a library SIP (Standard Interchange Protocol) server
|
primary |
Set the library SIP server that is first queried when authenticating users
|
server |
Set IP address or domain name of the library SIP server
|
<string> |
Enter the IP address or domain name (Domain name: 1-32 chars)
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} admin-user <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
admin-user |
Set the admin user name that the local AP uses when logging in to the OD server
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password that the local AP uses when logging in to the OD server
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} domain <string> binddn <string> password <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the OD domain controller
|
<string> |
Enter the name of the domain (1-64 chars)
|
binddn |
Set the bindDN (distinguished name) under which LDAP searches are done
|
<string> |
Enter the bindDN name (1-256 chars)
|
password |
Set the password which authenticate the bindDN
|
<string> |
Enter the password (1-64 chars)
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} domain <string> fullname <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
domain |
Set the domain name of the OD domain controller
|
<string> |
Enter the name of the domain (1-64 chars)
|
fullname |
Set the full DNS name of the OD domain server
|
<string> |
Enter the full DNS name of the domain (1-64 chars)
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} filter-attr <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
filter-attr |
Set the LDAP search filter to locate user objects using the name the client supplies during RADIUS authentication
|
<string> |
Enter the filter attribute used to search for the user (Default: "uid"; 1-32 chars)
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} no-strip-filter
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
no-strip-filter |
Do not strip the realm name
|
aaa radius-server local db-type open-directory {primary|backup1|backup2|backup3} tls-enable
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
db-type |
Set the type and location of the user database
|
open-directory |
Set the user database on an OD (Open Directory) server
|
primary |
Set the OD server that is first queried when authenticating users
|
backup1 |
Set the OD server that is queried if the primary server stops responding
|
backup2 |
Set the OD server that is queried if the backup1 server stops responding
|
backup3 |
Set the OD server that is queried if the backup2 server stops responding
|
tls-enable |
Enable TLS authentication that the local AP, as an LDAP client, uses with the OD server (Default: Disabled)
|
aaa radius-server local ldap-auth {primary|backup1|backup2|backup3} type tls ca-cert <string> [ client-cert <string> private-key <string> [ private-key-password <string> ] ] [ verify-server {never|try|demand} ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
ldap-auth |
Set the authentication method that the local AP, as an LDAP client, uses with the LDAP server
|
primary |
Set the authentication method for the first LDAP server
|
backup1 |
Set the authentication method for the second LDAP server
|
backup2 |
Set the authentication method for the third LDAP server
|
backup3 |
Set the authentication method for the fourth LDAP server
|
type |
Set the authentication type to use for LDAP communications
|
tls |
Set the authentication type as TLS (Transport Layer Security)
|
ca-cert |
Set the CA certificate that the local AP uses when authenticating itself as an LDAP client to an LDAP server
|
<string> |
Enter the file name of the CA certificate (1-32 chars)
|
client-cert |
Set the client certificate that the local AP uses when authenticating itself to an LDAP server
|
<string> |
Enter the file name of the client certificate (1-32 chars)
|
private-key |
Set the private key that the local AP uses to authenticate itself to an LDAP server
|
<string> |
Enter the name of the private key file (1-32 chars)
|
private-key-password |
Set the password for the private key that is used when forming a TLS tunnel
|
<string> |
Enter the password (1-32 chars)
|
verify-server |
Set options for verifying the LDAP server (Default: LDAP server verification is try.)
|
never |
never verify the identity of the LDAP server (Default: try)
|
try |
try verify the identity of the LDAP server (Default: try)
|
demand |
demand verify the identity of the LDAP server (Default: try)
|
aaa radius-server local sta-auth ca-cert <string> server-cert <string> private-key <string> [ private-key-password <string> ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
sta-auth |
Set the authentication type and certificate parameters for authenticating users
|
ca-cert |
Set the CA certificate for a TLS (Transport Layer Security) tunnel
|
<string> |
Enter the file name of the CA certificate (1-32 chars)
|
server-cert |
Set the server certificate used when forming a TLS tunnel
|
<string> |
Enter the file name of the server certificate (1-32 chars)
|
private-key |
Set the private key used when forming a TLS tunnel
|
<string> |
Enter the name of the private key file (1-32 chars)
|
private-key-password |
Set the password for encrypting the private key used when forming a TLS tunnel
|
<string> |
Enter a password (1-64 chars)
|
aaa radius-server local sta-auth default-type {leap|peap|tls|ttls|md5}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
sta-auth |
Set the authentication type and certificate parameters for authenticating users
|
default-type |
Set the default RADIUS authentication type
|
leap |
Set LEAP (Lightweight Extensible Authentication Protocol) as the default RADIUS authentication type (Default: peap)
|
peap |
Set PEAP (Protected Extensible Authentication Protocol) as the default RADIUS authentication type (Default: peap)
|
tls |
Set TLS (Transport Layer Security) as the default RADIUS authentication type (Default: peap)
|
ttls |
Set TTLS (Tunneled TLS) as the default RADIUS authentication type (Default: peap)
|
md5 |
Set MD5 as the default RADIUS authentication type (Default: peap)
|
aaa radius-server local sta-auth type tls {check-cert-cn|check-in-db}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
sta-auth |
Set the authentication type and certificate parameters for authenticating users
|
type |
Set the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
tls |
Set TLS (Transport Layer Security) as the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
check-cert-cn |
Check the CN (common name) in the certificate against the user name (Default: Disabled)
|
check-in-db |
Query databases to check if the user exists (Default: Disabled)
|
aaa radius-server local sta-auth type {leap|peap|tls|ttls|md5}
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
sta-auth |
Set the authentication type and certificate parameters for authenticating users
|
type |
Set the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
leap |
Set LEAP (Lightweight Extensible Authentication Protocol) as the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
peap |
Set PEAP (Protected Extensible Authentication Protocol) as the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
tls |
Set TLS (Transport Layer Security) as the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
ttls |
Set TTLS (Tunneled TLS) as the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
md5 |
Set MD5 as the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
aaa radius-server local sta-auth type {peap|ttls} check-in-db
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
local |
Set the local Aerohive device as a RADIUS server
|
sta-auth |
Set the authentication type and certificate parameters for authenticating users
|
type |
Set the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
peap |
Set PEAP (Protected Extensible Authentication Protocol) as the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
ttls |
Set TTLS (Tunneled TLS) as the RADIUS authentication type (Default: tls+peap+ttls+leap+md5)
|
check-in-db |
Enable the local RADIUS server to query the Active Directory database to check that user accounts are stored under the proper baseDN before authenticating them (Default: Disabled)
|
aaa radius-server name <string> server <string> shared-secret <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
name |
Set the name for the RADIUS server
|
<string> |
Enter the name of the RADIUS server (1-32 chars; Note: Use this name when assigning the server to a realm.)
|
server |
Set the IP address or resolvable domain name for the RADIUS server
|
<string> |
Enter the IP address or domain name (max 32 chars)
|
shared-secret |
Set the shared secret for authenticating communications with a RADIUS server
|
<string> |
Enter the shared secret (1-64 chars; Note: The RADIUS shared secret is case sensitive and can contain spaces.)
|
aaa radius-server proxy radsec realm <string> {primary|backup} <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
proxy |
Set parameters for proxying RADIUS requests
|
radsec |
Set parameters to proxy RADIUS requests over a secure TLS tunnel between the local device and a RADIUS server
|
realm |
Set parameters for proxying requests to RADIUS servers based on the realm specified in submitted user names
|
<string> |
Enter the realm name (1-32 chars; Note: Assign a server to the "NULL" realm to proxy requests that do not include a realm name to that server. Assign a server to "DEFAULT" to send it requests containing an unconfigured realm.)
|
primary |
Assign a primary RADIUS server to the realm
|
backup |
Assign a backup RADIUS server to the realm
|
<string> |
Enter the RADIUS server name (1-32 chars)
|
aaa radius-server proxy realm <string> {primary|backup} <string>
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
proxy |
Set parameters for proxying RADIUS requests
|
realm |
Set parameters for proxying requests to RADIUS servers based on the realm specified in submitted user names
|
<string> |
Enter the realm name (1-32 chars; Note: Assign a server to the "NULL" realm to proxy requests that do not include a realm name to that server. Assign a server to "DEFAULT" to send it requests containing an unconfigured realm.)
|
primary |
Assign a primary RADIUS server to the realm
|
backup |
Assign a backup RADIUS server to the realm
|
<string> |
Enter the RADIUS server name (1-32 chars)
|
aaa radius-server {primary|backup1|backup2|backup3} <ip_addr|string> [ shared-secret <string> ] [ auth-port <number> ] [ acct-port <number> ] [ via-vpn-tunnel ]
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-server |
Set parameters for a RADIUS (Remote Authentication Dial In User Service) server
|
primary |
Set the RADIUS server that is first queried when authenticating users
|
backup1 |
Set the RADIUS server that is queried if the primary server stops responding
|
backup2 |
Set the RADIUS server that is queried if the backup1 server stops responding
|
backup3 |
Set the RADIUS server that is queried if the backup2 server stops responding
|
<ip_addr> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
<string> |
Enter an IP address or a domain name for the RADIUS server (max 32 chars)
|
shared-secret |
Set the shared secret for authenticating communications with a RADIUS server
|
<string> |
Enter the shared secret for authenticating communications with a RADIUS server (1-64 chars)
|
auth-port |
Set the RADIUS authentication port number
|
<number> |
Enter the RADIUS authentication port number (Default: 1812; Range: 1-65535)
|
acct-port |
Set the RADIUS accounting port number
|
<number> |
Enter the RADIUS accounting port number (Default: 0; Range: 0-65535)
|
via-vpn-tunnel |
Send all RADIUS traffic through a VPN tunnel (Note: Set this option on VPN clients when the RADIUS server is in a different subnet from the tunnel interface. When they are in the same subnet, tunneling is automatic.)
|
admin {read-write|read-only} <string> password <string>
|
admin |
Set the administrator parameters
|
read-write |
The read-write admin has the ability to view, set commands and modify his or her own password, but not the ability to reset the configuration or add, modify, and delete other admins
|
read-only |
The read-only admin has the ability to view settings
|
<string> |
Enter an admin user's name (3-20 chars)
|
password |
Set password for the user
|
<string> |
Set password for the user ([min-password-length]-32 chars, use CLI "show min-password-length" to get value of min-password-length, default: 8)
|
amrp neighbor <mac_addr> metric min <number> max <number>
|
amrp |
Set AMRP (Advanced Mobility Routing Protocol) parameters
|
neighbor |
Specify the neighbor to which you want to set AMRP parameters
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
metric |
Set route metric parameters for the backhaul link (Ethernet and wireless) to the neighbor
|
min |
Set the minimum metric value
|
<number> |
Enter the minimum metric value (Default: 67; Range: 8-1200)
|
max |
Set the maximum metric value equal to or greater than the minimum value
|
<number> |
Enter the maximum metric value (Default: 67; Range: 8-1200)
|
application identification cdp-index <number> cdp-rule <string> cdp-module {TCP|UDP|HTTP|TLS}
|
application |
Set L7 related parameters
|
identification |
Set L7 identification related parameters
|
cdp-index |
Set index for custom defined application
|
<number> |
Enter the index for custom defined application (Range: 19000-19099)
|
cdp-rule |
Specify the rule for custom defined application
|
<string> |
Enter the rule for custom defined application (1 to 255 characaters)
|
cdp-module |
Specify the module for custom defined application rule
|
TCP |
Enter the module for custom defined application rule TCP
|
UDP |
Enter the module for custom defined application rule UDP
|
HTTP |
Enter the module for custom defined application rule HTTP
|
TLS |
Enter the module for custom defined application rule TLS
|
application reporting upload <url> time-window <number> [ admin <string> password <string> {basic|digest} ]
|
application |
Set L7 related parameters
|
reporting |
Set L7 application reporting related parameters
|
upload |
Set L7 application reporting upload parameters
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/, http://domain:port/path/; Note: You can substitute 'https' for 'http'.)
|
time-window |
Reporting time-window
|
<number> |
minutes(Range: 1-30)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
bonjour-gateway filter rule <number> [ from <string> ] <string> [ to <string> ] [ metric <number> ]
|
bonjour-gateway |
Set parameters for the device to act as a Bonjour Gateway, collecting, filtering, and sharing Bonjour services across subnets/VLANs
|
filter |
Set a filter to control which Bonjour services the local gateway transmits to remote gateways
|
rule |
Set a Bonjour gateway filter rule to determine which services get advertised to Bonjour gateways in other subnets
|
<number> |
Enter the ID for the rule (Range 1-128)
|
from |
Set the source from which services are advertised
|
<string> |
Enter the source VLAN group name (1-32 chars)
|
<string> |
Enter the text string to filter which services are advertised (1-64 chars; Note: A service is advertised if its name matches the string in a rule. You can use asterisks as wildcards)
|
to |
Set the VLAN group to which services are advertised
|
<string> |
Enter the destination VLAN group name (1-32 chars)
|
metric |
Set the maximum number of hops away from the local BDD to accept service advertisements (Note: An immediately neighboring BDD is one hop away, a neighbor of that neighbor is two hops away, and so on.)
|
<number> |
Enter the maximum distance from which service advertisements are acceptable (Range: 0-100; Default: 0; Note: A value of 0 means that there is no maximum distance.)
|
bonjour-gateway filter rule <number> {before|after} rule <number>
|
bonjour-gateway |
Set parameters for the device to act as a Bonjour Gateway, collecting, filtering, and sharing Bonjour services across subnets/VLANs
|
filter |
Set a filter to control which Bonjour services the local gateway transmits to remote gateways
|
rule |
Set a Bonjour gateway filter rule to determine which services get advertised to Bonjour gateways in other subnets
|
<number> |
Enter the ID for the rule (Range 1-128)
|
before |
Move the rule before another rule in the Bonjour Gateway filter
|
after |
Move the rule after another rule in the Bonjour Gateway filter
|
rule |
Set a Bonjour gateway filter rule to determine which services get advertised to Bonjour gateways in other subnets
|
<number> |
Enter the ID for the rule (Range 1-128)
|
bonjour-gateway priority <number>
|
bonjour-gateway |
Set parameters for the device to act as a Bonjour Gateway, collecting, filtering, and sharing Bonjour services across subnets/VLANs
|
priority |
Set the priority of the local device to be elected as the BDD (Bonjour Designated Device)
|
<number> |
Enter the BDD election priority (Range: 0-255; Defaults: SR series=50, BR200 series=40, VG-VA/VG-1U=25, AP370/AP390=23, AP230=21, AP330/AP350=20, AP320/AP340=15, AP120/AP121/AP141/AP170/AP1130=10, AP110=5; Note: Values closer to 255 have higher priority.)
|
capwap client server [ {backup} ] name <string> [ connect-delay <number> ] [ via-vpn-tunnel ]
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
client |
Set CAPWAP client parameters
|
server |
Set parameters for communicating with the CAPWAP server
|
backup |
Set the backup CAPWAP server
|
name |
Set the IP address or domain name of the CAPWAP server
|
<string> |
Enter IP address or name for CAPWAP server (1-32 chars)
|
connect-delay |
Schedule a connection to the specified CAPWAP server at a time relative to the moment the HiveAP receives the command
|
<number> |
Enter the interval in seconds after which the CAPWAP client connects (Range: 0-65535)
|
via-vpn-tunnel |
Send all CAPWAP traffic through a VPN tunnel (Note: Set this option on VPN clients when the CAPWAP server is in a different subnet from the tunnel interface. When they are in the same subnet, tunneling is automatic.)
|
capwap ping <string> [ port <number> ] [ count <number> ] [ size <number> ] [ timeout <number> ]
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
ping |
Perform a CAPWAP ping (Note: A CAPWAP ping does not use ICMP echo requests, but UDP packets similar to those used for CAPWAP heartbeats.)
|
<string> |
Enter the IP address or domain name of the CAPWAP server (1-32 chars)
|
port |
Set the destination UDP port number for communicating with the CAPWAP server
|
<number> |
Enter the destination UDP port number for communicating with the CAPWAP server (Default: 12222; Range: 1-65535)
|
count |
Set the number of CAPWAP UDP packets to send
|
<number> |
Enter the number of packets to send (Default: 5; Range: 1-65535)
|
size |
Set the size of the UDP packets
|
<number> |
Enter the packet size in bytes (Default: 56; Range:1-1300)
|
timeout |
Set the length of time to wait for a response
|
<number> |
Enter the timeout in seconds (Default: 5; Range: 1-60)
|
capwap ping <string> [ port <number> ] flood <number> [ size <number> ] [ timeout <number> ]
|
capwap |
Set parameters for CAPWAP (Control and Provisioning of Wireless Access Points)
|
ping |
Perform a CAPWAP ping (Note: A CAPWAP ping does not use ICMP echo requests, but UDP packets similar to those used for CAPWAP heartbeats.)
|
<string> |
Enter the IP address or domain name of the CAPWAP server (1-32 chars)
|
port |
Set the destination UDP port number for communicating with the CAPWAP server
|
<number> |
Enter the destination UDP port number for communicating with the CAPWAP server (Default: 12222; Range: 1-65535)
|
flood |
Set the number of batches, each consisting of 100 CAPWAP UDP packets, to send at one time
|
<number> |
Enter the number of batches of packets(Range: 1-65535)
|
size |
Set the size of the UDP packets
|
<number> |
Enter the packet size in bytes (Default: 56; Range:1-1300)
|
timeout |
Set the length of time to wait for a response
|
<number> |
Enter the timeout in seconds (Default: 5; Range: 1-60)
|
clear auth roaming-cache mac <mac_addr> {hive-neighbors|hive-all}
|
clear |
Clear dynamic system information or remove all web directories
|
auth |
Clear dynamic authentication information
|
roaming-cache |
Clear all entries from the roaming cache, which contains authentication information for stations currently connected to neighboring hive members
|
mac |
Set the MAC address of the station whose cached authentication information you want to clear
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
hive-neighbors |
Clear all entries from the local roaming cache and from the roaming caches of all neighboring hive members
|
hive-all |
Clear the MAC address from the local roaming cache and from the roaming caches of all hive members
|
clear auth {local-cache|roaming-cache|station} [ mac <mac_addr> ]
|
clear |
Clear dynamic system information or remove all web directories
|
auth |
Clear dynamic authentication information
|
local-cache |
Clear all entries from the local cache, which contains authentication information for stations currently connected to the local HiveAP
|
roaming-cache |
Clear all entries from the roaming cache, which contains authentication information for stations currently connected to neighboring hive members
|
station |
Clear authentication information for a specific station
|
mac |
Set the MAC address of the station whose cached authentication information you want to clear
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear forwarding-engine counters [ interface <wifix|wifix.y|ethx|mgtx> ] [ station <mac_addr> ] [ drop ] [ tunnel ] [ policy ]
|
clear |
Clear dynamic system information or remove all web directories
|
forwarding-engine |
Clear dynamically generated data from the forwarding engine
|
counters |
Clear forwarding engine counter statistics
|
interface |
Clear forwarding engine counter by interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
station |
Clear forwarding engine counter by station MAC
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
drop |
Clear the drop packet counter
|
tunnel |
Clear the counter on tunnels
|
policy |
Clear the counter on policies
|
clear forwarding-engine ip-sessions [ src-ip <ip_addr> ] [ dst-ip <ip_addr> ] [ src-port <number> ] [ dst-port <number> ] [ protocol <number> ]
|
clear |
Clear dynamic system information or remove all web directories
|
forwarding-engine |
Clear dynamically generated data from the forwarding engine
|
ip-sessions |
Clear IP sessions
|
src-ip |
Clear IP sessions by source IP address
|
<ip_addr> |
Source IP address
|
dst-ip |
Clear IP sessions by destination IP address
|
<ip_addr> |
Destination IP address
|
src-port |
Clear IP essions by source port number
|
<number> |
source IP port (Range: 1-65535)
|
dst-port |
Clear IP sessions by destination port number
|
<number> |
destination IP port (Range: 1-65535)
|
protocol |
Clear IP sessions by protocol type
|
<number> |
source IP port (Range: 1-255)
|
clear forwarding-engine mac-sessions [ src-mac <mac_addr> ] [ dst-mac <mac_addr> ]
|
clear |
Clear dynamic system information or remove all web directories
|
forwarding-engine |
Clear dynamically generated data from the forwarding engine
|
mac-sessions |
Clear MAC sessions
|
src-mac |
Clear MAC sessions by source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Clear MAC sessions by destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
clear interface <mgtx|mgtx.y> dhcp-server lease mac <mac_addr>
|
clear |
Clear dynamic system information or remove all web directories
|
interface |
Clear interface info
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges: x: 0; y: 1-16)
|
dhcp-server |
Clear the DHCP server lease
|
lease |
Clear a specific DHCP lease or all leases
|
mac |
Clear the DHCP lease assigned to a client with a specific MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
client-monitor policy <string> problem-type {association|authentication|networking} [ trigger-times <number> ] [ report-interval <number> ] [ quiet-time <number> ]
|
client-monitor |
Set parameters for Client Monitor
|
policy |
Set parameters for a Client Monitor policy
|
<string> |
Enter the Client Monitor policy name (1-32 chars)
|
problem-type |
Set the problem type which specifies a category of client-centric problems
|
association |
Detect, analyze and report the client association problem
|
authentication |
Detect, analyze and report the client authentication problem
|
networking |
Detect, analyze and report the client networking problem
|
trigger-times |
Set how many times the problem type is detected to trigger reporting the problem and related logs
|
<number> |
Enter trigger times for the problem type (Range: 1-10; Default: 1)
|
report-interval |
Set the interval to report the problem and related logs
|
<number> |
Enter a report interval in seconds for the problem type (Range: 0 or 30-3600; Default: 0; Note: The default value of 0 reports every instance of the problem)
|
quiet-time |
Set the time period after which the problem elapses
|
<number> |
Enter quiet time in seconds for the problem type (Range: 60-86400; Default: 300)
|
clock time-zone daylight-saving-time <date> <time> <date> <time>
|
clock |
Set the internal clock
|
time-zone |
Set the time zone for the internal clock
|
daylight-saving-time |
Set the daylight saving time parameters
|
<date> |
Enter the start date for the daylight saving time (Format: MM-DD, Range: 01-01 to 12-31)
|
<time> |
Enter the start time for the daylight saving time (Format: hh:mm:ss, Range: hh(00-23), mm(00-59), ss(00-59)
|
<date> |
Enter the end date for the daylight saving time (Format: MM-DD, Range: 01-01 to 12-31)
|
<time> |
Enter the end time for the daylight saving time (Format: hh:mm:ss, Range: hh(00-23), mm(00-59), ss(00-59)
|
config rollback manual [ wait-time <number> ]
|
config |
Set parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
rollback |
Set the current config as a rollback point to which the AP can return after a length of time elapses or if it becomes disconnected from the CAPWAP server, or return the config to a previously set rollback point immediately
|
manual |
Perform the configuration rollback after the defined length of time elapses regardless of its CAPWAP connectivity (Note: This option is useful when accessing the CLI remotely and you are concerned that some commands might cause the AP to lose its network connection.)
|
wait-time |
Set the length of time that the AP must be disconnected from the CAPWAP server before rolling back the configuration
|
<number> |
Enter the length of time in minutes to wait before rolling back the configuration (Default: 10 minutes; Range: 0-60000: Note: 0 means that the rollback point persists indefinitely until the 'config rollback now' command is entered.)
|
config rollback {capwap-disconnect|next-reboot} [ wait-time <number> ]
|
config |
Set parameters for the current configuration file, which is a flash file containing default and admin-defined settings
|
rollback |
Set the current config as a rollback point to which the AP can return after a length of time elapses or if it becomes disconnected from the CAPWAP server, or return the config to a previously set rollback point immediately
|
capwap-disconnect |
Perform the configuration rollback if a CAPWAP disconnection occurs for the defined length of time (Note: This is useful when uploading a delta configuration, which does not require the AP to reboot, and you are concerned that some changes might disrupt network connectivity for the AP.)
|
next-reboot |
Perform the configuration rollback if a CAPWAP disconnection occurs for the defined length of time after the AP reboots (Note: This is useful when uploading a full configuration, which requires the AP to reboot, and you are concerned that the new config might disrupt network connectivity for the AP.)
|
wait-time |
Set the length of time that the AP must be disconnected from the CAPWAP server before rolling back the configuration
|
<number> |
Enter the length of time in minutes to wait before rolling back the configuration (Default: 10 minutes; Range: 2-60000)
|
debug console level {emergency|alert|critical|error|warning|notification|info|debug}
|
debug |
Enable debug messages
|
console |
Show debug messages on the console
|
level |
Specify a logging level
|
emergency |
Show emergency-level log entries (Default: debug)
|
alert |
Show log entries from alert to emergency levels (Default: debug)
|
critical |
Show log entries from critical to emergency levels (Default: debug)
|
error |
Show log entries from error to emergency levels (Default: debug)
|
warning |
Show log entries from warning to emergency levels (Default: debug)
|
notification |
Show log entries from notification to emergency levels (Default: debug)
|
info |
Show log entries from info to emergency levels (Default: debug)
|
debug |
Show log entries for all severity levels (Default: debug)
|
exec aaa idm-test auth username <string> password <string> [ {pap|ms-chap-v2} ] [ proxy <string> ] [ bind-ssid <string> ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
idm-test |
Test TLS connectivity from the Aerohive device acting as the RadSec or AUTH proxy to the ID Manager gateway
|
auth |
Send a RADIUS Access-Request message from the Aerohive device to the ID Manager
|
username |
Set the user name belonging to an account on the ID Manager
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password that belongs to the same account as the user name on the ID Manager
|
<string> |
Enter the password (1-64 chars)
|
pap |
Set PAP (Password Authentication Protocol) as the method for sending authentication requests between the Aerohive device and ID Manager (Default: MS-CHAP-v2)
|
ms-chap-v2 |
Set MS-CHAP-v2 (Microsoft CHAP Version 2) as the method for sending authentication requests between the Aerohive device and ID Manager (Default: MS-CHAP-v2)
|
proxy |
Set parameters for connecting to an ID Manager proxy server
|
<string> |
Enter the IP address or domain name of the ID Manager proxy server (1-32 chars)
|
bind-ssid |
Set the SSID to which the user name binds for ID Manager testing (Note: By default, wired links use the user name-password pair for testing ID Manager accounts, so the user name does not need to bind to an SSID.)
|
<string> |
Enter the name of the SSID to which you want to bind the user name (1-32 chars)
|
exec aaa ldap-search server-type {active-directory|ldap-server|open-directory} server <string> basedn <string> binddn <string> password <string> [ {attributes} [ <string> ] ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
ldap-search |
Execute a search of the LDAP database
|
server-type |
Set the type of LDAP server whose database you want to search
|
active-directory |
Set the server type as an Active Directory server
|
ldap-server |
Set the server type as an OpenLDAP server
|
open-directory |
Set the server type as an Open Directory server
|
server |
Set the IP address or resolvable domain name of the LDAP server
|
<string> |
Enter the IP address or domain name (up to 32 chars)
|
basedn |
Set a node in the LDAP tree structure as the baseDN (distinguished name) from which to search for nodes one level below it or for information about one or all of its attributes
|
<string> |
Enter the baseDN (up to 256 chars) (Note: If there are any spaces, enclose the whole string in quotation marks.)
|
binddn |
Set the bindDN name and password for the user that has permission to search the LDAP directory
|
<string> |
Enter the bindDN name (up to 256 chars)
|
password |
Set the bindDN password
|
<string> |
Enter the password (1-64 chars)
|
attributes |
Search for attributes of the node specified as the baseDN
|
<string> |
Enter the name of a specific attribute for which to search (Note: To see the user group attribute of the baseDN node when the default group attribute name is being used, do not enter anything.)
|
exec aaa ldap-search username <string> [ basedn <string> ] [ domain <string> ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
ldap-search |
Execute a search of the LDAP database
|
username |
Set the user name to search for in the LDAP database
|
<string> |
Enter a user name (1-32 chars)
|
basedn |
Set the baseDN (distinguished name) where the user profiles are located in the LDAP tree structure
|
<string> |
Enter the baseDN (1-256 chars; Note: If there are any spaces, enclose the whole string in quotation marks.)
|
domain |
Set the domain name of the domain controller
|
<string> |
Enter a NT domain name (1-64 chars)
|
exec aaa library-sip-test primary username <string> password <string>
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
library-sip-test |
Test a simulated authentication process for a library patron on a library SIP (Standard Interchange Protocol) server
|
primary |
Test the authentication process on the primary library SIP server
|
username |
Set the library patron's user name to submit to the library SIP server
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the library patron's password to submit to the library SIP server
|
<string> |
Enter the password (1-64 chars)
|
exec aaa net-join [ {primary|backup1|backup2|backup3} username <string> password <string> ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
net-join |
Join the local AP RADIUS server to the domain controller
|
primary |
Join the local AP RADIUS server to the primary domain controller
|
backup1 |
Join the local AP RADIUS server to the backup1 domain controller
|
backup2 |
Join the local AP RADIUS server to the backup2 domain controller
|
backup3 |
Join the local AP RADIUS server to the backup3 domain controller
|
username |
Set the admin user name for the local AP RADIUS server (Note: For the AP RADIUS server to join the domain, its user account must have domain admin privileges or higher.)
|
<string> |
Enter a user name (1-32 chars)
|
password |
Set the password for the user name
|
<string> |
Enter a password (1-64 chars)
|
exec aaa net-join domain <string> fullname <string> server <string> username <string> password <string> [ computer-ou <string> ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
net-join |
Join the local AP RADIUS server to the domain controller
|
domain |
Set the domain name of the AD domain controller
|
<string> |
Enter the NetBIOS name of the domain (1-64 chars; Note: The domain name cannot contain multiple-level domains delimited by dots.)
|
fullname |
Set the full name of the domain to which the RADIUS server (local AP) and AD server both belong
|
<string> |
Enter the full domain name (1-64 chars)
|
server |
Set the IP address or resolvable domain name for the AD server (Note: The AD server is the same as the domain controller.)
|
<string> |
Enter the IP address or domain name (up to 32 chars)
|
username |
Set the admin user name that the local AP RADIUS server submits to the AD server (Note: For the AP RADIUS server to join the domain, its user account must have domain admin privileges or higher.)
|
<string> |
Enter a user name (1-32 chars)
|
password |
Set the password for the user name
|
<string> |
Enter a password (1-64 chars)
|
computer-ou |
Set the OU (organizational unit) used on the Active Directory server where the AP RADIUS server admin has privileges to add the AP as a computer in the domain
|
<string> |
Enter the OU (Max: 256 chars; Format: ou/sub-ou/sub-ou; Note: If there are any spaces, enclose the entire string in quotation marks.)
|
exec aaa ntlm-auth username <string> password <string> [ domain <string> ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
ntlm-auth |
Initiate NTLM (NT LAN Manager) authentication between the AP RADIUS server and the domain controller
|
username |
Set the user name that the AP RADIUS server uses when authenticating itself to the domain controller
|
<string> |
Enter a user name (1-32 chars)
|
password |
Set the password that the AP RADIUS server uses when authenticating itself to the domain controller
|
<string> |
Enter a password (1-64 chars)
|
domain |
Set the domain name of the domain controller
|
<string> |
Enter a NT domain name (1-64 chars)
|
exec aaa radius-test <string> username <string> password <string> [ {pap|chap|ms-chap-v2} ]
|
exec |
Execute a command to initiate a task immediately
|
aaa |
Set parameters for AAA (authentication, authorization, accounting)
|
radius-test |
Send a RADIUS Access-Request message from the HiveAP to a RADIUS authentication server or an Accounting-Request message to a RADIUS accounting server
|
<string> |
Enter the IP address or domain name of the RADIUS server (1-32 chars)
|
username |
Set the user name belonging to an account on the RADIUS server
|
<string> |
Enter the user name (1-32 chars)
|
password |
Set the password that belongs to the same account as the user name on the RADIUS server
|
<string> |
Enter the password (1-64 chars)
|
pap |
Set PAP (Password Authentication Protocol) as the method for sending authentication requests between the HiveAP and RADIUS server (Default: MS-CHAP-v2)
|
chap |
Set CHAP (Challenge-Handshake Authentication Protocol) as the method for sending authentication requests between the HiveAP and RADIUS server (Default: MS-CHAP-v2)
|
ms-chap-v2 |
Set MS-CHAP-v2 (Microsoft CHAP Version 2) as the method for sending authentication requests between the HiveAP and RADIUS server (Default: MS-CHAP-v2)
|
exec antenna-alignment interface <wifix> peer <mac_addr> [ count <number> ] [ interval <number> ] [ text-size <number> ] [ beep {static|adaptive|no} ] [ static-rssi-range <number> - <number> ]
|
exec |
Execute a command to initiate a task immediately
|
antenna-alignment |
Set parameters for aligning a directional or sectional antenna connected to a radio in backhaul or dual (access and backhaul) mode with a specified peer
|
interface |
Set the interface bound to the radio whose antenna you want to align with that of a peer
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
peer |
Set the MAC address of the peer to which the AP sends antenna alignment request frames
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
count |
Set the total number of request frames to send to the peer
|
<number> |
Enter the total number of request frames (Range: 1-1000; Default: 60)
|
interval |
Set the interval between each request frame transmission
|
<number> |
Enter the interval in seconds (Range: 1-30; Default: 1)
|
text-size |
Set the amount of filler text in each request frame
|
<number> |
Enter the amount of filler text in bytes (Range: 16-2048; Default: 16)
|
beep |
Set the mode of antenna buzzer, which the device uses to indicate the quality of antenna alignment by increasing the frequency of audible beeps as the signal strength improves (Default: adaptive)
|
static |
Set the antenna buzzer to beep when the signal strength falls between 0 to 80 dB
|
adaptive |
Set the antenna buzzer to beep based on the signal strengths that are determined during the alignment process
|
no |
Disable the antenna buzzer
|
static-rssi-range |
Set the signal strength range(instead of default 0 ~ 80 dB) which is used in the static beep mode
|
<number> |
Enter the lowest signal strength in dB
|
- |
Set a range of signal strength
|
<number> |
Enter the highest signal strength in dB
|
exec capture remote-sniffer [ user <string> <string> ] [ host-allowed <string> ] [ local-port <number> ] [ promiscuous ]
|
exec |
Execute a command to initiate a task immediately
|
capture |
Initiate packet capturing
|
remote-sniffer |
Set parameters for a remote packet sniffer
|
user |
Set user name and password that the remote sniffer uses when authenticating itself to the HiveAP
|
<string> |
Enter the user name (1-32 chars)
|
<string> |
Enter the password (1-32 chars)
|
host-allowed |
Set the IP address or domain name of the remote packet sniffer that is allowed to connect to the HiveAP
|
<string> |
Enter the IP address or domain name (1-32 chars)
|
local-port |
Set the port number on which the HiveAP listens for connection requests from the remote sniffer
|
<number> |
Enter the port number (Default: 2002; Range: 1024-65535)
|
promiscuous |
Enable the wifi interfaces to operate in promiscuous mode during packet capturing (Default: Disabled)
|
exec wlan-idp ap-classify {rogue|friendly} <mac_addr> [ - <mac_addr> ]
|
exec |
Execute a command to initiate a task immediately
|
wlan-idp |
Execute a command relating to WLAN IDP (intrusion detection and prevention)
|
ap-classify |
Classify one or more APs as rogue or friendly by MAC address
|
rogue |
Classify APs as rogue
|
friendly |
Classify APs as friendly
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
- |
Set a range of MAC addresses
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
exec wlan-idp mitigate {rogue-ap} <mac_addr> interface <wifix>
|
exec |
Execute a command to initiate a task immediately
|
wlan-idp |
Execute a command relating to WLAN IDP (intrusion detection and prevention)
|
mitigate |
Mitigate a specific rogue AP and its clients by sending a deauth DoS attack against them
|
rogue-ap |
Mitigate a specific rogue AP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
interface |
Execute the command through a specific interface
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
exec {jss-check|airwatch-check|aerohive-check} mobile-device <mac_addr> enroll-status
|
exec |
Execute a command to initiate a task immediately
|
jss-check |
Check the enrollment status of a mobile device on the JSS (JAMF software server)
|
airwatch-check |
Check the enrollment status of a mobile device on the AirWatch
|
aerohive-check |
Check the enrollment status of a mobile device on the Aerohive MDM server
|
mobile-device |
Set the MAC address or ID of a mobile device
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
enroll-status |
Retrieve the enrollment status of the mobile device
|
filter <number> l2 [ {data|ctl|mgmt} ] [ subtype <hex> ] [ src-mac <mac_addr> ] [ dst-mac <mac_addr> ] [ bssid <mac_addr> ] [ tx-mac <mac_addr> ] [ rx-mac <mac_addr> ] [ error {crc|decrypt|mic|all|no} ] [ etype <hex> ]
|
filter |
Set packet capture filter parameters
|
<number> |
Enter a filter ID (Range: 1-64)
|
l2 |
Set packet capture filter for layer 2 parameters
|
data |
Filter by data traffic
|
ctl |
Filter by ctl traffic
|
mgmt |
Filter by mgmt traffic
|
subtype |
Filter by frame subtype
|
<hex> |
Enter frame subtype value
|
src-mac |
Filter by source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Filter by destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
bssid |
Filter by BSSID
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Filter by transmitter MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
rx-mac |
Filter by receiver MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
error |
Filter by error condition
|
crc |
Filter by crc error
|
decrypt |
Filter by decrypt error
|
mic |
Filter by mic error
|
all |
Filter by all error
|
no |
Filter by no error
|
etype |
Filter by Ethernet value
|
<hex> |
Enter the value indicating an ethernet type (ARP:0806; IP:0800; IPX:8137; RARP:8035)
|
filter <number> l3 [ src-ip <ip_addr> ] [ dst-ip <ip_addr> ] [ protocol <number> ] [ src-port <number> ] [ dst-port <number> ]
|
filter |
Set packet capture filter parameters
|
<number> |
Enter a filter ID (Range: 1-64)
|
l3 |
Set packet capture filter for layer 3 parameters
|
src-ip |
Filter by source IP address
|
<ip_addr> |
Enter a source IP address
|
dst-ip |
Filter by destination IP address
|
<ip_addr> |
Enter a destination IP address
|
protocol |
Filter by protocol number in IP header
|
<number> |
Enter a protocol value (UDP:17; TCP:6 ICMP:1)
|
src-port |
Filter by source port filter
|
<number> |
Enter a source port number
|
dst-port |
Filter by destination port
|
<number> |
Enter a destination port number (HTTP:80; FTP:21; TELNET:23; DHCP:67; TFTP:79)
|
forwarding-engine static-rule <string> action drop in-if <ethx|aggx|redx> dst-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action drop in-if <ethx|aggx|redx> src-mac <mac_addr> dst-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action drop in-if <ethx|aggx|redx> src-oui <oui> dst-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action drop in-if <wifix.y> dst-mac <mac_addr> tx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the MAC address of the device on the network that forwarded the frame to the HiveAP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action drop in-if <wifix.y> src-mac <mac_addr> dst-mac <mac_addr> tx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the MAC address of the device on the network that forwarded the frame to the HiveAP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action drop in-if <wifix.y> src-oui <oui> dst-mac <mac_addr> tx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
drop |
Drop packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the MAC address of the device on the network that forwarded the frame to the HiveAP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action pass in-if <ethx|aggx|redx> dst-mac <mac_addr> out-if <ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine static-rule <string> action pass in-if <ethx|aggx|redx> dst-mac <mac_addr> out-if <wifix.y> rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC address of the device on the network to which the HiveAP forwards the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action pass in-if <ethx|aggx|redx> src-mac <mac_addr> dst-mac <mac_addr> out-if <ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine static-rule <string> action pass in-if <ethx|aggx|redx> src-mac <mac_addr> dst-mac <mac_addr> out-if <wifix.y> rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC address of the device on the network to which the HiveAP forwards the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action pass in-if <ethx|aggx|redx> src-oui <oui> dst-mac <mac_addr> out-if <ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine static-rule <string> action pass in-if <ethx|aggx|redx> src-oui <oui> dst-mac <mac_addr> out-if <wifix.y> rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC address of the device on the network to which the HiveAP forwards the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action pass in-if <wifix.y> dst-mac <mac_addr> tx-mac <mac_addr> out-if <ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the MAC address of the device on the network that forwarded the frame to the HiveAP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine static-rule <string> action pass in-if <wifix.y> dst-mac <mac_addr> tx-mac <mac_addr> out-if <wifix.y> rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the MAC address of the device on the network that forwarded the frame to the HiveAP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC address of the device on the network to which the HiveAP forwards the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action pass in-if <wifix.y> src-mac <mac_addr> dst-mac <mac_addr> tx-mac <mac_addr> out-if <ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the MAC address of the device on the network that forwarded the frame to the HiveAP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine static-rule <string> action pass in-if <wifix.y> src-mac <mac_addr> dst-mac <mac_addr> tx-mac <mac_addr> out-if <wifix.y> rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-mac |
Set the source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the MAC address of the device on the network that forwarded the frame to the HiveAP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC address of the device on the network to which the HiveAP forwards the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
forwarding-engine static-rule <string> action pass in-if <wifix.y> src-oui <oui> dst-mac <mac_addr> tx-mac <mac_addr> out-if <ethx|aggx|redx>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the MAC address of the device on the network that forwarded the frame to the HiveAP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
<aggx> |
Enter the name of the aggregate interface, where x = 0
|
<redx> |
Enter the name of the redundant interface, where x = 0
|
forwarding-engine static-rule <string> action pass in-if <wifix.y> src-oui <oui> dst-mac <mac_addr> tx-mac <mac_addr> out-if <wifix.y> rx-mac <mac_addr>
|
forwarding-engine |
Set parameters to shape the behavior of the forwarding engine
|
static-rule |
Add a static packet-forwarding rule that preempts dynamic forwarding decisions
|
<string> |
Enter the name of the packet-forwarding rule (1-32 chars)
|
action |
Set the action to apply to packets matching the static packet-forwarding rule
|
pass |
Pass packets that match the rule
|
in-if |
Set the inbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
src-oui |
Set the source OUI, apply the rule to any MAC address sharing the same OUI as the MAC address
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link Phone=00-17-9a; Vocera=00.09.ef.)
|
dst-mac |
Set the destination MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
tx-mac |
Set the MAC address of the transmitter; that is the MAC address of the device on the network that forwarded the frame to the HiveAP
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
out-if |
Set the outbound interface
|
<wifix.y> |
Enter the name of a Wi-Fi radio subinterface (Ranges: x: 0-1; y: 1-16)
|
rx-mac |
Set the MAC address of the receiver; that is the MAC address of the device on the network to which the HiveAP forwards the frame
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
hive <string> neighbor connecting-threshold {low|medium|high} polling-interval <number>
|
hive |
Create a hive or set hive parameters
|
<string> |
Enter a hive profile name (1-32 chars)
|
neighbor |
Set the threshold parameters for connecting wirelessly with neighboring hive members
|
connecting-threshold |
Set the minimum signal strength threshold required for connecting with a neighboring hive member
|
low |
Set a relatively low minimum signal strength threshold (-85dBm)
|
medium |
Set a relatively moderate minimum signal strength threshold (-80dBm)
|
high |
Set a relatively high minimum signal strength threshold (-75dBm)
|
polling-interval |
Set the time interval in minutes for polling the signal strength of neighboring hive members
|
<number> |
Enter the polling time interval (Default: 1 minute; range: 1-60)
|
hive <string> security wlan dos station-level frame-type {assoc-req|auth|eapol} ban <number>
|
hive |
Create a hive or set hive parameters
|
<string> |
Enter a hive profile name (1-32 chars)
|
security |
Set hive security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
auth |
Specify WLAN DoS frame type auth
|
eapol |
Specify WLAN DoS frame type eapol
|
ban |
Set the period of time to ignore frames after a theshold has been crossed
|
<number> |
Enter the period of time in seconds to ignore frames after a theshold has been crossed (Default: 60; Min: 0 Max: None)
|
hive <string> security wlan dos station-level frame-type {assoc-req|auth|eapol} ban forever
|
hive |
Create a hive or set hive parameters
|
<string> |
Enter a hive profile name (1-32 chars)
|
security |
Set hive security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
auth |
Specify WLAN DoS frame type auth
|
eapol |
Specify WLAN DoS frame type eapol
|
ban |
Set the period of time to ignore frames after a theshold has been crossed
|
forever |
Set ban forever
|
hive <string> security wlan dos {hive-level|station-level} frame-type {probe-req|probe-resp|assoc-req|assoc-resp|disassoc|auth|deauth|eapol|all}
|
hive |
Create a hive or set hive parameters
|
<string> |
Enter a hive profile name (1-32 chars)
|
security |
Set hive security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
hive-level |
Set DoS parameters at hive-level
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
probe-req |
Specify WLAN DoS frame type probe-req
|
probe-resp |
Specify WLAN DoS frame type probe-resp
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
assoc-resp |
Specify WLAN DoS frame type assoc-resp
|
disassoc |
Specify WLAN DoS frame type disassoc
|
auth |
Specify WLAN DoS frame type auth
|
deauth |
Specify WLAN DoS frame type deauth
|
eapol |
Specify WLAN DoS frame type eapol
|
all |
Specify WLAN DoS frame type all
|
hive <string> security wlan dos {hive-level|station-level} frame-type {probe-req|probe-resp|assoc-req|assoc-resp|disassoc|auth|deauth|eapol|all} alarm <number>
|
hive |
Create a hive or set hive parameters
|
<string> |
Enter a hive profile name (1-32 chars)
|
security |
Set hive security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
hive-level |
Set DoS parameters at hive-level
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
probe-req |
Specify WLAN DoS frame type probe-req
|
probe-resp |
Specify WLAN DoS frame type probe-resp
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
assoc-resp |
Specify WLAN DoS frame type assoc-resp
|
disassoc |
Specify WLAN DoS frame type disassoc
|
auth |
Specify WLAN DoS frame type auth
|
deauth |
Specify WLAN DoS frame type deauth
|
eapol |
Specify WLAN DoS frame type eapol
|
all |
Specify WLAN DoS frame type all
|
alarm |
Set the interval in seconds between alarms to indicate continuous DoS conditions
|
<number> |
Enter the interval in seconds between alarms to indicate continuous DoS conditions (Default: 60 secs; Min: 0 Max: None)
|
hive <string> security wlan dos {hive-level|station-level} frame-type {probe-req|probe-resp|assoc-req|assoc-resp|disassoc|auth|deauth|eapol|all} threshold <number>
|
hive |
Create a hive or set hive parameters
|
<string> |
Enter a hive profile name (1-32 chars)
|
security |
Set hive security parameters
|
wlan |
Set WLAN parameters
|
dos |
Set WLAN DoS (Denial of Service) parameters
|
hive-level |
Set DoS parameters at hive-level
|
station-level |
Set DoS parameters at station-level
|
frame-type |
Set WLAN DoS (Denial of Service) frame type
|
probe-req |
Specify WLAN DoS frame type probe-req
|
probe-resp |
Specify WLAN DoS frame type probe-resp
|
assoc-req |
Specify WLAN DoS frame type assoc-req
|
assoc-resp |
Specify WLAN DoS frame type assoc-resp
|
disassoc |
Specify WLAN DoS frame type disassoc
|
auth |
Specify WLAN DoS frame type auth
|
deauth |
Specify WLAN DoS frame type deauth
|
eapol |
Specify WLAN DoS frame type eapol
|
all |
Specify WLAN DoS frame type all
|
threshold |
Set the frame threshold in ppm (packets per minute) that must be crossed to trigger an alarm
|
<number> |
Enter threshold in ppm (Default: hive-level probe-req 12000, probe-resp 24000, eapol 6000, auth 6000, assoc-req 6000, assoc-resp 2400, all others 1200; sta-level probe-req 1200 ppm, probe-resp 2400, eapol 600, auth 600, assoc-req 600, assoc-resp 240, all others 120; Min: 0 Max: None)
|
hive <string> wlan-idp mitigation-mode {automatic|semi-automatic} action {mitigate|report}
|
hive |
Create a hive or set hive parameters
|
<string> |
Enter a hive profile name (1-32 chars)
|
wlan-idp |
Set WLAN IDP (intrusion detection and prevention) parameters
|
mitigation-mode |
Set the mode for mitigating rogue APs and their clients
|
automatic |
Set the arbitrator AP to appoint a mitigator AP and start the mitigation process automatically (Default: semi-automatic)
|
semi-automatic |
Set the arbitrator AP to appoint a mitigator AP automatically but start the mitigation process manually (Default: semi-automatic)
|
action |
Set the action that you want detector APs to take after discovering rogue APs and their clients
|
mitigate |
Mitigate rogue APs and their clients (Default: Rogue mitigation)
|
report |
Report rogue APs and their clients (Default: Rogue mitigation)
|
interface <ethx> manage {Telnet|SSH|SNMP|ping|all}
|
interface |
Set interface parameters
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
manage |
Set management service parameters
|
Telnet |
Enable Telnet manageability of mgt0 through this interface (Default: Disabled)
|
SSH |
Enable SSH manageability of mgt0 through this interface (Default: Enabled)
|
SNMP |
Enable SNMP manageability of mgt0 through this interface (Default: Disabled)
|
ping |
Enable mgt0 to respond to pings through this interface (Default: Enabled)
|
all |
Enable all manageability options (ping, SNMP, SSH, and Telnet) for mgt0 through this interface
|
interface <mgtx> dhcp-probe vlan-range <number> <number> [ timeout <number> ] [ retries <number> ]
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
dhcp-probe |
Probe for DHCP servers in one or more VLANs
|
vlan-range |
Set the range of VLANs in which to probe for a DHCP server
|
<number> |
Enter the start of the VLAN range (Range: 1-4094)
|
<number> |
Enter the end of the VLAN range (Range: 1-4094)
|
timeout |
Set the timeout for waiting for a response to a probe
|
<number> |
Enter the timeout value (Default: 10 secs; Range: 1-60)
|
retries |
Set the number of times to retry sending a probe that does not elicit a response from a DHCP server
|
<number> |
Enter the retry value (Default: 1; Range: 1-10)
|
interface <mgtx|ethx> dhcp client option custom ppsk-server <number> ip
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
option |
Set DHCP client options
|
custom |
Set DHCP client custom options
|
ppsk-server |
Set a custom DHCP option ID and ID type for a private PSK server
|
<number> |
Enter the custom DHCP option ID (ID Range: 128-254; Default ID numbers and types: HiveManager: 225 string, 226 IP; syslog 227 string, 228 IP; private PSK: 229 IP; RADIUS authentication: 230 IP; RADIUS accounting: 231, IP)
|
ip |
Set the type of the custom DHCP option as IP
|
interface <mgtx|ethx> dhcp client option custom radius-server <number> ip
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
option |
Set DHCP client options
|
custom |
Set DHCP client custom options
|
radius-server |
Set a custom DHCP option ID and ID type for a RADIUS authentication or accounting server
|
<number> |
Enter the custom DHCP option ID for a RADIUS authentication server (ID Range: 128-254; Default ID numbers and types: HiveManager: 225 string, 226 IP; syslog 227 string, 228 IP; private PSK: 229 IP; RADIUS authentication: 230 IP; RADIUS accounting: 231, IP)
|
ip |
Set the type of the custom DHCP option as IP
|
interface <mgtx|ethx> dhcp client option custom radius-server accounting <number> ip
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
option |
Set DHCP client options
|
custom |
Set DHCP client custom options
|
radius-server |
Set a custom DHCP option ID and ID type for a RADIUS authentication or accounting server
|
accounting |
Set a custom DHCP option ID and ID type for a RADIUS accounting server
|
<number> |
Enter the custom DHCP option ID for a RADIUS accounting server (ID Range: 128-254; Default ID numbers and types: HiveManager: 225 string, 226 IP; syslog 227 string, 228 IP; private PSK: 229 IP; RADIUS authentication: 230 IP; RADIUS accounting: 231, IP)
|
ip |
Set the type of the custom DHCP option as IP
|
interface <mgtx|ethx> dhcp client option custom {syslog-server|hivemanager} <number> {string|ip}
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<ethx> |
Enter the name of an Ethernet interface, where x = 0
|
dhcp |
Set DHCP parameters
|
client |
Set DHCP client parameters
|
option |
Set DHCP client options
|
custom |
Set DHCP client custom options
|
syslog-server |
Set a custom DHCP option ID and ID type for a syslog server
|
hivemanager |
Set a custom DHCP option ID and ID type for HiveManager
|
<number> |
Enter the custom DHCP option ID (Default ID numbers and types: HiveManager = 225 string, 226 IP; Syslog server = 227 string, 228 IP)
|
string |
Set the type of the custom DHCP option as a string
|
ip |
Set the type of the custom DHCP option as an IP address
|
interface <mgtx|mgtx.y> dhcp-server options custom <number> hex <string>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges: x: 0; y: 1-16)
|
dhcp-server |
Set DHCP server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
custom |
Set a custom DHCP option
|
<number> |
Enter the custom option number (Ranges: 1-224, 227-254; Note: Numbers 1-179 are standard DHCP options; use with caution. Numbers 225 and 226 are reserved for HiveManager.)
|
hex |
Set the custom option data type as a hexadecimal digit
|
<string> |
Enter the hexadecimal digit (1-254 chars; Note: For option 46, which sets the NetBIOS over TCP/IP node type, the string must be 1, 2, 4, or 8.)
|
interface <mgtx|mgtx.y> dhcp-server options {dns1|dns2|dns3} <ip_addr>
|
interface |
Set interface parameters
|
<mgtx> |
Enter the name of the management interface, where x = 0
|
<mgtx.y> |
Enter the name of the virtual management interface (Ranges: x: 0; y: 1-16)
|
dhcp-server |
Set DHCP server parameters
|
options |
Set the DHCP options to be included in DHCPOFFER and DHCPACK messages
|
dns1 |
Set the IP address of the primary DNS (Domain Name System) server that you want DHCP clients to use
|
dns2 |
Set the IP address of the secondary DNS server
|
dns3 |
Set the IP address of the tertiary DNS server
|
<ip_addr> |
Enter the IP address (Note: The DNS server IP address cannot be the same as that of the interface.)
|
interface <wifix> mode {access|backhaul|dual|sensor}
|
interface |
Set interface parameters
|
<wifix> |
Enter the name of a Wi-Fi radio interface, where x = 0 or 1
|
mode |
Set the operational mode for the interface
|
access |
Set the operational mode of the interface to access (Default: access (wifi0), dual (wifi1))
|
backhaul |
Set the operational mode of the interface to backhaul (Default: access (wifi0), dual (wifi1))
|
dual |
Set the operational mode of the interface to dual so that it can provide both access and backhaul services (Default: access (wifi0), dual (wifi1))
|
sensor |
Set the operational mode of the interface to sensor (Default: access (wifi0), dual (wifi1))
|
ip-policy <string> [ id <number> ] [ {before|after} id <number> ] [ from <ip_addr|string_64> [ <mask> ] ] [ to <ip_addr|string_64> [ <mask> ] ] [ service <string> ] [ action {permit|deny|nat|inter-station-traffic-drop|redirect} ]
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-64 chars)
|
<string> |
Enter an IP or domain name (1-64 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks the octet where it appears (For example, the 0s in '255.0.0.255' mask the second and third octets, applying the IP policy to all addresses matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-64 chars)
|
<string> |
Enter an IP or domain name (1-64 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks the octet where it appears (For example, the 0s in '255.0.0.255' mask the second and third octets, applying the IP policy to all addresses matching only the first and fourth octets.)
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
nat |
Set the action to translate clients' source IP address to that of mgt0 and source port number to a dynamically chosen number (Default: deny; Note: NAT is applied only to TCP and UDP traffic.)
|
inter-station-traffic-drop |
Set the action to drop traffic between stations if they are both associated with one or more members of the same hive (Default: deny)
|
redirect |
redirect http traffic to specified url(Default: deny)
|
ip-policy <string> [ id <number> ] [ {before|after} id <number> ] [ from <ip_addr|string_64> [ <mask> ] ] [ to <ip_addr|string_64> [ <mask> ] ] [ service <string> ] action deny log packet-drop
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-64 chars)
|
<string> |
Enter an IP or domain name (1-64 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks the octet where it appears (For example, the 0s in '255.0.0.255' mask the second and third octets, applying the IP policy to all addresses matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-64 chars)
|
<string> |
Enter an IP or domain name (1-64 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks the octet where it appears (For example, the 0s in '255.0.0.255' mask the second and third octets, applying the IP policy to all addresses matching only the first and fourth octets.)
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
log |
Set logging options for packets and sessions that match the IP firewall policy
|
packet-drop |
Log dropped packets that the IP firewall policy denies
|
ip-policy <string> [ id <number> ] [ {before|after} id <number> ] [ from <ip_addr|string_64> [ <mask> ] ] [ to <ip_addr|string_64> [ <mask> ] ] [ service <string> ] action inter-station-traffic-drop log [ {initiate-session|terminate-session|packet-drop} ]
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-64 chars)
|
<string> |
Enter an IP or domain name (1-64 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks the octet where it appears (For example, the 0s in '255.0.0.255' mask the second and third octets, applying the IP policy to all addresses matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-64 chars)
|
<string> |
Enter an IP or domain name (1-64 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks the octet where it appears (For example, the 0s in '255.0.0.255' mask the second and third octets, applying the IP policy to all addresses matching only the first and fourth octets.)
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
inter-station-traffic-drop |
Set the action to drop traffic between stations if they are both associated with one or more members of the same hive (Default: deny)
|
log |
Set logging options for packets and sessions that match IP FW policy
|
initiate-session |
Log the creation of sessions that are permitted by the policy
|
terminate-session |
Log the termination of sessions that are permitted by the policy
|
packet-drop |
Log dropped packets that are denied by the policy
|
ip-policy <string> [ id <number> ] [ {before|after} id <number> ] [ from <ip_addr|string_64> [ <mask> ] ] [ to <ip_addr|string_64> [ <mask> ] ] [ service <string> ] action permit log [ {initiate-session|terminate-session} ]
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-64 chars)
|
<string> |
Enter an IP or domain name (1-64 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks the octet where it appears (For example, the 0s in '255.0.0.255' mask the second and third octets, applying the IP policy to all addresses matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-64 chars)
|
<string> |
Enter an IP or domain name (1-64 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks the octet where it appears (For example, the 0s in '255.0.0.255' mask the second and third octets, applying the IP policy to all addresses matching only the first and fourth octets.)
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
log |
Set logging options for packets and sessions that match the IP firewall policy
|
initiate-session |
Log session details when a session is created after passing a IP firewall policy lookup
|
terminate-session |
Log session details when a session matching a IP firewall policy is terminated
|
ip-policy <string> [ id <number> ] [ {before|after} id <number> ] [ from <ip_addr|string_64> [ <mask> ] ] to local-subnet [ service <string> ] [ action {permit|deny|nat|inter-station-traffic-drop|redirect} ]
|
ip-policy |
Set IP policy parameters
|
<string> |
Enter an IP policy name (1-32 chars)
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
before |
Set the before parameters for an IP policy
|
after |
Set the after parameters for an IP policy
|
id |
Assign an IP policy ID
|
<number> |
Enter the IP policy ID (Range: 1-1023)
|
from |
Set the source IP (Default: any)
|
<ip_addr> |
Enter an IP or domain name (1-64 chars)
|
<string> |
Enter an IP or domain name (1-64 chars)
|
<mask> |
Enter a netmask or IP wildcard mask in which 0 masks the octet where it appears (For example, the 0s in '255.0.0.255' mask the second and third octets, applying the IP policy to all addresses matching only the first and fourth octets.)
|
to |
Set the destination IP (Default: any)
|
local-subnet |
Set the subnet of the mgt0 interface as the destination
|
service |
Set the service (Default: any)
|
<string> |
Enter the service (1-32 chars)
|
action |
Set action for an IP policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
nat |
Set the action to translate clients' source IP address to that of mgt0 and source port number to a dynamically chosen number (Default: deny; Note: NAT is applied only to TCP and UDP traffic.)
|
inter-station-traffic-drop |
Set the action to drop traffic between stations if they are both associated with one or more members of the same hive (Default: deny)
|
redirect |
redirect http traffic to specified url(Default: deny)
|
iperf client <ip_addr> [ {port} <number> ] [ {udp} ] [ {interval} <number> ] [ {no-delay} ] [ {dual-test} ] [ {tradeoff} ] [ {listen-port} <number> ] [ {window} <number> ] [ {mss} <number> ] [ {bandwidth} <number> ] [ {time} <number> ] [ {parallel} <number> ]
|
iperf |
Set parameters for Iperf, a tool for testing and measuring network performance
|
client |
Set Iperf to run in client mode
|
<ip_addr> |
Enter the server IP address with which the HiveAP connects as an Iperf client
|
port |
Set the port on which the client connects to the server
|
<number> |
Enter the port number (Range: 1024-65535; Default: 5001)
|
udp |
Set the transport protocol as UDP (Default: TCP)
|
interval |
Set the interval between periodic bandwidth, jitter, and loss reports
|
<number> |
Enter the interval in seconds (Range: 1-60; Default: 0, which means that the report is not made periodically)
|
no-delay |
Transmit small logical packets individually without the delay incurred by putting them in batches within a single larger physical packet (Default: Smaller packets are transmitted without delay)
|
dual-test |
Set the Iperf tool to do bidirectional upstream and downstream performance testing between the client and server concurrently
|
tradeoff |
Set the Iperf tool to do bidirectional upstream and downstream performance testing at different times so downstream testing only begins after upstream testing is complete
|
listen-port |
Set the port on which the server connects to the client
|
<number> |
Enter the port number (Range: 1024-65535; Default: The same port on which the client connects to the server)
|
window |
Set the TCP window size (socket buffer size)
|
<number> |
Enter the TCP window size in kilobytes (Range: 2-65535; Default: 83.5)
|
mss |
Set the maximum TCP segment size (MTU: 40 bytes)
|
<number> |
Enter the maximum TCP segment size in bytes (Range: 40-65535; Default: 4160)
|
bandwidth |
Set the amount of UDP bandwidth to send
|
<number> |
Enter the bandwidth in megabits per second (Range: 1-1000; Default: 1)
|
time |
Set the length of transmission time
|
<number> |
Enter the time in seconds (Range: 1-65535; Default: 10)
|
parallel |
Set the client to make multiple connections to the server concurrently (Note: This option requires multiple thread support on both the client and server.)
|
<number> |
Enter the number of parallel client threads to run (Range: 1-10; Default: 1)
|
iperf server [ {port} <number> ] [ {udp} ] [ {single-udp} ] [ {interval} <number> ] [ {no-delay} ] [ {window} <number> ] [ {mss} <number> ] [ {bind} <ip_addr> ]
|
iperf |
Set parameters for Iperf, a tool for testing and measuring network performance
|
server |
Set Iperf to run in server mode
|
port |
Set the port on which the server listen on
|
<number> |
Enter the port number (Range: 1024-65535; Default: 5001)
|
udp |
Set the transport protocol as UDP (Default: TCP)
|
single-udp |
Set the Iperf tool to run in single-threaded UDP mode
|
interval |
Set the interval between periodic bandwidth, jitter, and loss reports
|
<number> |
Enter the interval in seconds (Range: 1-60; Default: 0, which means that the report is not made periodically)
|
no-delay |
Transmit small logical packets individually without the delay incurred by putting them in batches within a single larger physical packet (Default: Smaller packets are transmitted without delay)
|
window |
Set the TCP window size (socket buffer size)
|
<number> |
Enter the TCP window size in kilobytes (Range: 2-65535; Default: 83.5)
|
mss |
Set the maximum TCP segment size (MTU: 40 bytes)
|
<number> |
Enter the maximum TCP segment size in bytes (Range: 40-65535; Default: 4160)
|
bind |
Bind and join the HiveAP to a multicast group
|
<ip_addr> |
Enter the IP address of the multicast group (Range: 224.0.0.0-239.255.255.255)
|
library-sip-policy <string> default user-group <string> [ action {permit|restricted|deny} ] [ additional-display-message <string> ]
|
library-sip-policy |
Set a SIP (Standard Interchange Protocol) policy to apply a user profile, VLAN, and session length to library patrons accessing the wireless network (Note: Set policies on a AP RADIUS server. Max policies: 16; Max rules per policy: 64.)
|
<string> |
Enter a library SIP policy name (1-32 chars)
|
default |
Set the default rule to apply to unregistered library patrons
|
user-group |
Set the user group to which the AP RADIUS authenticator assigns the user (Note: The user group includes user profile, VLAN, and session timeout assignments.)
|
<string> |
Enter the user group name (1-32 chars)
|
action |
Set the action that the library SIP policy rule applies
|
permit |
Notify users assigned to the user group that they are permitted network access
|
restricted |
Notify users assigned to the user group that they are given restricted network access
|
deny |
Notify users assigned to the user group that they are denied network access except to websites defined in a walled garden
|
additional-display-message |
Set a message to display when a user attempts to access the network
|
<string> |
Enter a message string (up to 256 chars)
|
library-sip-policy <string> id <number> field <string> {equal|greater-than|less-than} <number> user-group <string> [ action {permit|restricted|deny} ] [ additional-display-message <string> ]
|
library-sip-policy |
Set a SIP (Standard Interchange Protocol) policy to apply a user profile, VLAN, and session length to library patrons accessing the wireless network (Note: Set policies on a AP RADIUS server. Max policies: 16; Max rules per policy: 64.)
|
<string> |
Enter a library SIP policy name (1-32 chars)
|
id |
Set an ID number for a rule to add it to the library SIP policy
|
<number> |
Enter an ID number (Range: 1-64)
|
field |
Set the two-letter character code that identifies the field name of a specific library SIP value
|
<string> |
Enter the two-letter character code(2 char)
|
equal |
Check if the field value that the SIP server returns equals the number entered in the local AP RADIUS server
|
greater-than |
Check if the field value that the SIP server returns is greater than the number entered in the local AP RADIUS server
|
less-than |
Check if the field value that the SIP server returns is less than the number entered in the local AP RADIUS server
|
<number> |
Enter the number that the AP RADIUS server uses when checking the field values that the SIP server returns (Range: 0-65535)
|
user-group |
Set the user group to which the AP RADIUS authenticator assigns the user (Note: The user group includes user profile, VLAN, and session timeout assignments.)
|
<string> |
Enter the user group name (1-32 chars)
|
action |
Set the action that the library SIP policy rule applies
|
permit |
Notify users assigned to the user group that they are permitted network access
|
restricted |
Notify users assigned to the user group that they are given restricted network access
|
deny |
Notify users assigned to the user group that they are denied network access except to websites defined in a walled garden
|
additional-display-message |
Set a message to display when a user attempts to access the network
|
<string> |
Enter a message string (up to 256 chars)
|
library-sip-policy <string> id <number> field <string> {matches|differs-from|starts-with|occurs-after|occurs-before|contains} <string> user-group <string> [ action {permit|restricted|deny} ] [ additional-display-message <string> ]
|
library-sip-policy |
Set a SIP (Standard Interchange Protocol) policy to apply a user profile, VLAN, and session length to library patrons accessing the wireless network (Note: Set policies on a AP RADIUS server. Max policies: 16; Max rules per policy: 64.)
|
<string> |
Enter a library SIP policy name (1-32 chars)
|
id |
Set an ID number for a rule to add it to the library SIP policy
|
<number> |
Enter an ID number (Range: 1-64)
|
field |
Set the two-letter character code that identifies the field name of a specific library SIP value
|
<string> |
Enter the two-letter character code(2 char)
|
matches |
Check if the field value that the SIP server returns matches the string entered in the local AP RADIUS server
|
differs-from |
Check if the field value that the SIP server returns differs-from the string entered in the local AP RADIUS server
|
starts-with |
Check if the field value that the SIP server returns starts-with the string entered in the local AP RADIUS server
|
occurs-after |
Check if the field value that the SIP server returns occurs-after the string entered in the local AP RADIUS server
|
occurs-before |
Check if the field value that the SIP server returns occurs-before the string entered in the local AP RADIUS server
|
contains |
Check if the field value that the SIP server returns contains the string entered in the local AP RADIUS server
|
<string> |
Enter the string that the AP RADIUS server uses when checking the field values that the SIP server returns (1-32 chars; Note: Date format must be YYYY-MM-DD; Example: 2010-01-01.)
|
user-group |
Set the user group to which the AP RADIUS authenticator assigns the user (Note: The user group includes user profile, VLAN, and session timeout assignments.)
|
<string> |
Enter the user group name (1-32 chars)
|
action |
Set the action that the library SIP policy rule applies
|
permit |
Notify users assigned to the user group that they are permitted network access
|
restricted |
Notify users assigned to the user group that they are given restricted network access
|
deny |
Notify users assigned to the user group that they are denied network access except to websites defined in a walled garden
|
additional-display-message |
Set a message to display when a user attempts to access the network
|
<string> |
Enter a message string (up to 256 chars)
|
library-sip-policy <string> id <number> {after|before} id <number>
|
library-sip-policy |
Set a SIP (Standard Interchange Protocol) policy to apply a user profile, VLAN, and session length to library patrons accessing the wireless network (Note: Set policies on a AP RADIUS server. Max policies: 16; Max rules per policy: 64.)
|
<string> |
Enter a library SIP policy name (1-32 chars)
|
id |
Set an ID number for a rule to add it to the library SIP policy
|
<number> |
Enter an ID number (Range: 1-64)
|
after |
Move the library SIP rule after another rule in the policy
|
before |
Move the library SIP rule before another rule in the policy
|
id |
Set an ID number for a rule to add it to the library SIP policy
|
<number> |
Enter an ID number (Range: 1-64)
|
logging facility {local0|local1|local2|local3|local4|local5|local6|local7|auth|authpriv|security|user}
|
logging |
Set logging parameters
|
facility |
Set logging facility
|
local0 |
Set log facility to local0 (Default: local6)
|
local1 |
Set log facility to local1 (Default: local6)
|
local2 |
Set log facility to local2 (Default: local6)
|
local3 |
Set log facility to local3 (Default: local6)
|
local4 |
Set log facility to local4 (Default: local6)
|
local5 |
Set log facility to local5 (Default: local6)
|
local6 |
Set log facility to local6 (Default: local6)
|
local7 |
Set log facility to local7 (Default: local6)
|
auth |
Set log facility to auth (Default: local6)
|
authpriv |
Set log facility to authpriv (Default: local6)
|
security |
Set log facility to security (Default: local6)
|
user |
Set log facility to user (Default: local6)
|
logging server <string> [ level {emergency|alert|critical|error|warning|notification|info|debug} ] [ {via-vpn-tunnel} ]
|
logging |
Set logging parameters
|
server |
Set parameters for a syslog server
|
<string> |
Set the IP address or domain name (1-32 chars) for the syslog server
|
level |
Set the severity level for the log messages you want to send
|
emergency |
Send emergency-level log entries
|
alert |
Send log entries from alert to emergency levels
|
critical |
Send log entries from critical to emergency levels
|
error |
Send log entries from error to emergency levels
|
warning |
Send log entries from warning to emergency levels
|
notification |
Send log entries from notification to emergency levels
|
info |
Send log entries from info to emergency levels
|
debug |
Send log entries for all severity levels
|
via-vpn-tunnel |
Send all logging traffic through a VPN tunnel (Note: Set this option on VPN clients when the logging server is in a different subnet from the tunnel interface. When they are in the same subnet, tunneling is automatic.)
|
mac-object <string> mac-range <mac_addr> - <mac_addr>
|
mac-object |
Set parameters for an MAC object that the HiveAP can use to assign a client with a matching MAC address to a user profile (Max: 128 MAC objects per HiveAP.)
|
<string> |
Enter the MAC object name (1-32 chars)
|
mac-range |
Set a range of MAC addresses for the MAC object (Max: 255 MAC address ranges per MAC object)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
- |
Set a range of MAC addresses
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
mac-policy <string> [ id <number> ] [ {before|after} id <number> ] [ from <mac_addr> [ <number> ] ] [ to <mac_addr> [ <number> ] ] [ action {permit|deny} ]
|
mac-policy |
Set MAC policy parameters
|
<string> |
Enter a MAC policy name (1-32 chars)
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
before |
Set the before parameters for a MAC policy
|
after |
Set the after parameters for a MAC policy
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
from |
Set the source MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
to |
Set the destination MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
action |
Set action for a MAC policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
mac-policy <string> [ id <number> ] [ {before|after} id <number> ] [ from <mac_addr> [ <number> ] ] [ to <mac_addr> [ <number> ] ] action deny log packet-drop
|
mac-policy |
Set MAC policy parameters
|
<string> |
Enter a MAC policy name (1-32 chars)
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
before |
Set the before parameters for a MAC policy
|
after |
Set the after parameters for a MAC policy
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
from |
Set the source MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
to |
Set the destination MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
action |
Set action for a MAC policy (Default: deny)
|
deny |
Set the action to deny (Default: deny)
|
log |
Set logging options for packets and sessions that match the MAC firewall policy
|
packet-drop |
Log dropped packets that the MAC firewall policy denies
|
mac-policy <string> [ id <number> ] [ {before|after} id <number> ] [ from <mac_addr> [ <number> ] ] [ to <mac_addr> [ <number> ] ] action permit log [ {initiate-session|terminate-session} ]
|
mac-policy |
Set MAC policy parameters
|
<string> |
Enter a MAC policy name (1-32 chars)
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
before |
Set the before parameters for a MAC policy
|
after |
Set the after parameters for a MAC policy
|
id |
Assign a MAC policy ID
|
<number> |
Enter the MAC policy ID (Range: 1-1023)
|
from |
Set the source MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
to |
Set the destination MAC (Default: any)
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
<number> |
Enter a MAC mask length (value: 0, 24, 48)
|
action |
Set action for a MAC policy (Default: deny)
|
permit |
Set the action to permit (Default: deny)
|
log |
Set logging options for packets and sessions that match the MAC firewall policy
|
initiate-session |
Log session details when a session is created after passing a MAC firewall policy lookup
|
terminate-session |
Log session details when a session matching a MAC firewall policy is terminated
|
mdm-object <string> [ enroll-status {enrolled|non-enrolled|unknown} ] [ compliance-status {compliant|non-compliant|unknown} ] [ client-tag <string> ]
|
mdm-object |
Set the MDM (mobile device management) object
|
<string> |
Enter an MDM object name (1-32 chars)
|
enroll-status |
Set the enrollment status of the managed mobile device
|
enrolled |
Set the MDM enrollment status of the device as enrolled
|
non-enrolled |
Set the MDM enrollment status of the device as non-enrolled
|
unknown |
Set the MDM enrollment status of the device as unknown
|
compliance-status |
Set a compliance status
|
compliant |
Set the compliance status as compliant
|
non-compliant |
Set the compliance status as non-compliant
|
unknown |
Set the compliance status as unknown
|
client-tag |
Set an MDM client tag name to indicate the ownership of the managed mobile device (Note: BYOD and CID are common ownership tags that describe bring-your-own-device and corporate-issues-device situations.)
|
<string> |
Enter a tag name (1-32 chars)
|
mobile-device-policy <string> [ rule <number> ] [ original-user-profile <string> ] device-group <string> reassigned-user-profile-attr <number>
|
mobile-device-policy |
Set a policy that assigns a user profile to traffic from a client based on the originally assigned user profile or the MAC address, device domain, and OS of the user's client
|
<string> |
Enter the mobile device policy name (1-32 chars)
|
rule |
Add a rule to the mobile device policy
|
<number> |
Enter a number for the rule ID (Range: 1-65535; Note: If you do not specify a rule ID, the HiveAP automatically assigns one.)
|
original-user-profile |
Specify the user profile that the HiveAP first assigns to traffic before it completes the device classification process
|
<string> |
Enter the original user profile (1-32 chars)
|
device-group |
Set the device group that the policy rule references to classify the type of client device in use
|
<string> |
Enter a device group name (1-32 chars)
|
reassigned-user-profile-attr |
Reassign the client to a different user profile if it belongs to the specified device group or was initially assigned to the specified original user profile
|
<number> |
Enter the attribute of the user profile to assign in place of the originally assigned one (Range: 0-4095)
|
mobile-device-policy <string> rule <number> {before|after} rule <number>
|
mobile-device-policy |
Set a policy that assigns a user profile to traffic from a client based on the originally assigned user profile or the MAC address, device domain, and OS of the user's client
|
<string> |
Enter the mobile device policy name (1-32 chars)
|
rule |
Add a rule to the mobile device policy
|
<number> |
Enter a number for the rule ID (Range: 1-65535; Note: If you do not specify a rule ID, the HiveAP automatically assigns one.)
|
before |
Move the mobile device policy rule before another rule in the policy
|
after |
Move the mobile device policy rule after another rule in the policy
|
rule |
Set a rule before or after another rule in the mobile device policy
|
<number> |
Enter a rule ID number (Range: 1-65535)
|
ping <ip_addr> [ count <number> ] [ size <number> ] [ ttl <number> ] [ timeout <number> ]
|
ping |
Perform a ping
|
<ip_addr> |
Enter the destination IP address
|
count |
Stop pinging after sending the specified number of ICMP echo requests
|
<number> |
Enter a number after sending the number of ICMP echo requests the pinging stop (Default: 5, Range: 1-65535)
|
size |
Set the size of the ICMP packets
|
<number> |
Enter the packet size in bytes (Default: 56, Range: 1-1024)
|
ttl |
Set the TTL (time to live)
|
<number> |
Enter the TTL (Range: 1-255)
|
timeout |
Set the length of time to wait for a response
|
<number> |
Enter the timeout in seconds (Default: 10; Range: 1-60)
|
ping <string> [ count <number> ] [ size <number> ] [ ttl <number> ] [ timeout <number> ]
|
ping |
Perform a ping
|
<string> |
Enter the destination domain name (1-32 chars)
|
count |
Set the number of ICMP echo requests to send
|
<number> |
Enter the number of ICMP echo requests (Default: 5, Range: 1-65535)
|
size |
Set the size of the ICMP packets
|
<number> |
Enter the packet size in bytes (Default: 56, Range: 1-1024)
|
ttl |
Set the TTL (time to live)
|
<number> |
Enter the TTL (Range: 1-255)
|
timeout |
Set the length of time to wait for a response
|
<number> |
Enter the timeout in seconds (Default: 10; Range: 1-60)
|
probe <ip_addr|mac_addr> [ size <number> ] [ src-mac <mac_addr> ] [ wait-time <number> ] [ ttl <number> ] [ count <number> ]
|
probe |
Set the probe parameters
|
<ip_addr> |
Enter the target IP or MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
size |
Set the probe request packet size (default: 512 bytes)
|
<number> |
Enter a packet size (range: 256-1400 bytes)
|
src-mac |
Set the Source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
wait-time |
Set the timeout value (default: 1 second)
|
<number> |
Enter an timeout value (range: 1-30 seconds)
|
ttl |
Set the TTL value (default 32)
|
<number> |
Enter an TTL value (range: 1-255)
|
count |
Set probe request count (default: 5)
|
<number> |
Enter the probe request count (range: 1-64)
|
probe portal [ size <number> ] [ src-mac <mac_addr> ] [ wait-time <number> ] [ ttl <number> ] [ count <number> ]
|
probe |
Set the probe parameters
|
portal |
Set the target of the probe as the MAC address of the HiveAP acting as portal
|
size |
Set the probe request packet size (default: 512 bytes)
|
<number> |
Enter a packet size (range: 256-1400 bytes)
|
src-mac |
Set the Source MAC address
|
<mac_addr> |
Enter a MAC address (Note: You can use colons, dashes, or periods to format the address. Examples: 1111:1111:1111, 11-11-11-11-11-11, 1111.1111.1111 ...)
|
wait-time |
Set the timeout value (default: 1 second)
|
<number> |
Enter an timeout value (range: 1-30 seconds)
|
ttl |
Set the TTL value (default 32)
|
<number> |
Enter an TTL value (range: 1-255)
|
count |
Set probe request count (default: 5)
|
<number> |
Enter the probe request count (range: 1-64)
|
qos classifier-map oui <oui> [ qos <number> ] [ action {permit|deny|log} ] [ comment <string> ]
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-map |
Map QoS priority markers on incoming packets to Aerohive QoS classes
|
oui |
Set a MAC OUI (Organizational Unique Identifier) classification table
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link Phone=00-17-9a; Vocera=00.09.ef.)
|
qos |
Set an Aerohive QoS class to the MAC
|
<number> |
Enter Aerohive QoS class (Range: 0-7)
|
action |
Set an action to the MAC OUI
|
permit |
permit the packet
|
deny |
deny the packet
|
log |
log the packet
|
comment |
Add a comment to the MAC OUI
|
<string> |
Enter a comment (Maximum:32 chars) to the MAC
|
qos classifier-profile <string> [ {interface/ssid-only|8021p|80211e|diffserv|interface/ssid|mac|service} ]
|
qos |
Set QoS (Quality of Service) parameters
|
classifier-profile |
Set a QoS classification profile
|
<string> |
Enter a classifier profile name (1-32 chars)
|
interface/ssid-only |
Classify all incoming and outgoing packets using the interface or SSID bound to this classifier profile (Note: The interface/ssid-only method cannot be combined with other methods in the same classifier profile or applied to more than one profile. This profile has precedence over all others.)
|
8021p |
Classify incoming packets by 802.1p priority markers present in Layer2 frame headers
|
80211e |
Classify incoming packets by 802.11e priority markers present in wireless frame headers
|
diffserv |
Classify incoming packets by DiffServ DSCP values present in Layer3 packet headers
|
interface/ssid |
Classify packets by the interface or SSID that they traverse (Note: If two interface/SSID classifier profiles apply to the same session, the one providing better QoS is used.)
|
mac |
Classify packets by the OUI (organizationally unique identifier) of the session participants (Note: If two OUI classifier profiles apply to the same session, the one providing better QoS is used.)
|
service |
Classify incoming packets by network service type
|
qos policy <string> [ user-profile <number> <number> ] [ user <number> ] [ qos <number> {strict|wrr} <number> <number> ]
|
qos |
Set QoS (Quality of Service) parameters
|
policy |
Set a QoS policy to control traffic forwarding
|
<string> |
Enter the policy name (1-32 chars)
|
user-profile |
Set QoS policy parameters at the user profile level
|
<number> |
Enter the user profile rate limit in kbps (Range: 0-2000000)
|
<number> |
Enter the scheduling weight for the user profile (Range: 0-1000)
|
user |
Set QoS parameters at the user level
|
<number> |
Enter the user rate limit in kbps (Range: 0-2000000)
|
qos |
Set QoS parameters at the Aerohive QoS class level
|
<number> |
Enter the Aerohive QoS class (Range: 0-7)
|
strict |
Set the scheduling mode as strict to forward traffic without queuing it
|
wrr |
Set the scheduling mode as WRR (weighted round robin) to queue traffic and use rate limits and weights to prioritize forwarding
|
<number> |
Enter the class rate limit in kbps (Range: 0-2000000)
|
<number> |
Enter the scheduling weight (Range: 0-1000; Note: If the scheduling mode is strict, its weight must be zero.)
|
radio profile <string> acsp access channel-auto-select time-range <time> <time> [ station <number> ]
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
access |
Set access point interface parameters
|
channel-auto-select |
Set conditions for automatically selecting radio channels
|
time-range |
Set the time range when a new radio channel can be selected (Note: During this time, the radio re-evaluates the channel in use. It might switch to a different channel or continue using the same channel.)
|
<time> |
Enter the start time (Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
<time> |
Enter the end time (Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
station |
Set the maximum number of stations that can be connected to the HiveAP when selecting a channel (If more are connected during the time range, no channel selection occurs.)
|
<number> |
Enter the station maximum (Range: 0-100; Default: 0)
|
radio profile <string> acsp channel-model 4-channels [ <channel_g4> ]
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
channel-model |
Set the pool of channels from which the radio can select the optimal channel
|
4-channels |
Set 4-channel model (Defaults: USA: 3 channels, 01-06-11, 01-04-08-11; Europe: 4 channels, 01-05-09-13, 01-06-11; Japan: 4 channels, 01-05-09-14, 01-06-11)
|
<channel_g4> |
Enter the pool of channels from which the radio can select one to use (Format: xx-xx-xx-xx;)
|
radio profile <string> acsp channel-model {3-channels} [ <channel_g3> ]
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
channel-model |
Set the pool of channels from which the radio can select the optimal channel
|
3-channels |
Set 3-channel model (Defaults: USA: 3 channels, 01-06-11, 01-04-08-11; Europe: 4 channels, 01-05-09-13, 01-06-11; Japan: 4 channels, 01-05-09-14, 01-06-11)
|
<channel_g3> |
Enter the pool of channels from which the radio can select one to use (Format: xx-xx-xx;)
|
radio profile <string> acsp interference-switch {enable|no-station-enable|disable}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
acsp |
Set parameters for ACSP (Advanced Channel Selection Protocol)
|
interference-switch |
Set parameters for the collection of RF interference-related data and switch channels if the threshold is reached
|
enable |
Enable the radio to switch channels if the RF interference threshold is reached (Default setting: no-station-enable)
|
no-station-enable |
Enable the radio to switch channels only if the RF interference threshold is reached and no stations are connected (Default setting: no-station-enable)
|
disable |
Disable the radio from switching channels because of RF interference-related data (Default setting: no-station-enable)
|
radio profile <string> backhaul failover [ trigger-time <number> ] [ hold-time <number> ]
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
backhaul |
Set parameters for failing over the backhaul link from Ethernet to wireless (Note: Only set this command on a HiveAP that acts as a portal.)
|
failover |
Enable backhaul communications to fail over to the wireless link if the Ethernet link goes down (Default: enabled)
|
trigger-time |
Set how long the Ethernet link must be down to trigger a failover to the wireless link
|
<number> |
Enter the failover trigger time in seconds (Default: 2; Range: 1-5)
|
hold-time |
Set how long the Ethernet link must be up to revert backhaul communications from wireless to Ethernet
|
<number> |
Enter the hold time in seconds (Default: 30; Range: 1-300)
|
radio profile <string> band-steering balance-band threshold <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
band-steering |
Distribute wireless clients that support both 2.4 and 5 GHz bands evenly across the two bands when an SSID is available on both bands
|
balance-band |
Balance clients according to an approximate ratio between 2.4 GHz and 5 GHz channels (Default: Allow four 5 GHz clients for every one 2.4 GHz client, or 80%.)
|
threshold |
Set the minimum ratio of 5 GHz clients to 2.4 GHz clients, expressed as a percentage (Example: Four 5-GHz stations to five total stations is 80%.)
|
<number> |
Enter the threshold to begin balancing band usage as a percentage (Range: 0-100; Default: 80)
|
radio profile <string> band-steering mode {balance-band|prefer-5g|force-5g}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
band-steering |
Distribute wireless clients that support both 2.4 and 5 GHz bands evenly across the two bands when an SSID is available on both bands
|
mode |
Set the mode for band steering (Default: balance-band)
|
balance-band |
Balance clients according to an approximate ratio between 2.4 GHz and 5 GHz channels (Default: Allow four 5 GHz clients for every one 2.4 GHz client, or 80%.)
|
prefer-5g |
Encourage clients that are 5-GHz capable to move to the 5 GHz band by ignoring requests from them on the 2.4 GHz band (Note: If a client continues to attempt using 2.4 GHz even when offered a 5 GHz connection, the system allows it to connect at 2.4 GHz after a specified number of attempts. The default is 5.)
|
force-5g |
Answer probe requests from 5 GHz-capable clients only on 5 GHz interfaces
|
radio profile <string> band-steering prefer-5g suppression-limit <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
band-steering |
Distribute wireless clients that support both 2.4 and 5 GHz bands evenly across the two bands when an SSID is available on both bands
|
prefer-5g |
Encourage clients that are 5-GHz capable to move to the 5 GHz band by ignoring requests from them on the 2.4 GHz band (Note: If a client continues to attempt using 2.4 GHz even when offered a 5 GHz connection, the system allows it to connect at 2.4 GHz after a specified number of attempts. The default is 5.)
|
suppression-limit |
Set a limit number to the number of probe responses the system suppresses before accepting a client on the 2.4 GHz band
|
<number> |
Enter the number of probe responses the system suppresses before accepting client in the 2.4 GHz band (Default: 5; Range: 1-100)
|
radio profile <string> benchmark phymode 11a rate {6|9|12|18|24|36|48|54} success <number> usage <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
benchmark |
Set benchmark parameters for gauging the health of client connectivity
|
phymode |
Set the physical mode for which you want to measure client connectivity
|
11a |
Set benchmark parameters for 11a mode
|
rate |
Set the transmission rate that you expect clients with healthy connectivity to use (Note: You can set up to 3 rates for the same phymode)
|
6 |
Enter the transmission rate
|
9 |
Enter the transmission rate
|
12 |
Enter the transmission rate
|
18 |
Enter the transmission rate
|
24 |
Enter the transmission rate
|
36 |
Enter the transmission rate
|
48 |
Enter the transmission rate
|
54 |
Enter the transmission rate
|
success |
Set the percent of packets that you expect clients with healthy connectivity to transmit successfully
|
<number> |
Enter the percent for successfully transmitted packets (Range: 1-100)
|
usage |
Set the percent of time that you expect clients with healthy connectivity to transmit at the defined rate
|
<number> |
Enter the percent of time that clients transmit at the defined rate (Range: 1-100)
|
radio profile <string> benchmark phymode 11ac rate {6|9|12|18|24|36|48|54|mcs0/1|mcs1/1|mcs2/1|mcs3/1|mcs4/1|mcs5/1|mcs6/1|mcs7/1|mcs8/1|mcs9/1|mcs0/2|mcs1/2|mcs2/2|mcs3/2|mcs4/2|mcs5/2|mcs6/2|mcs7/2|mcs8/2|mcs9/2|mcs0/3|mcs1/3|mcs2/3|mcs3/3|mcs4/3|mcs5/3|mcs6/3|mcs7/3|mcs8/3|mcs9/3} success <number> usage <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
benchmark |
Set benchmark parameters for gauging the health of client connectivity
|
phymode |
Set the physical mode for which you want to measure client connectivity
|
11ac |
Set benchmark parameters for 11ac mode
|
rate |
Set the transmission rate that you expect clients with healthy connectivity to use (Note: You can set up to 3 rates for the same phymode)
|
6 |
Enter the transmission rate
|
9 |
Enter the transmission rate
|
12 |
Enter the transmission rate
|
18 |
Enter the transmission rate
|
24 |
Enter the transmission rate
|
36 |
Enter the transmission rate
|
48 |
Enter the transmission rate
|
54 |
Enter the transmission rate
|
mcs0/1 |
Enter the transmission rate
|
mcs1/1 |
Enter the transmission rate
|
mcs2/1 |
Enter the transmission rate
|
mcs3/1 |
Enter the transmission rate
|
mcs4/1 |
Enter the transmission rate
|
mcs5/1 |
Enter the transmission rate
|
mcs6/1 |
Enter the transmission rate
|
mcs7/1 |
Enter the transmission rate
|
mcs8/1 |
Enter the transmission rate
|
mcs9/1 |
Enter the transmission rate
|
mcs0/2 |
Enter the transmission rate
|
mcs1/2 |
Enter the transmission rate
|
mcs2/2 |
Enter the transmission rate
|
mcs3/2 |
Enter the transmission rate
|
mcs4/2 |
Enter the transmission rate
|
mcs5/2 |
Enter the transmission rate
|
mcs6/2 |
Enter the transmission rate
|
mcs7/2 |
Enter the transmission rate
|
mcs8/2 |
Enter the transmission rate
|
mcs9/2 |
Enter the transmission rate
|
mcs0/3 |
Enter the transmission rate
|
mcs1/3 |
Enter the transmission rate
|
mcs2/3 |
Enter the transmission rate
|
mcs3/3 |
Enter the transmission rate
|
mcs4/3 |
Enter the transmission rate
|
mcs5/3 |
Enter the transmission rate
|
mcs6/3 |
Enter the transmission rate
|
mcs7/3 |
Enter the transmission rate
|
mcs8/3 |
Enter the transmission rate
|
mcs9/3 |
Enter the transmission rate
|
success |
Set the percent of packets that you expect clients with healthy connectivity to transmit successfully
|
<number> |
Enter the percent for successfully transmitted packets (Range: 1-100)
|
usage |
Set the percent of time that you expect clients with healthy connectivity to transmit at the defined rate
|
<number> |
Enter the percent of time that clients transmit at the defined rate (Range: 1-100)
|
radio profile <string> benchmark phymode 11b rate {1|2|5.5|11} success <number> usage <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
benchmark |
Set benchmark parameters for gauging the health of client connectivity
|
phymode |
Set the physical mode for which you want to measure client connectivity
|
11b |
Set benchmark parameters for 11b mode
|
rate |
Set the transmission rate that you expect clients with healthy connectivity to use (Note: You can set up to 3 rates for the same phymode)
|
1 |
Enter the transmission rate
|
2 |
Enter the transmission rate
|
5.5 |
Enter the transmission rate
|
11 |
Enter the transmission rate
|
success |
Set the percent of packets that you expect clients with healthy connectivity to transmit successfully
|
<number> |
Enter the percent for successfully transmitted packets (Range: 1-100)
|
usage |
Set the percent of time that you expect clients with healthy connectivity to transmit at the defined rate
|
<number> |
Enter the percent of time that clients transmit at the defined rate (Range: 1-100)
|
radio profile <string> benchmark phymode 11g rate {1|2|5.5|11|6|9|12|18|24|36|48|54} success <number> usage <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
benchmark |
Set benchmark parameters for gauging the health of client connectivity
|
phymode |
Set the physical mode for which you want to measure client connectivity
|
11g |
Set benchmark parameters for 11g mode
|
rate |
Set the transmission rate that you expect clients with healthy connectivity to use (Note: You can set up to 3 rates for the same phymode)
|
1 |
Enter the transmission rate
|
2 |
Enter the transmission rate
|
5.5 |
Enter the transmission rate
|
11 |
Enter the transmission rate
|
6 |
Enter the transmission rate
|
9 |
Enter the transmission rate
|
12 |
Enter the transmission rate
|
18 |
Enter the transmission rate
|
24 |
Enter the transmission rate
|
36 |
Enter the transmission rate
|
48 |
Enter the transmission rate
|
54 |
Enter the transmission rate
|
success |
Set the percent of packets that you expect clients with healthy connectivity to transmit successfully
|
<number> |
Enter the percent for successfully transmitted packets (Range: 1-100)
|
usage |
Set the percent of time that you expect clients with healthy connectivity to transmit at the defined rate
|
<number> |
Enter the percent of time that clients transmit at the defined rate (Range: 1-100)
|
radio profile <string> benchmark phymode 11n rate {6|9|12|18|24|36|48|54|mcs0|mcs1|mcs2|mcs3|mcs4|mcs5|mcs6|mcs7|mcs8|mcs9|mcs10|mcs11|mcs12|mcs13|mcs14|mcs15|mcs0/1|mcs1/1|mcs2/1|mcs3/1|mcs4/1|mcs5/1|mcs6/1|mcs7/1|mcs0/2|mcs1/2|mcs2/2|mcs3/2|mcs4/2|mcs5/2|mcs6/2|mcs7/2} success <number> usage <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
benchmark |
Set benchmark parameters for gauging the health of client connectivity
|
phymode |
Set the physical mode for which you want to measure client connectivity
|
11n |
Set benchmark parameters for 11n mode
|
rate |
Set the transmission rate that you expect clients with healthy connectivity to use (Note: You can set up to 3 rates for the same phymode)
|
6 |
Enter the transmission rate
|
9 |
Enter the transmission rate
|
12 |
Enter the transmission rate
|
18 |
Enter the transmission rate
|
24 |
Enter the transmission rate
|
36 |
Enter the transmission rate
|
48 |
Enter the transmission rate
|
54 |
Enter the transmission rate
|
mcs0 |
Enter the transmission rate
|
mcs1 |
Enter the transmission rate
|
mcs2 |
Enter the transmission rate
|
mcs3 |
Enter the transmission rate
|
mcs4 |
Enter the transmission rate
|
mcs5 |
Enter the transmission rate
|
mcs6 |
Enter the transmission rate
|
mcs7 |
Enter the transmission rate
|
mcs8 |
Enter the transmission rate
|
mcs9 |
Enter the transmission rate
|
mcs10 |
Enter the transmission rate
|
mcs11 |
Enter the transmission rate
|
mcs12 |
Enter the transmission rate
|
mcs13 |
Enter the transmission rate
|
mcs14 |
Enter the transmission rate
|
mcs15 |
Enter the transmission rate
|
mcs0/1 |
Enter the transmission rate
|
mcs1/1 |
Enter the transmission rate
|
mcs2/1 |
Enter the transmission rate
|
mcs3/1 |
Enter the transmission rate
|
mcs4/1 |
Enter the transmission rate
|
mcs5/1 |
Enter the transmission rate
|
mcs6/1 |
Enter the transmission rate
|
mcs7/1 |
Enter the transmission rate
|
mcs0/2 |
Enter the transmission rate
|
mcs1/2 |
Enter the transmission rate
|
mcs2/2 |
Enter the transmission rate
|
mcs3/2 |
Enter the transmission rate
|
mcs4/2 |
Enter the transmission rate
|
mcs5/2 |
Enter the transmission rate
|
mcs6/2 |
Enter the transmission rate
|
mcs7/2 |
Enter the transmission rate
|
success |
Set the percent of packets that you expect clients with healthy connectivity to transmit successfully
|
<number> |
Enter the percent for successfully transmitted packets (Range: 1-100)
|
usage |
Set the percent of time that you expect clients with healthy connectivity to transmit at the defined rate
|
<number> |
Enter the percent of time that clients transmit at the defined rate (Range: 1-100)
|
radio profile <string> channel-width {20|40|40-above|40-below|80}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
channel-width |
Set the channel width or the extensive channel offset when channel width is 40 MHz
|
20 |
Enter the channel width and extensive channel offset (Default: 20 Mhz)
|
40 |
Enter the channel width and extensive channel offset (Default: 20 Mhz)
|
40-above |
Enter the channel width and extensive channel offset (Default: 20 Mhz)
|
40-below |
Enter the channel width and extensive channel offset (Default: 20 Mhz)
|
80 |
Enter the channel width and extensive channel offset (Default: 20 Mhz)
|
radio profile <string> high-density broadcast-probe-suppress oui <oui>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
high-density |
Set parameters to reduce management traffic and improve the processing of client traffic in a high-density RF environment
|
broadcast-probe-suppress |
Suppress responses to broadcast probe requests that are broadcast by specified clients
|
oui |
Set the OUI (Organizationally Unique Identifier) portion of client MAC addresses to which you want to suppress probe responses
|
<oui> |
Enter the OUI (Note: You can use colons, dashes, or periods to format the OUI. Examples: Apple iPhone=00:1b:63; D-Link Phone=00-17-9a; Vocera=00.09.ef.)
|
radio profile <string> tx-rate vht-mcs {MCS0/1|MCS1/1|MCS2/1|MCS3/1|MCS4/1|MCS5/1|MCS6/1|MCS7/1|MCS8/1|MCS9/1|MCS0/2|MCS1/2|MCS2/2|MCS3/2|MCS4/2|MCS5/2|MCS6/2|MCS7/2|MCS8/2|MCS9/2|MCS0/3|MCS1/3|MCS2/3|MCS3/3|MCS4/3|MCS5/3|MCS6/3|MCS7/3|MCS8/3|MCS9/3}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
tx-rate |
Set the Tx (transmission) rate for the radio profile
|
vht-mcs |
Set the 802.11ac Tx(transmission) rate
|
MCS0/1 |
Set the transmit rate as MCS0/1
|
MCS1/1 |
Set the transmit rate as MCS1/1
|
MCS2/1 |
Set the transmit rate as MCS2/1
|
MCS3/1 |
Set the transmit rate as MCS3/1
|
MCS4/1 |
Set the transmit rate as MCS4/1
|
MCS5/1 |
Set the transmit rate as MCS5/1
|
MCS6/1 |
Set the transmit rate as MCS6/1
|
MCS7/1 |
Set the transmit rate as MCS7/1
|
MCS8/1 |
Set the transmit rate as MCS8/1
|
MCS9/1 |
Set the transmit rate as MCS9/1
|
MCS0/2 |
Set the transmit rate as MCS0/2
|
MCS1/2 |
Set the transmit rate as MCS1/2
|
MCS2/2 |
Set the transmit rate as MCS2/2
|
MCS3/2 |
Set the transmit rate as MCS3/2
|
MCS4/2 |
Set the transmit rate as MCS4/2
|
MCS5/2 |
Set the transmit rate as MCS5/2
|
MCS6/2 |
Set the transmit rate as MCS6/2
|
MCS7/2 |
Set the transmit rate as MCS7/2
|
MCS8/2 |
Set the transmit rate as MCS8/2
|
MCS9/2 |
Set the transmit rate as MCS9/2
|
MCS0/3 |
Set the transmit rate as MCS0/3
|
MCS1/3 |
Set the transmit rate as MCS1/3
|
MCS2/3 |
Set the transmit rate as MCS2/3
|
MCS3/3 |
Set the transmit rate as MCS3/3
|
MCS4/3 |
Set the transmit rate as MCS4/3
|
MCS5/3 |
Set the transmit rate as MCS5/3
|
MCS6/3 |
Set the transmit rate as MCS6/3
|
MCS7/3 |
Set the transmit rate as MCS7/3
|
MCS8/3 |
Set the transmit rate as MCS8/3
|
MCS9/3 |
Set the transmit rate as MCS9/3
|
radio profile <string> tx-rate {auto|1Mbps|2Mbps|5.5Mbps|6Mbps|9Mbps|11Mbps|12Mbps|18Mbps|24Mbps|36Mbps|48Mbps|54Mbps|MCS0|MCS1|MCS2|MCS3| MCS4|MCS5|MCS6|MCS7|MCS8|MCS9|MCS10|MCS11|MCS12|MCS13|MCS14|MCS15|MCS16|MCS17|MCS18|MCS19|MCS20|MCS21|MCS22|MCS23}
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
tx-rate |
Set the Tx (transmission) rate for the radio profile
|
auto |
Set the radio to determine its transmission rate automatically (Default: auto; Range: 1-54 Mbps)
|
1Mbps |
Set the transmit rate as 1Mbps (Only for 802.11bg and 802.11ng)
|
2Mbps |
Set the transmit rate as 2Mbps (Only for 802.11bg and 802.11ng)
|
5.5Mbps |
Set the transmit rate as 5.5Mbps (Only for 802.11bg and 802.11ng)
|
6Mbps |
Set the transmit rate as 6Mbps
|
9Mbps |
Set the transmit rate as 9Mbps
|
11Mbps |
Set the transmit rate as 11Mbps (Only for 802.11bg and 802.11ng)
|
12Mbps |
Set the transmit rate as 12Mbps
|
18Mbps |
Set the transmit rate as 18Mbps
|
24Mbps |
Set the transmit rate as 24Mbps
|
36Mbps |
Set the transmit rate as 36Mbps
|
48Mbps |
Set the transmit rate as 48Mbps
|
54Mbps |
Set the transmit rate as 54Mbps
|
MCS0 |
Set the transmit rate as MCS0
|
MCS1 |
Set the transmit rate as MCS1
|
MCS2 |
Set the transmit rate as MCS2
|
MCS3 |
Set the transmit rate as MCS3
|
MCS4 |
Set the transmit rate as MCS4
|
MCS5 |
Set the transmit rate as MCS5
|
MCS6 |
Set the transmit rate as MCS6
|
MCS7 |
Set the transmit rate as MCS7
|
MCS8 |
Set the transmit rate as MCS8
|
MCS9 |
Set the transmit rate as MCS9
|
MCS10 |
Set the transmit rate as MCS10
|
MCS11 |
Set the transmit rate as MCS11
|
MCS12 |
Set the transmit rate as MCS12
|
MCS13 |
Set the transmit rate as MCS13
|
MCS14 |
Set the transmit rate as MCS14
|
MCS15 |
Set the transmit rate as MCS15
|
MCS16 |
Set the transmit rate as MCS16 (Only for the HiveAP 330, 350, 370 and 390)
|
MCS17 |
Set the transmit rate as MCS17 (Only for the HiveAP 330, 350, 370 and 390)
|
MCS18 |
Set the transmit rate as MCS18 (Only for the HiveAP 330, 350, 370 and 390)
|
MCS19 |
Set the transmit rate as MCS19 (Only for the HiveAP 330, 350, 370 and 390)
|
MCS20 |
Set the transmit rate as MCS20 (Only for the HiveAP 330, 350, 370 and 390)
|
MCS21 |
Set the transmit rate as MCS21 (Only for the HiveAP 330, 350, 370 and 390)
|
MCS22 |
Set the transmit rate as MCS22 (Only for the HiveAP 330, 350, 370 and 390)
|
MCS23 |
Set the transmit rate as MCS23 (Only for the HiveAP 330, 350, 370 and 390)
|
radio profile <string> wmm ac {background|best-effort|video|voice} aifs <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
wmm |
Set Wi-Fi Multimedia parameters
|
ac |
Set Access Category parameters
|
background |
Set background access category parameters
|
best-effort |
Set best-effort access category parameters
|
video |
Set video access category parameters
|
voice |
Set voice access category parameters
|
aifs |
Set AIFS (arbitration interframe space) parameters
|
<number> |
Set the AIFS value (Range: 0-15)
|
radio profile <string> wmm ac {background|best-effort|video|voice} cwmax <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
wmm |
Set Wi-Fi Multimedia parameters
|
ac |
Set Access Category parameters
|
background |
Set background access category parameters
|
best-effort |
Set best-effort access category parameters
|
video |
Set video access category parameters
|
voice |
Set voice access category parameters
|
cwmax |
Set maximal contention window parameters
|
<number> |
contention window maximal value (Range: 1-15)
|
radio profile <string> wmm ac {background|best-effort|video|voice} cwmin <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
wmm |
Set Wi-Fi Multimedia parameters
|
ac |
Set Access Category parameters
|
background |
Set background access category parameters
|
best-effort |
Set best-effort access category parameters
|
video |
Set video access category parameters
|
voice |
Set voice access category parameters
|
cwmin |
Set minimal contention window parameters
|
<number> |
Set contention window minimal value (Range: 1-15)
|
radio profile <string> wmm ac {background|best-effort|video|voice} txoplimit <number>
|
radio |
Set radio profile parameters
|
profile |
Set radio profile parameters
|
<string> |
Enter a radio profile name (1-32 chars)
|
wmm |
Set Wi-Fi Multimedia parameters
|
ac |
Set Access Category parameters
|
background |
Set background access category parameters
|
best-effort |
Set best-effort access category parameters
|
video |
Set video access category parameters
|
voice |
Set voice access category parameters
|
txoplimit |
Set transmission opportunity limit parameters
|
<number> |
Set transmission opportunity limit value (Range: 0-8192; Note: Your input must be multiples of 32)
|
report statistic alarm-threshold client {tx-drop-rate|rx-drop-rate|tx-retry-rate|airtime-consumption} <number>
|
report |
Set the parameters for gathering traffic statistics and reporting them to HiveManager
|
statistic |
Set the periodic reporting of interface-level and client-level traffic statistics
|
alarm-threshold |
Set the alarm threshold for the CRC error rate, Tx/Rx drop rate, and Tx retry rate(Note: If the rate exceeds the threshold, the HiveAP sends an alarm to HiveManager.)
|
client |
Set the Tx/Rx drop rate, Tx retry rate, and airtime consumption alarm threshold of clients
|
tx-drop-rate |
Set the Tx drop rate alarm threshold for clients (Default: 40%)
|
rx-drop-rate |
Set the Rx drop rate alarm threshold for clients (Default: 40%)
|
tx-retry-rate |
Set the Tx retry rate alarm threshold for clients (Default: 40%)
|
airtime-consumption |
Set the airtime consumption (Tx airtime percentage + Rx airtime percentage) alarm threshold for clients (Default: 30%)
|
<number> |
Enter the alarm threshold (Range: 1-100)
|
report statistic alarm-threshold interface {crc-error-rate|tx-drop-rate|rx-drop-rate|tx-retry-rate|airtime-consumption} <number>
|
report |
Set the parameters for gathering traffic statistics and reporting them to HiveManager
|
statistic |
Set the periodic reporting of interface-level and client-level traffic statistics
|
alarm-threshold |
Set the alarm threshold for the CRC error rate, Tx/Rx drop rate, and Tx retry rate(Note: If the rate exceeds the threshold, the HiveAP sends an alarm to HiveManager.)
|
interface |
Set the CRC error rate, Tx/Rx drop rate, Tx retry rate, and airtime consumption alarm threshold of wifi interfaces
|
crc-error-rate |
Set CRC error rate alarm threshold for the wifi interfaces (Default: 30%)
|
tx-drop-rate |
Set the Tx drop rate alarm threshold for the wifi interfaces (Default: 40%)
|
rx-drop-rate |
Set the Rx drop rate alarm threshold for the wifi interfaces (Default: 40%)
|
tx-retry-rate |
Set the Tx retry rate alarm threshold for the wifi interfaces (Default: 40%)
|
airtime-consumption |
Set the airtime consumption (Tx airtime percentage + Rx airtime percentage) alarm threshold for the wifi interfaces (Default: 50%)
|
<number> |
Enter the alarm threshold (Range: 1-100)
|
save config <location> bootstrap
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
bootstrap |
Save a configuration to the bootstrap configuration
|
save config <location> current
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
current |
Save a configuration to the current configuration
|
save config <location> current <time> [ <date> ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
current |
Save a configuration to the current configuration
|
<time> |
Enter the time that you want the system to reboot (Format: hh:mm:ss)
|
<date> |
Enter the date that you want the system to reboot (Format: yyyy-mm-dd)
|
save config <location> current now
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
current |
Save a configuration to the current configuration
|
now |
Save the configuration and reboot the system immediately
|
save config <location> current offset <time>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
current |
Save a configuration to the current configuration
|
offset |
Set a relative time for the system to reboot
|
<time> |
Schedule the system to reboot at a relative time (Maximum: 24 hours from the time you enter the command; Format: hh:mm:ss)
|
save config <url> bootstrap [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
bootstrap |
Save the config file for the HiveAP to use as its bootstrap configuration, which is the one it loads if it fails to load the current and backup config files or if you enter the 'reset config' command
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save config <url> current <time> [ <date> ] [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
current |
Save the config file for the HiveAP to use as its current configuration, which is the one it loads when booting u
|
<time> |
Enter the time that you want the system to reboot (Format: hh:mm:ss)
|
<date> |
Enter the date that you want the system to reboot (Format: yyyy-mm-dd)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save config <url> current [ {now} ] [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
current |
Save the config file for the HiveAP to use as its current configuration, which is the one it loads when booting u
|
now |
Save the configuration and reboot the system immediately
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save config <url> current offset <time> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
current |
Save the config file for the HiveAP to use as its current configuration, which is the one it loads when booting u
|
offset |
Set a relative time for the system to reboot
|
<time> |
Schedule the system to reboot at a relative time (Maximum: 24 hours from the time you enter the command; Format: hh:mm:ss)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save config bootstrap <location>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
bootstrap |
Save the bootstrap configuration to a remote server
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
save config current <location>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
current |
Save the current configuration to a remote server or to the bootstrap config
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
save config {current|bootstrap} <url> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
config |
Save a configuration from the HiveAP to a remote server, from a remote server to the HiveAP, or from DRAM to flash as the current or bootstrap config
|
current |
Save the current configuration to a remote server or to the bootstrap config
|
bootstrap |
Save the bootstrap configuration to a remote server
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save dhcp-fingerprint {option55} <location>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
dhcp-fingerprint |
Save a fingerprint file of DHCP options for client OS detection
|
option55 |
Save a fingerprint file of various parameter request lists mapped to client operating systems (Note: DHCP clients include unique lists in DHCP option 55 when sending DHCPDISCOVER messages. By comparing those lists with the fingerprints in the file, client operating systems can be detected.)
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
save dhcp-fingerprint {option55} <url> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
dhcp-fingerprint |
Save a fingerprint file of DHCP options for client OS detection
|
option55 |
Save a fingerprint file of various parameter request lists mapped to client operating systems (Note: DHCP clients include unique lists in DHCP option 55 when sending DHCPDISCOVER messages. By comparing those lists with the fingerprints in the file, client operating systems can be detected.)
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save image <location> <time> [ <date> ] [ limit <number> ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
image |
Save a HiveOS image to the HiveAP
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
<time> |
Enter the time that you want the system to reboot (Format: hh:mm:ss)
|
<date> |
Enter the date that you want the system to reboot (Format: yyyy-mm-dd)
|
limit |
Limit the amount of bandwidth used for uploading the image file
|
<number> |
Enter the bandwidth limit in Kbps (Range:10-1000000; Default: Maximum available bandwidth)
|
save image <location> [ {now} ] [ limit <number> ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
image |
Save a HiveOS image to the HiveAP
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
now |
Save the image and reboot the system immediately
|
limit |
Limit the amount of bandwidth used for uploading the image file
|
<number> |
Enter the bandwidth limit in Kbps (Range:10-1000000; Default: Maximum available bandwidth)
|
save image <location> offset <time> [ limit <number> ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
image |
Save a HiveOS image to the HiveAP
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
offset |
Set a relative time for the system to reboot
|
<time> |
Schedule the system to reboot at a relative time (Maximum: 24 hours from the time you enter the command; Format: hh:mm:ss)
|
limit |
Limit the amount of bandwidth used for uploading the image file
|
<number> |
Enter the bandwidth limit in Kbps (Range:10-1000000; Default: Maximum available bandwidth)
|
save image <url> <time> [ <date> ] [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
image |
Save a HiveOS image to the HiveAP
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
<time> |
Enter the time that you want the system to reboot (Format: hh:mm:ss)
|
<date> |
Enter the date that you want the system to reboot (Format: yyyy-mm-dd)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save image <url> [ {now} ] [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
image |
Save a HiveOS image to the HiveAP
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
now |
Save the image and reboot the system immediately
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save image <url> offset <time> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
image |
Save a HiveOS image to the HiveAP
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
offset |
Set a relative time for the system to reboot
|
<time> |
Schedule the system to reboot at a relative time (Maximum: 24 hours from the time you enter the command; Format: hh:mm:ss)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save radius-server-key radsec {cert|ca} <location>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
radius-server-key |
Save certificate files for the local Aerohive RADIUS server to use
|
radsec |
Save certificates that the local Aerohive device uses when functioning as a RadSec proxy server (Note: A RadSec proxy server can forward RADIUS requests over a secure TLS tunnel between RadSec peers.)
|
cert |
Save an end-entity certificate for the Aerohive device to use when authenticating itself to a RadSec peer
|
ca |
Save a CA (certificate authority) certificate for the Aerohive device to verify the certificate of its RadSec peer
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
save radius-server-key radsec {cert|ca} <url> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
radius-server-key |
Save certificate files for the local Aerohive RADIUS server to use
|
radsec |
Save certificates that the local Aerohive device uses when functioning as a RadSec proxy server (Note: A RadSec proxy server can forward RADIUS requests over a secure TLS tunnel between RadSec peers.)
|
cert |
Save an end-entity certificate for the Aerohive device to use when authenticating itself to a RadSec peer
|
ca |
Save a CA (certificate authority) certificate for the Aerohive device to verify the certificate of its RadSec peer
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
admin |
Set the name that the local device uses to log in to the HTTP server
|
<string> |
Enter the login name (1-32 chars)
|
password |
Set the password to enter during the login process
|
<string> |
Enter the password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for connecting to an HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domain_name, ip_addr, domain_name:port, or ip_addr:port)
|
proxy-admin |
Set the name that the local device uses to log in to the HTTP proxy server
|
<string> |
Enter the login name (1-32 chars)
|
password |
Set the password to enter during the login process
|
<string> |
Enter the password (1-64 chars)
|
save radius-server-key {radius-server|ldap-client} <location>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
radius-server-key |
Save certificate files for the local Aerohive RADIUS server to use
|
radius-server |
Save certificates that the local HiveAP uses when functioning as a RADIUS server
|
ldap-client |
Save certificates that the local HiveAP uses when functioning as an LDAP client
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
save radius-server-key {radius-server|ldap-client} <url> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
radius-server-key |
Save certificate files for the local Aerohive RADIUS server to use
|
radius-server |
Save certificates that the local HiveAP uses when functioning as a RADIUS server
|
ldap-client |
Save certificates that the local HiveAP uses when functioning as an LDAP client
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save signature-file <location> [ limit <number> ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
signature-file |
Remote image used for L7 application
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
limit |
Limit the amount of bandwidth used for uploading the image file
|
<number> |
Enter the bandwidth limit in Kbps (Range:10-1000000; Default: Maximum available bandwidth)
|
save signature-file <url> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
signature-file |
Remote image used for L7 application
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save ssid <string> mac-bind <location>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
ssid |
Save a locally stored file to a remote server
|
<string> |
Enter the file name to upload to a remote server
|
mac-bind |
Save auth-ppsk mac-binding file
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
save users <url> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
users |
Save private PSK (preshared key) configurations
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save vpn {ca-cert|ee-cert|private-key} <url> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
vpn |
Save a VPN certificate or private key file
|
ca-cert |
Save a CA (certificate authority) certificate for the HiveAP to verify its IKE peer's certificate
|
ee-cert |
Save an end-entity certificate for the HiveAP to use when authenticating itself to an IKE peer
|
private-key |
Save the private key for the HiveAP to use when creating its RSA signature
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save vpn {ee-cert|private-key|ca-cert} <location>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
vpn |
Save a VPN certificate or private key file
|
ee-cert |
Save an end-entity certificate for the HiveAP to use when authenticating itself to an IKE peer
|
private-key |
Save the private key for the HiveAP to use when creating its RSA signature
|
ca-cert |
Save a CA (certificate authority) certificate for the HiveAP to verify its IKE peer's certificate
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
save web-page [ ppsk-self-reg ] web-directory <string> <location>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
web-page |
Save a file for use with the internal web server
|
ppsk-self-reg |
Save a file to the private PSK self-registration web directory (Note: The HiveAP, as a private PSK server, uses these files to respond to self-registration requests.)
|
web-directory |
Save a file to a specific web directory
|
<string> |
Enter the web directory name
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
save web-page [ ppsk-self-reg ] web-directory <string> <url> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
web-page |
Save a file for use with the internal web server
|
ppsk-self-reg |
Save a file to the private PSK self-registration web directory (Note: The HiveAP, as a private PSK server, uses these files to respond to self-registration requests.)
|
web-directory |
Save a file to a specific web directory
|
<string> |
Enter the web directory name
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save web-server-key <number> <location> [ comment <string> ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
web-server-key |
Save certificate files for the internal web server to use
|
<number> |
Enter key file index for the internal web server (Range : 0-15)
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
comment |
Enter a comment
|
<string> |
Enter a comment (max 64 chars)
|
save web-server-key <number> <url> [ comment <string> ] [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
web-server-key |
Save certificate files for the internal web server to use
|
<number> |
Enter key file index for the internal web server (Range : 0-15)
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
comment |
Set a comment about the certificate file
|
<string> |
Enter the comment (1-64 chars)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
save {capture} local <string> <location>
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
capture |
Save a packet capture file stored locally to a remote server
|
local |
Save a locally stored packet capture file to a remote server
|
<string> |
Enter the file name to upload to a remote server
|
<location> |
Enter the protocol, SCP user name, location, path, file name, and SCP port number (Range: 1-256 chars; Default SCP port number: 22; Format: tftp://location:path/filename, scp://username@location:path/filename or scp://username@location:port:path/filename)
|
save {capture} local <string> <url> [ admin <string> password <string> {basic|digest} ] [ proxy <string> [ proxy-admin <string> password <string> ] ]
|
save |
Save a configuration, HiveOS image, RADIUS database, or files used by the internal web, RADIUS servers, or packet capture tool
|
capture |
Save a packet capture file stored locally to a remote server
|
local |
Save a locally stored packet capture file to a remote server
|
<string> |
Enter the file name to upload to a remote server
|
<url> |
Enter the HTTP protocol, remote server domain name, port, directory path, and file name (Default port: 80; 1-256 chars; Format: http://domain/path/file, http://domain:port/path/file; Note: You can substitute 'https' for 'http'.)
|
admin |
Set the name of the server administrator
|
<string> |
Enter the administrator name (1-32 chars)
|
password |
Set the password for the server administrator
|
<string> |
Enter the server password (1-64 chars)
|
basic |
Set the access authentication scheme as basic, which appends a user name and password encoded with the Base64 algorithm to the authorization header in HTTP requests
|
digest |
Set the access authentication scheme as digest, which appends an MD5 checksum of the username, password, and other values to the authorization header in HTTP requests
|
proxy |
Set parameters for the HTTP proxy server
|
<string> |
Enter the domain name or IP address and, optionally, the port number for the HTTP proxy server (Max length: 64 chars; Format: domainname, ip_addr, domainname:port, or ip_addr:port)
|
proxy-admin |
Set the name of the proxy administrator
|
<string> |
Enter the proxy administrator name (1-32 chars)
|
password |
Set the password for the proxy administrator
|
<string> |
Enter the proxy password (1-64 chars)
|
schedule <string> once <date> <time> to <date> <time> [ time-zone <number> ] [ comment <string> ]
|
schedule |
Set a schedule to control the application of user profiles and the availability of SSIDs
|
<string> |
Enter a schedule name (1-32 chars)
|
once |
Set a one-time schedule
|
<date> |
Enter a start date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
<time> |
Enter a start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
to |
Set a date and time range
|
<date> |
Enter an end date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
<time> |
Enter an end time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
time-zone |
Set the time zone for the schedule (Note: If you do not specify a time zone, the time zone for the local system will be used.)
|
<number> |
Enter the time zone for the schedule (Default: 0; Range: -12 to 12)
|
comment |
Write a comment about the schedule for future reference
|
<string> |
Enter a comment about the schedule (max 128 chars)
|
schedule <string> ppsk once <date> <time> to <date> <time> [ time-zone <number> ] [ comment <string> ]
|
schedule |
Set a schedule to control the application of user profiles and the availability of SSIDs
|
<string> |
Enter a schedule name (1-32 chars)
|
ppsk |
Set a schedule to determine the validity period for the private PSK users to which the schedule is applied
|
once |
Set a one-time schedule
|
<date> |
Enter a start date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
<time> |
Enter a start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
to |
Set a date and time range
|
<date> |
Enter an end date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
<time> |
Enter an end time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
time-zone |
Set the time zone for the schedule (Note: If you do not specify a time zone, the time zone for the local system will be used.)
|
<number> |
Enter the time zone for the schedule (Default: 0; Range: -12 to 12)
|
comment |
Write a comment about the schedule for future reference
|
<string> |
Enter a comment about the schedule (max 128 chars)
|
schedule <string> ppsk recurrent [ date-range <date> [ to <date> ] ] [ weekday <string> ] time-range <time> to <time> [ time-range <time> to <time> ] [ time-zone <number> ] [ comment <string> ]
|
schedule |
Set a schedule to control the application of user profiles and the availability of SSIDs
|
<string> |
Enter a schedule name (1-32 chars)
|
ppsk |
Set a schedule to determine the validity period for the private PSK users to which the schedule is applied
|
recurrent |
Set a recurrent schedule
|
date-range |
Set dates to mark the start and end of the schedule (If you do not want to set start and end dates, do not use this option.)
|
<date> |
Enter a start date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
to |
Set a date range (If you do not want to set an end date, do not use this option.)
|
<date> |
Enter a end date for the schedule (Format: yyyy-mm-dd; Range: 1970-01-01 to 2035-12-31)
|
weekday |
Set the weekdays during which private PSK users are valid
|
<string> |
Enter one or more numbers to indicate which days the schedule is applied (1=Sunday, 2=Monday, ... 7=Saturday; Examples: 246=Monday, Wednesday, Friday; 23456=Monday-Friday; 1234567=everyday)
|
time-range |
Set a time range during which the schedule will be applied on each scheduled day
|
<time> |
Enter a start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
to |
Set a time range
|
<time> |
Enter a end time for the schedule,(Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
time-range |
Set a second time range for the schedule
|
<time> |
Enter a second start time for the schedule (Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
to |
Set a time range
|
<time> |
Enter a second end time for the schedule,(Format: hh:mm; Hour Range: 00-23; Minute Range: 00-59)
|
time-zone |
Set the time zone for the schedule (Note: If you do not specify a time zone, the time zone for the local system will be used.)
|
<number> |
Enter the time zone for the schedule (Default: 0; Range: -12 to 12)
|
comment |
Write a comment about the schedule for future reference
|
<string> |
Enter a comment about the schedule (max 128 chars)
|