This document provides a summary of the Aruba Instant 6.4.0.2-4.1 User Guide, including:
- An overview of Aruba Instant and supported devices.
- Details on new features in version 6.4.0.2-4.1 such as wireless network profiles and captive portal configurations.
- Instructions for initial configuration tasks like modifying the IAP name and location details.
- Sections on monitoring the network, configuring wireless and wired profiles, and authentication methods.
The user guide contains information to help users set up, configure, and manage an Instant network and IAP devices.
For WLANs to be able to reliably support mission-critical, high-throughput, or time-sensitive applications, RF interference must be continuously monitored. The WLAN must automatically and dynamically adapt to mitigate the effects of any interference in the environment. WLAN infrastructure has to provide the administrators with real-time, historical, and proactive visibility into the air to diagnose and mitigate interference. In this application note we will look at some of the tools that Aruba offers as a part of its WLAN solution that enable administrators to ensure reliable, high performing RF.
To learn more, visit us at http://www.arubanetworks.com/wlan. Join the discussion at https://community.arubanetworks.com
The document provides useful CLI commands for various functions on an Aruba network including:
- Enabling logging to troubleshoot processes like DHCP or user authentication.
- Checking interface, AP, and radio status and statistics.
- Viewing ARM neighbor reports and scan times.
- Examining user authentication details, roles, and dot1x configuration.
- Checking client connection details, data rates, and troubleshooting high retry counts or errors.
Aruba Central user may need a centralized web-server to host captive portal page for their distributed networks across the globe like coffee shops, restaurant or hotels. Aruba central 2.0 has a new feature called Cloud Guest or Guest Management that allows administrator to create a splash page for guest users using Web server and radius server running in the cloud.
Check out the webinar recording where this presentation was used:
https://community.arubanetworks.com/t5/Cloud-Managed-Networks/Airheads-Tech-Talks-Cloud-Guest-SSID-on-Aruba-Central/td-p/524320
The document discusses guest access configuration using ArubaOS captive portal capabilities. It describes the captive portal authentication process which uses initial and post-authentication roles to redirect users to a login page after getting an IP address. Guest provisioning allows non-IT staff to create guest accounts using the internal database for authentication. Amigopod provides additional advanced guest management features while the base ArubaOS supports basic functionality with authentication to a single controller's internal database.
In this presentation, we will cover ArubaOS’ AP Fast Failover feature, extended controller capacities, how to configure High Availability and several deployment models. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-ArubaOS-High-availability/td-p/286231
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
In this presentation, we will discuss the L3 Redundancy Requirement which primarily comes from customers who want to handle the complete Data Center Failure during natural disasters or other catastrophic events. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Layer-3-Redundancy-for-Mobility-Master-ArubaOS/td-p/382029
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
This webinar will cover how to bring up Aruba Mobility Master, Managed Device & Access Point and also go through some basic troubleshooting commands.Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-Bringing-up-Aruba-Mobility/td-p/307599
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
This document provides an overview and refresher on key concepts in 802.11 wireless networking, including:
- Wireless communications fundamentals like how channels work and the importance of avoiding co-channel interference
- Factors that impact wireless performance like available channels, channel widths, transmit power levels, and signal to noise ratios
- How lower signal to noise ratios can cause clients to downgrade their data rates, impacting overall channel performance
- A brief discussion of access point planning and placement as well as client roaming behaviors
For WLANs to be able to reliably support mission-critical, high-throughput, or time-sensitive applications, RF interference must be continuously monitored. The WLAN must automatically and dynamically adapt to mitigate the effects of any interference in the environment. WLAN infrastructure has to provide the administrators with real-time, historical, and proactive visibility into the air to diagnose and mitigate interference. In this application note we will look at some of the tools that Aruba offers as a part of its WLAN solution that enable administrators to ensure reliable, high performing RF.
To learn more, visit us at http://www.arubanetworks.com/wlan. Join the discussion at https://community.arubanetworks.com
The document provides useful CLI commands for various functions on an Aruba network including:
- Enabling logging to troubleshoot processes like DHCP or user authentication.
- Checking interface, AP, and radio status and statistics.
- Viewing ARM neighbor reports and scan times.
- Examining user authentication details, roles, and dot1x configuration.
- Checking client connection details, data rates, and troubleshooting high retry counts or errors.
Aruba Central user may need a centralized web-server to host captive portal page for their distributed networks across the globe like coffee shops, restaurant or hotels. Aruba central 2.0 has a new feature called Cloud Guest or Guest Management that allows administrator to create a splash page for guest users using Web server and radius server running in the cloud.
Check out the webinar recording where this presentation was used:
https://community.arubanetworks.com/t5/Cloud-Managed-Networks/Airheads-Tech-Talks-Cloud-Guest-SSID-on-Aruba-Central/td-p/524320
The document discusses guest access configuration using ArubaOS captive portal capabilities. It describes the captive portal authentication process which uses initial and post-authentication roles to redirect users to a login page after getting an IP address. Guest provisioning allows non-IT staff to create guest accounts using the internal database for authentication. Amigopod provides additional advanced guest management features while the base ArubaOS supports basic functionality with authentication to a single controller's internal database.
In this presentation, we will cover ArubaOS’ AP Fast Failover feature, extended controller capacities, how to configure High Availability and several deployment models. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-ArubaOS-High-availability/td-p/286231
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
In this presentation, we will discuss the L3 Redundancy Requirement which primarily comes from customers who want to handle the complete Data Center Failure during natural disasters or other catastrophic events. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Layer-3-Redundancy-for-Mobility-Master-ArubaOS/td-p/382029
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
This webinar will cover how to bring up Aruba Mobility Master, Managed Device & Access Point and also go through some basic troubleshooting commands.Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-Bringing-up-Aruba-Mobility/td-p/307599
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
This document provides an overview and refresher on key concepts in 802.11 wireless networking, including:
- Wireless communications fundamentals like how channels work and the importance of avoiding co-channel interference
- Factors that impact wireless performance like available channels, channel widths, transmit power levels, and signal to noise ratios
- How lower signal to noise ratios can cause clients to downgrade their data rates, impacting overall channel performance
- A brief discussion of access point planning and placement as well as client roaming behaviors
The document provides setup instructions for deploying and configuring an Aruba Instant wireless network. It describes how to set up the initial access point which will run the virtual controller software. Additional access points will automatically inherit settings from the virtual controller. The instructions also cover creating basic employee and guest wireless networks with options for security, client IP assignment, and access controls. The process involves a simple four step configuration for each network's basic info, IP settings, security, and access rules.
This document provides an overview of Aruba ClearPass and its access management capabilities. It discusses ClearPass' policy model and how it uses context such as identity, device, and location to enable granular, role-based access policies. It covers ClearPass' authorization features and how it profiles devices to incorporate that data into policies. The document also reviews ClearPass clustering functionality and considerations for deployment and operations.
In this presentation, we will cover an overview of ArubaOS 8.x Licensing from Supported/ Unsupported Topology to Server Failover behaviour and license generation and transfer.
Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-How-Licensing-works-in/td-p/306162
In this presentation, we will cover ArubaOS' Cluster Manager, a combination of multiple managed devices working together to provide high availability to all the clients and ensure service continuity when a failover occurs. Check out the webinar recording where this presentation was used:
http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-ArubaOS-Cluster-Manager/td-p/297761
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
VIA configuration involves enabling the VPN server module, creating VIA user roles, authentication profiles, connection profiles, and associating connection profiles to user roles. It also includes configuring VIA web authentication and client WLAN profiles. Setting up these VIA components allows remote users to securely connect to an enterprise network using the VIA connection manager client.
The document provides tips for troubleshooting and optimizing Aruba wireless networks. It discusses segmental troubleshooting of users, APs, controllers and processes. It also covers optimizing AP stability, system profiles and load on processes. Additionally, it provides guidance on datapath debugging, deployment tips and using the Aruba Support Assistant (ASE) for troubleshooting.
VXLAN is a protocol that allows large numbers of virtual LANs to be overlaid on a physical network by encapsulating Ethernet frames within UDP packets and transporting them over an IP network. It addresses the scalability limitations of VLANs in large multi-tenant cloud environments by using a 24-bit segment ID rather than a 12-bit VLAN ID. The document provides an overview of VXLAN, why it is used, key concepts like VTEPs and VNIs, and demonstrations of VXLAN configuration on Cisco and Arista switches.
Moving towards a new Wi-Fi technology does not have to be too much of an undertaking. Of course, that's assuming great deal of planning and attention to detail in terms of defining the clear steps on how to get there. In this session we will discuss 802.11ac placement, Wi-Fi coverage and capacity planning for 802.11ac devices and how to take advantage of 802.11ac transmit beamforming
To learn more, visit us at http://www.arubanetworks.com/wlan. Join the discussion at https://community.arubanetworks.com
In this day and age, it's probably a good idea to get your WLAN ready for voice and video. And it's also a good idea to classify and prioritize web applications based on policies you set. Protecting your mobile devices and network infrastructure against outside or inside attacks needs to be part of the plan, too. Join to us to learn more about these and other functions of Aruba's policy enforcement firewall integrated to its access points, switches, and controllers.
In this presentation, we will be debugging Aruba RAP commands, run through troubleshooting and logs and tackle RAP clusters.
Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-Aruba-Remote-Access-Point-RAP/td-p/310448
Clustering is a new feature introduced in AOS 8.0 that enables seamless roaming of clients between APs, hitless client failover and load balancing of users across Mobility Controllers in the cluster. This solution provides the configuration required to create a cluster of Mobility Controllers that are managed by the same Mobility Master.
Check out the webinar recording where this presentation was used:
https://community.arubanetworks.com/t5/Wired-Intelligent-Edge-Campus/Airheads-Tech-Talks-Advanced-Clustering-in-AOS-8-x/td-p/506441
This presentation will offer an overview on what are the frequently occurring 802.1x authentication based issues and how to quickly diagnose/troubleshoot the IAP WLAN network. Check out the webinar recording where this presentation was used. https://attendee.gotowebinar.com/register/5818157412807394306
This Solution Guide describes best practices for implementing an Aruba 802.11 wireless network that supports thousands of highly mobile devices (HMDs) such as Wi-Fi phones, handheld scanning terminals, voice badges, and computers mounted to vehicles. It describes the design principles particular to keeping devices that are in constant motion connected to the network as well as best practices for configuring Aruba Networks controllers and the mobile devices. The comprehensive guide addresses six areas of network planning to ensure a high quality of service for roaming data and voice sessions: device configuration, airtime optimization, roaming optimization, IP mobility configuration, IP multicast configuration, and interference resistance. A detailed troubleshooting section covers common issues that arise with these types of WLANs.
To learn more, visit us at http://www.arubanetworks.com/wlan. Join the discussion at https://community.arubanetworks.com
This document provides an overview of initial Big-IP configuration including hardware, licensing, file system, and basic network and management configuration. It also covers traffic processing concepts like pools, nodes, virtual servers and load balancing methods. Monitoring functionality and types of monitors like address, service, content and interactive are described. The document shows how to configure and assign different monitors to nodes, pool members and pools. It explains the status icons for monitor states like available, offline, unknown and unavailable.
This document provides instructions for integrating Aruba wireless controllers with ClearPass Policy Manager version 6.0.1. The 10 step process includes: 1) configuring the Aruba controller, 2) adding ClearPass as a RADIUS server, 3) creating server groups, 4) defining roles, 5) setting firewall policies, 6) configuring authentication profiles, 7) associating profiles with SSIDs, 8) configuring guest access in ClearPass, 9) testing the 802.1x SSID, and 10) testing the guest SSID. The document also covers advanced features like controller login authentication and RADIUS enforcement.
AirWave can be optimally configured to manage Aruba infrastructure by:
1. Disabling SNMP rate limiting to improve polling intervals.
2. Entering required credentials like SNMP strings and Telnet/SSH credentials.
3. Setting recommended SNMP timeouts and retries.
4. Enabling support for channel utilization and statistics in AirWave and on Aruba controllers.
This document provides instructions for creating a Spectrum Analysis AP Group and configuring APs within that group for spectrum monitoring. It involves the following steps:
1. Create a new AP Group called "spect" from the controller CLI and clone the default settings.
2. Edit the new "spect" AP Group in the GUI, changing the radio profiles to "spectrum-mode" and saving them with new names ("spect").
3. APs added to the "spect" group can then be selected on the Spectrum Analysis page to monitor specific frequency bands in real-time. Various display options like real-time FFT and spectrogram are available.
4. The same process can create an "airmon
During this presentation, we will cover a deep dive into Aruba Central and its features. Check out the webinar recording where this presentation was used:
https://community.arubanetworks.com/t5/Cloud-Managed-Networks/Technical-Webinar-Advance-Aruba-Central/m-p/496064
The document provides information about Aruba Mobility Controllers, including:
- It describes the operating model, management, network services, aggregation, and network access functions of the Mobility Controller.
- It introduces the various Mobility Controller models including the 7200, 6000, 3000, and 600 series. The 7200 can support the most devices and tunnels while the 600 is designed for small branch offices.
- It explains the master/local controller hierarchy where one master distributes configuration to local controllers to reduce administrative overhead.
This document provides an overview and user guide for ArubaOS 7.3. It covers system basics, profiles management, interface configuration and management, stacking, VLANs, port channels, OAM, and other features. The document includes sections on legal notices, open source software, warranty, and copyright. It provides configuration examples and instructions for using both the CLI and web interface.
This document provides an overview and user guide for ArubaOS 6.4. It includes sections on fundamentals, deployment scenarios, configuring the controller, control plane security, software licenses, network configuration parameters, and IPv6 support. The document notes copyright information and open source code used by Aruba products. It also includes legal notices regarding VPN termination and warranty information.
The document provides setup instructions for deploying and configuring an Aruba Instant wireless network. It describes how to set up the initial access point which will run the virtual controller software. Additional access points will automatically inherit settings from the virtual controller. The instructions also cover creating basic employee and guest wireless networks with options for security, client IP assignment, and access controls. The process involves a simple four step configuration for each network's basic info, IP settings, security, and access rules.
This document provides an overview of Aruba ClearPass and its access management capabilities. It discusses ClearPass' policy model and how it uses context such as identity, device, and location to enable granular, role-based access policies. It covers ClearPass' authorization features and how it profiles devices to incorporate that data into policies. The document also reviews ClearPass clustering functionality and considerations for deployment and operations.
In this presentation, we will cover an overview of ArubaOS 8.x Licensing from Supported/ Unsupported Topology to Server Failover behaviour and license generation and transfer.
Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-How-Licensing-works-in/td-p/306162
In this presentation, we will cover ArubaOS' Cluster Manager, a combination of multiple managed devices working together to provide high availability to all the clients and ensure service continuity when a failover occurs. Check out the webinar recording where this presentation was used:
http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-ArubaOS-Cluster-Manager/td-p/297761
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
VIA configuration involves enabling the VPN server module, creating VIA user roles, authentication profiles, connection profiles, and associating connection profiles to user roles. It also includes configuring VIA web authentication and client WLAN profiles. Setting up these VIA components allows remote users to securely connect to an enterprise network using the VIA connection manager client.
The document provides tips for troubleshooting and optimizing Aruba wireless networks. It discusses segmental troubleshooting of users, APs, controllers and processes. It also covers optimizing AP stability, system profiles and load on processes. Additionally, it provides guidance on datapath debugging, deployment tips and using the Aruba Support Assistant (ASE) for troubleshooting.
VXLAN is a protocol that allows large numbers of virtual LANs to be overlaid on a physical network by encapsulating Ethernet frames within UDP packets and transporting them over an IP network. It addresses the scalability limitations of VLANs in large multi-tenant cloud environments by using a 24-bit segment ID rather than a 12-bit VLAN ID. The document provides an overview of VXLAN, why it is used, key concepts like VTEPs and VNIs, and demonstrations of VXLAN configuration on Cisco and Arista switches.
Moving towards a new Wi-Fi technology does not have to be too much of an undertaking. Of course, that's assuming great deal of planning and attention to detail in terms of defining the clear steps on how to get there. In this session we will discuss 802.11ac placement, Wi-Fi coverage and capacity planning for 802.11ac devices and how to take advantage of 802.11ac transmit beamforming
To learn more, visit us at http://www.arubanetworks.com/wlan. Join the discussion at https://community.arubanetworks.com
In this day and age, it's probably a good idea to get your WLAN ready for voice and video. And it's also a good idea to classify and prioritize web applications based on policies you set. Protecting your mobile devices and network infrastructure against outside or inside attacks needs to be part of the plan, too. Join to us to learn more about these and other functions of Aruba's policy enforcement firewall integrated to its access points, switches, and controllers.
In this presentation, we will be debugging Aruba RAP commands, run through troubleshooting and logs and tackle RAP clusters.
Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-Aruba-Remote-Access-Point-RAP/td-p/310448
Clustering is a new feature introduced in AOS 8.0 that enables seamless roaming of clients between APs, hitless client failover and load balancing of users across Mobility Controllers in the cluster. This solution provides the configuration required to create a cluster of Mobility Controllers that are managed by the same Mobility Master.
Check out the webinar recording where this presentation was used:
https://community.arubanetworks.com/t5/Wired-Intelligent-Edge-Campus/Airheads-Tech-Talks-Advanced-Clustering-in-AOS-8-x/td-p/506441
This presentation will offer an overview on what are the frequently occurring 802.1x authentication based issues and how to quickly diagnose/troubleshoot the IAP WLAN network. Check out the webinar recording where this presentation was used. https://attendee.gotowebinar.com/register/5818157412807394306
This Solution Guide describes best practices for implementing an Aruba 802.11 wireless network that supports thousands of highly mobile devices (HMDs) such as Wi-Fi phones, handheld scanning terminals, voice badges, and computers mounted to vehicles. It describes the design principles particular to keeping devices that are in constant motion connected to the network as well as best practices for configuring Aruba Networks controllers and the mobile devices. The comprehensive guide addresses six areas of network planning to ensure a high quality of service for roaming data and voice sessions: device configuration, airtime optimization, roaming optimization, IP mobility configuration, IP multicast configuration, and interference resistance. A detailed troubleshooting section covers common issues that arise with these types of WLANs.
To learn more, visit us at http://www.arubanetworks.com/wlan. Join the discussion at https://community.arubanetworks.com
This document provides an overview of initial Big-IP configuration including hardware, licensing, file system, and basic network and management configuration. It also covers traffic processing concepts like pools, nodes, virtual servers and load balancing methods. Monitoring functionality and types of monitors like address, service, content and interactive are described. The document shows how to configure and assign different monitors to nodes, pool members and pools. It explains the status icons for monitor states like available, offline, unknown and unavailable.
This document provides instructions for integrating Aruba wireless controllers with ClearPass Policy Manager version 6.0.1. The 10 step process includes: 1) configuring the Aruba controller, 2) adding ClearPass as a RADIUS server, 3) creating server groups, 4) defining roles, 5) setting firewall policies, 6) configuring authentication profiles, 7) associating profiles with SSIDs, 8) configuring guest access in ClearPass, 9) testing the 802.1x SSID, and 10) testing the guest SSID. The document also covers advanced features like controller login authentication and RADIUS enforcement.
AirWave can be optimally configured to manage Aruba infrastructure by:
1. Disabling SNMP rate limiting to improve polling intervals.
2. Entering required credentials like SNMP strings and Telnet/SSH credentials.
3. Setting recommended SNMP timeouts and retries.
4. Enabling support for channel utilization and statistics in AirWave and on Aruba controllers.
This document provides instructions for creating a Spectrum Analysis AP Group and configuring APs within that group for spectrum monitoring. It involves the following steps:
1. Create a new AP Group called "spect" from the controller CLI and clone the default settings.
2. Edit the new "spect" AP Group in the GUI, changing the radio profiles to "spectrum-mode" and saving them with new names ("spect").
3. APs added to the "spect" group can then be selected on the Spectrum Analysis page to monitor specific frequency bands in real-time. Various display options like real-time FFT and spectrogram are available.
4. The same process can create an "airmon
During this presentation, we will cover a deep dive into Aruba Central and its features. Check out the webinar recording where this presentation was used:
https://community.arubanetworks.com/t5/Cloud-Managed-Networks/Technical-Webinar-Advance-Aruba-Central/m-p/496064
The document provides information about Aruba Mobility Controllers, including:
- It describes the operating model, management, network services, aggregation, and network access functions of the Mobility Controller.
- It introduces the various Mobility Controller models including the 7200, 6000, 3000, and 600 series. The 7200 can support the most devices and tunnels while the 600 is designed for small branch offices.
- It explains the master/local controller hierarchy where one master distributes configuration to local controllers to reduce administrative overhead.
This document provides an overview and user guide for ArubaOS 7.3. It covers system basics, profiles management, interface configuration and management, stacking, VLANs, port channels, OAM, and other features. The document includes sections on legal notices, open source software, warranty, and copyright. It provides configuration examples and instructions for using both the CLI and web interface.
This document provides an overview and user guide for ArubaOS 6.4. It includes sections on fundamentals, deployment scenarios, configuring the controller, control plane security, software licenses, network configuration parameters, and IPv6 support. The document notes copyright information and open source code used by Aruba products. It also includes legal notices regarding VPN termination and warranty information.
This document provides a user guide for the ArubaOS 6.3 operating system. It includes sections on fundamentals, deployment scenarios, configuring controllers and networks, control plane security, software licenses, and network configuration parameters. The summary provides high-level information about the document contents and structure but does not include all details.
This document is the user guide for AirWave 8.2.10. It begins with an introduction and overview of the key features and capabilities of AirWave. The bulk of the document then provides step-by-step instructions for configuring various aspects of AirWave including networks, devices, users, monitoring, alerts, reporting and more. It also includes references to logs, documentation and other troubleshooting resources.
This document provides an overview and user guide for ClearPass Guest 6.3. It includes sections on guest management processes, device management, onboarding and workspace features, digital passes, email receipts, customizing forms and interfaces, hotspot management, administration settings, and more. The document outlines the key capabilities and features of ClearPass Guest and provides instructions and examples for common configuration and customization tasks.
This document is the user guide for ClearPass Guest 6.4. It provides an overview of ClearPass Guest functionality and features for visitor management, device provisioning, and customizing the guest portal. The guide covers topics such as guest self-registration, device registration, digital passes, advertising services, and system administration. It is intended to help users understand and utilize the various ClearPass Guest modules.
This guide covers the deployment of Aruba remote access points (RAP) in fixed telecommuter and micro branch office sites, and it is considered part of the base designs guides within the VRD core technologies series. This guide covers the design recommendations for remote network deployment and it explains the various configurations needed to implement a secure, high-performance virtual branch office (VBN) solution with Aruba RAPs.
This guide covers the deployment of Aruba remote access points (RAP) in fixed telecommuter and micro branch office sites, and it is considered part of the base designs guides within the VRD core technologies series. This guide covers the design recommendations for remote network deployment and it explains the various configurations needed to implement a secure, high-performance virtual branch office (VBN) solution with Aruba RAPs.
This document provides a summary of the ClearPass Policy Manager 6.3 User Guide. It includes sections on common tasks in Policy Manager such as importing, exporting, and resetting passwords. It also summarizes the main components of Policy Manager including monitoring, accounting, analysis and trending, identity, policy modeling, services, authentication and authorization, posture, enforcement, network access devices, and proxy targets. The document is a user guide that assists users in configuring and using the ClearPass Policy Manager system.
This document is the ClearPass Policy Manager 6.3 User Guide. It provides an overview of common tasks in Policy Manager such as importing, exporting, powering up the hardware, resetting passwords, and generating support keys. It also summarizes the main components of Policy Manager including the dashboard, monitoring, accounting, analysis and trending, audit viewer, event viewer, and data filters. Finally, it provides high-level summaries of the policy model, services, authentication and authorization, identity configurations, posture, enforcement, network access devices, and proxy targets.
This document provides a software configuration guide for Cisco Aironet 340 and 350 series access point radios and Ethernet interfaces. It includes instructions for configuring basic settings like the system name and SSID, radio settings, VLAN configuration, filters and quality of service settings, Proxy Mobile IP, and other optional settings. The document also covers security configuration such as setting up WEP, enabling additional security features, and configuring different authentication types including open, shared key, EAP, and MAC-based authentication.
The document provides an overview of new commands, modified commands, and deprecated commands in the ArubaOS 6.4 Command-Line Interface. It also describes how to connect to the controller using the serial port or Telnet/SSH, navigate between different command modes, and get help with commands.
The document introduces Aruba's Virtual Branch Network solution which virtualizes complex network operations in the data center and extends services securely to branch offices and teleworkers. This provides dedicated network infrastructure control and experience at a lower cost than traditional solutions. Remote deployments are simplified for IT to manage while supporting a distributed workforce across varying device types from a centralized management system.
This document provides an overview and conceptual information about ExtremeXOS and its features. It covers topics such as switch management, software management, stack configuration, port and slot configuration, protocols, security, quality of service, routing, and more. The document is intended to help readers understand fundamental ExtremeXOS concepts.
This guide covers the deployment of Aruba WLAN in a typical campus network, and it is considered part of the base designs guides within the VRD core technologies series. This guide covers the design recommendations for a campus deployment and it explains the various configurations needed to implement the Aruba secure, high-performance, multimedia grade WLAN solution in large campuses.
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Netgear Italia
The document introduces the WAC720 and WAC730 dual band 802.11ac wireless access points from NETGEAR. The WAC730 supports up to 1.7Gbps throughput and the WAC720 supports up to 867Mbps. They are designed for small to medium enterprises, schools, hospitals, and retail stores. The access points support features like beamforming, band steering, Bonjour, and captive portal. They can also be managed as part of an "Ensemble" which allows centralized management of up to 10 access points without a separate wireless controller.
This guide details the advanced guest access features available to organizations through the combination of Aruba’s Amigopod and Mobility Controller solutions. This includes details of workflow management, RADIUS configuration, AAA configuration, and testing of the solution. This guide builds on the network defined in the Campus VRD.
To learn more, visit us at http://www.arubanetworks.com/wlan. Join the discussion at https://community.arubanetworks.com
This document provides instructions for configuring and using the Linksys SPA9000 IP PBX and SPA400 PSTN gateway. It includes information on hardware setup, initial configuration using the setup wizard, configuring voice services and voicemail, advanced features of the SPA9000 like auto-attendant and hunt groups, and a field reference for administration settings. The document is intended for service providers, VARs, system administrators, and others who need to install and manage the Linksys voice system.
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for businessPaul Evans
Delivering a scalable open-source IoT frameworks that fits your business needs can be challenging. Meet the Creator IoT-in-a-box development platform. Hardware and software delivering a complete end-to-end open-source IoT framework, designed to fit the needs of businesses looking integrate IoT solutions, right off-the-shelf. Beyond simply connecting a single device to your phone, businesses need to be able to securely scale and inter-operate with existing equipment. Using open standards such as LWM2M and IPSO objects in a secure environment, over multiple radio standards such as Wi-Fi, Bluetooth, 802.15.4 and many others for that matter, is fast becoming a must for commercial operations who need to own their own destiny and future-proof their solutions. Find out more about the Creator Ci40 IoT-in-a-box development kits and open source Creator IoT framework with this presentation.
Similar to Aruba instant 6.4.0.2 4.1 user guide (20)
ClearPass OnGuard agents perform endpoint posture assessment and ensure that compliance is met before granting access to the network. This session will cover the ClearPass OnGuard Agent components and work-flow in detail.
Check out the webinar recording where this presentation was used:
https://community.arubanetworks.com/t5/Security/Airheads-Tech-Talks-Understanding-ClearPass-OnGuard-Agents/td-p/524288
During this webinar, we will cover AppRF - a suite of application visibility and control features that are part of Aruba's Policy Enforcement Firewall. AppRF is a PEF feature that is designed to give network administrators insight into the applications that are running on their network, and who is using them. Check out the webinar recording where this presentation was used:
https://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Aruba-AppRF-AOS-6-x-amp-8-x/td-p/490800
This document discusses ArubaOS switch stacking, including:
- Backplane stacking allows connecting multiple switches together to simplify operations and optimize uplink usage.
- Topologies supported are chain, ring, and mesh, with ring and mesh recommended for redundancy.
- Key functions of stacking include topology discovery, electing a commander and standby, managing members, and handling splits.
- Specific switch models like the 3800 and 2900 series support backplane stacking of up to 10 units in ring topology with stacking throughput of up to 160Gbps.
In this presentation, we will discuss how IEEE standard 802.3ad and its implications allow third-party devices such as switches, servers, or any other networking device that supports trunking to interoperate with the distributed trunking switches (DTSs) seamlessly. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wired-Intelligent-Edge-Campus/Technical-Webinar-LACP-and-distributed-LACP-ArubaOS-Switch/td-p/458170
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
In this presentation, e will discuss AirWave 10, a new software build that lets us streamline code, add performance, clustering. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Network-Management/Technical-Webinar-Introduction-to-AirWave-10/td-p/454762
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
In this presentation, we will discuss how Virtual Switching Framework (VSF) allows supported switches connected to each other through Ethernet connections (copper or fibre) to behave like a single chassis switch. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Controllerless-Networks/Technical-Webinar-Virtual-Switching-Framework-ArubaOS-Switch/td-p/445696
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
In this presentation, we will cover the Central platform which provides a standard Web-based interface that allows you to configure and monitor multiple Aruba Instant networks / Switches from anywhere with a connection to the Internet. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Cloud-Managed-Networks/Technical-Webinar-Aruba-Central-with-Instant-AP/td-p/429366
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
In this presentation, we will discuss how AirGroup configurations have changed to support hierarchical configuration in release 8.2. AirGroup configs will now be profile based and can be applied at any node. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-AirGroup-profiling-changes-across-8-1-amp-8-2/td-p/417153
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
In this presentation, we will explore the RESTApi as the ClearPass API integrations and further developments are more focused to RESTApi than the other existing API services like xml-rpc, SOAP, etc.Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Security/Technical-Webinar-Getting-Started-with-the-ClearPass-REST-API/td-p/410214
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
During this webinar, we will discuss how starting from ArubaOS 8.2.0.0, selected APs can run in both controller-based mode and controller-less mode and the implications tied to that. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-AP-Discovery-amp-Deployment-Policy-ArubaOS-8-x/m-p/394540/
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
This document discusses managed device deployment at branch offices using Aruba branch controllers. It provides an overview of how branch controllers connect to a master controller via an internet modem and establish communication. It also covers branch controller and VPN concentrator configuration in Aruba OS versions 6.x and 8.x, including initial setup, zero touch provisioning, and debugging tools. Additional topics include address pool management for VLANs, tunnels, NAT, and DHCP to allow for dynamic IP assignment at branch office deployments.
The existing channel and power assignment functions in ARM support channel scanning, channel assignment and power adjustments, locally. Decisions are made locally at the AP without looking at the entire network. Thanks to the dynamic machine learning techniques, AirMatch centralises this function in the Mobility Master while dynamically learning the network and adapting the RF planning for the entire network. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-What-does-AirMatch-do/td-p/314413
This document provides an overview and introduction to the Aruba 8400 switch, which is designed for campus core and aggregation applications. It describes the hardware architecture including line cards, management modules, fabric modules, and power supplies. It also discusses the software architecture of ArubaOS-CX running on the 8400 and its high availability, programmability, security, and analytics capabilities. Example deployments of the 8400 as a campus core and aggregation solution are shown.
These slides were used during our Airheads Meetup Event at Jaarbeurs Utrecht on October 27th 2017.
If you have ideas, new speaker topics and recommendations for the events, please help us to improve for next year’s event by commenting on the community page: http://community.arubanetworks.com/t5/Wireless-Access/Airheads-Technical-Event-The-Netherlands-October-27th-2017/m-p/313566#M75870
These slides were used during our Airheads Meetup Event at Jaarbeurs Utrecht on October 27th 2017.
If you have ideas, new speaker topics and recommendations for the events, please help us to improve for next year’s event by commenting on the community page: http://community.arubanetworks.com/t5/Wireless-Access/Airheads-Technical-Event-The-Netherlands-October-27th-2017/m-p/313566#M75870
These slides were used during our Airheads Meetup Event at Jaarbeurs Utrecht on October 27th 2017.
If you have ideas, new speaker topics and recommendations for the events, please help us to improve for next year’s event by commenting on the community page: http://community.arubanetworks.com/t5/Wireless-Access/Airheads-Technical-Event-The-Netherlands-October-27th-2017/m-p/313566#M75870
The document discusses configuring different APIs in Aruba 8.x. It provides an overview of configuration and context APIs, including REST APIs and NBAPIs. It describes using APIs to get and set configuration parameters via the GUI, CLI, and curl commands. Examples are given of retrieving data via show commands and posting multiple configuration objects at once. The role of the NBAPI helper process in handling location context data is also summarized.
In this presentation, we will cover basic requirements and supported topologies for Multizone AP, how to bring up APs in multi version and how the AP's image upgrade differs in 8.x
Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-Multi-zone-AP-and-Centralized/td-p/308499
In this presentation, we will run through the 8.x Architecture configuration model and share some UI navigation features such as managed controllers and spectrum monitoring, geolocation and maps.
Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-Aruba-8-x-Architecture/td-p/302349
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
In this presentation, we will cover the IAP-VPN architecture which includes the following two components: IAPs at branch sites and controller at the data center. Check out the webinar recording where this presentation was used: https://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Recording-Slides-Aruba-Instant-AP-VPN/m-p/300742
Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908
More from Aruba, a Hewlett Packard Enterprise company (20)
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
3. Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 3
Contents
Contents 3
About this Guide 28
Intended Audience 28
Related Documents 28
Conventions 28
Contacting Support 29
About Aruba Instant 30
Instant Overview 30
Supported Devices 30
Instant UI 31
Instant CLI 31
What is New in Aruba Instant 6.4.0.2-4.1 32
Setting up an IAP 34
Setting up Instant Network 34
Connecting an IAP 34
Assigning an IP address to the IAP 34
Assigning a Static IP 35
Connecting to a Provisioning Wi-Fi Network 35
IAP Cluster 35
Disabling the Provisioning Wi-Fi Network 36
Logging in to the Instant UI 36
Regulatory Domains 37
Country Code 37
Specifying Country Code 40
Accessing the Instant CLI 40
Connecting to a CLI Session 41
Applying Configuration Changes 41
Example: 41
4. 4 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
Using Sequence Sensitive Commands 42
Instant User Interface 43
Login Screen 43
Logging into the Instant UI 43
Viewing Connectivity Summary 43
Language 43
Main Window 44
Banner 44
Search 44
Tabs 44
Networks Tab 45
Access Points Tab 45
Clients Tab 46
Links 46
New Version Available 46
System 47
RF 48
Security 49
Maintenance 50
More 51
VPN 51
IDS 52
Wired 53
Services 53
DHCP Server 54
Support 55
Help 56
Logout 56
Monitoring 56
Info 56
RF Dashboard 58
RF Trends 59
Usage Trends 60
5. Mobility Trail 65
Client Match 65
AppRF 66
Spectrum 66
Alerts 66
IDS 70
AirGroup 71
Configuration 71
AirWave Setup 72
Aruba Central 72
Pause/Resume 72
Views 72
Initial Configuration Tasks 73
Basic Configuration Tasks 73
Modifying the IAP Name 73
In the Instant UI 74
In the CLI 74
Updating Location Details of an IAP 74
In the Instant UI 74
In the CLI 74
Configuring a Preferred Band 74
In the Instant UI 74
In the CLI 74
Configuring Virtual Controller IP Address 75
In the Instant UI 75
In the CLI 75
Configuring Timezone 75
In the Instant UI 75
In the CLI 75
Configuring an NTP Server 75
In the Instant UI 76
In the CLI 76
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 5
6. 6 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
Enabling AppRF Visibility 76
Changing Password 76
In the Instant UI 76
In the CLI 76
Additional Configuration Tasks 77
Configuring Virtual Controller VLAN 77
In the Instant UI 78
In the CLI 78
Configuring Auto Join Mode 78
Enabling or Disabling Auto Join Mode 78
In the Instant UI 78
In the CLI 78
Configuring Terminal Access 79
In the Instant UI 79
In the CLI 79
Configuring Console Access 79
In the Instant UI 79
In the CLI 79
Configuring LED Display 80
In the Instant UI 80
In the CLI 80
Configuring Additional WLAN SSIDs 80
Enabling the Extended SSID 80
In the Instant UI 80
In the CLI 81
Preventing Inter-user Bridging 81
In the Instant UI 81
In the CLI 81
Preventing Local Routing between Clients 81
In the Instant UI 81
In the CLI 82
Enabling Dynamic CPU Management 82
7. In the Instant UI 82
In the CLI 82
Customizing IAP Settings 83
Modifying the IAP Hostname 83
In the Instant UI 83
In the CLI 83
Configuring Zone Settings on an IAP 83
In the Instant UI 84
In the CLI 84
Specifying a Method for Obtaining IP Address 84
In the Instant UI 84
In the CLI 85
Configuring External Antenna 85
EIRP and Antenna Gain 85
Example 85
Configuring Antenna Gain 85
In the Instant UI 85
In the CLI 86
Configuring Radio Profiles for an IAP 86
Configuring ARM Assigned Radio Profiles for an IAP 86
Configuring Radio Profiles Manually for IAP 86
In the CLI 87
Configuring Uplink VLAN for an IAP 87
In the Instant UI 87
In the CLI 88
Master Election and Virtual Controller 88
Master Election Protocol 88
Preference to an IAP with 3G/4G Card 88
Preference to an IAP with Non-Default IP 89
Viewing Master Election Details 89
Manual Provisioning of Master IAP 89
Provisioning an IAP as a Master IAP 89
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 7
8. 8 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
In the Instant UI 89
In the CLI 89
Adding an IAP to the Network 90
Removing an IAP from the Network 90
VLAN Configuration 91
VLAN Pooling 91
Uplink VLAN Monitoring and Detection on Upstream Devices 91
Wireless Network Profiles 92
Configuring Wireless Network Profiles 92
Network Types 92
Configuring WLAN Settings for an SSID Profile 92
In the Instant UI 93
In the CLI 95
Configuring VLAN Settings for a WLAN SSID Profile 96
In the Instant UI 96
In the CLI 97
Configuring Security Settings for a WLAN SSID Profile 98
Configuring Security Settings for an Employee or Voice Network 98
In the Instant UI 98
In the CLI 102
Configuring Access Rules for a WLAN SSID Profile 103
In the Instant UI 104
In the CLI 104
Example 105
Configuring Fast Roaming for Wireless Clients 105
Opportunistic Key Caching 105
Configuring an IAP for OKC Roaming 105
In the Instant UI 106
In the CLI 106
Fast BSS Transition (802.11r Roaming) 106
Configuring an IAP for 802.11r support 107
In the Instant UI 107
In the CLI 107
9. Example 107
Radio Resource Management (802.11k) 107
Beacon Report Requests and Probe Responses 108
Configuring a WLAN SSID for 802.11k Support 108
In the Instant UI 108
In the CLI 108
Example 108
BSS Transition Management (802.11v) 108
Configuring a WLAN SSID for 802.11v Support 108
In the Instant UI 109
In the CLI 109
Example 109
Editing Status of a WLAN SSID Profile 109
In the Instant UI 109
In the CLI 109
Editing a WLAN SSID Profile 109
Deleting a WLAN SSID Profile 110
Wired Profiles 111
Configuring a Wired Profile 111
Configuring Wired Settings 111
In the Instant UI 111
In the CLI 112
Configuring VLAN for a Wired Profile 113
In the Instant UI 113
In the CLI 113
Configuring Security Settings for a Wired Profile 114
Configuring Security Settings for a Wired Employee Network 114
In the Instant UI 114
In the CLI 114
Configuring Access Rules for a Wired Profile 115
In the Instant UI 115
In the CLI 115
Assigning a Profile to Ethernet Ports 116
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 9
10. 10 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
In the Instant UI 116
In the CLI 116
Editing a Wired Profile 116
Deleting a Wired Profile 117
Link Aggregation Control Protocol for IAP-220 Series 117
Understanding Hierarchical Deployment 118
Captive Portal for Guest Access 120
Understanding Captive Portal 120
Types of Captive Portal 120
Walled Garden 121
Configuring a WLAN SSID for Guest Access 121
In the Instant UI 121
In the CLI 124
Configuring Wired Profile for Guest Access 125
In the Instant UI 125
In the CLI 126
Configuring Internal Captive Portal for Guest Network 126
In the Instant UI 127
In the CLI 128
Configuring External Captive Portal for a Guest Network 129
External Captive Portal Profiles 129
Creating a Captive Portal Profile 129
In the Instant UI 129
In the CLI 130
Configuring an SSID or Wired Profile to Use External Captive Portal Authentication 131
In the Instant UI 131
In the CLI 132
Configuring External Captive Portal Authentication Using ClearPass Guest 132
Creating a Web Login page in ClearPass Guest 133
Configuring RADIUS Server in Instant UI 133
Configuring Guest Logon Role and Access Rules for Guest Users 133
In the Instant UI 133
11. In the CLI 134
Example 135
Configuring Captive Portal Roles for an SSID 135
In the Instant UI 135
In the CLI 137
Configuring Walled Garden Access 138
In the Instant UI 138
In the CLI 138
Disabling Captive Portal Authentication 138
Authentication and User Management 140
Managing IAP Users 140
Configuring Authentication Parameters for Management Users 141
Configuring a TACACS+ Server Profile for Management User Authentication 141
In the Instant UI 141
In the CLI 142
Configuring Administrator Credentials for the Virtual Controller Interface 142
In the Instant UI 142
In the CLI 143
Configuring Guest Management Interface Administrator Credentials 144
In the Instant UI 144
In the CLI 144
Configuring Users for Internal Database of an IAP 144
In the Instant UI 144
In the CLI 145
Configuring the Read-Only Administrator Credentials 146
In the Instant UI 146
In the CLI 146
Adding Guest Users through the Guest Management Interface 146
Understanding Authentication Methods 147
802.1X authentication 147
MAC authentication 148
MAC authentication with 802.1X authentication 148
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 11
12. 12 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
Captive Portal Authentication 148
MAC authentication with Captive Portal authentication 148
802.1X authentication with Captive Portal Role 148
WISPr authentication 149
Supported EAP Authentication Frameworks 149
Authentication Termination on IAP 149
Supported Authentication Servers 150
Internal RADIUS Server 150
External RADIUS Server 150
RADIUS Server Authentication with VSA 150
Dynamic Load Balancing between Two Authentication Servers 154
Understanding Encryption Types 154
WPA and WPA2 155
Recommended Authentication and Encryption Combinations 155
Support for Authentication Survivability 156
Configuring Authentication Survivability 156
In the Instant UI 156
Important Points to Remember 157
In the CLI 157
Configuring Authentication Servers 157
Configuring an External Server for Authentication 157
In the Instant UI 158
In the CLI 161
Configuring Dynamic RADIUS Proxy Parameters 161
Enabling Dynamic RADIUS Proxy 162
In the Instant UI 162
In the CLI 162
Configuring Dynamic RADIUS Proxy Parameters for Authentication Servers 162
In the Instant UI 162
In the CLI 162
Associate the Authentication Servers with an SSID or Wired Profile 163
In the CLI 163
Configuring 802.1X Authentication for a Network Profile 163
13. Configuring 802.1X Authentication for a Wireless Network Profile 164
In the Instant UI 164
In the CLI 164
Configuring 802.1X Authentication for Wired Profiles 165
In the Instant UI 165
In the CLI 165
Configuring MAC Authentication for a Network Profile 165
Configuring MAC Authentication for Wireless Network Profiles 165
In the Instant UI 165
In the CLI 166
Configuring MAC Authentication for Wired Profiles 166
In the Instant UI 166
In the CLI 167
Configuring MAC Authentication with 802.1X Authentication 167
Configuring MAC and 802.1X Authentication for a Wireless Network Profile 167
In the Instant UI 167
In the CLI 168
Configuring MAC and 802.1X Authentication for Wired Profiles 168
In the Instant UI 168
In the CLI 168
Configuring MAC Authentication with Captive Portal Authentication 169
Configuring MAC Authentication with Captive Portal Authentication 169
In the Instant UI 169
In the CLI 169
Configuring WISPr Authentication 170
In the Instant UI 170
In the CLI 171
Blacklisting Clients 171
Blacklisting Clients Manually 171
Adding a Client to the Blacklist 171
In the Instant UI 171
In the CLI 171
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 13
14. 14 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
Blacklisting Users Dynamically 172
Authentication Failure Blacklisting 172
Session Firewall Based Blacklisting 172
Configuring Blacklist Duration 172
In the Instant UI 172
In the CLI 172
Uploading Certificates 173
Loading Certificates through Instant UI 173
Loading Certificates through Instant CLI 174
Loading Certificates through AirWave 174
Roles and Policies 176
Firewall Policies 176
Access Control List Rules 176
Configuring Access Rules for Network Services 177
In the Instant UI 177
In the CLI 178
Example 178
Configuring Network Address Translation Rules 179
Configuring a Source NAT Access Rule 179
In the Instant UI 179
In the CLI 179
Configuring Source-Based Routing 180
Configuring a Destination NAT Access Rule 180
In the Instant UI 180
In the CLI 180
Configuring ALG Protocols 181
In the Instant UI 181
In the CLI 181
Configuring Firewall Settings for Protection from ARP Attacks 181
In the Instant UI 182
In the CLI 182
Managing Inbound Traffic 183
Configuring Inbound Firewall Rules 183
15. In the Instant UI 183
In the CLI 185
Example 185
Configuring Management Subnets 185
In the Instant UI 185
In the CLI 186
Configuring Restricted Access to Corporate Network 186
In the Instant UI 186
In the CLI 186
Content Filtering 186
Enabling Content Filtering 187
Enabling Content Filtering for a Wireless Profile 187
In the Instant UI 187
In the CLI 187
Enabling Content Filtering for a Wired Profile 187
In the Instant UI 187
In the CLI 188
Configuring Enterprise Domains 188
In the Instant UI 188
In the CLI 188
Configuring URL Filtering Policies 188
In the Instant UI 188
In the CLI 189
Example 189
Configuring User Roles 190
Creating a User Role 190
In the Instant UI 190
In the CLI 190
Assigning Bandwidth Contracts to User Roles 190
In the Instant UI 191
In the CLI: 191
Configuring Machine and User Authentication Roles 191
In the Instant UI 191
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 15
16. 16 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
In the CLI 192
Configuring Derivation Rules 192
Understanding Role Assignment Rule 192
RADIUS VSA Attributes 192
MAC-Address Attribute 192
Roles Based on Client Authentication 193
DHCP Option and DHCP Fingerprinting 193
Creating a Role Derivation Rule 193
In the Instant UI 193
In the CLI 194
Example 194
Understanding VLAN Assignment 194
Vendor Specific Attributes 195
VLAN Assignment Based on Derivation Rules 196
User Role 196
VLANs Created for an SSID 196
Configuring VLAN Derivation Rules 196
In the Instant UI 196
In the CLI 197
Example 198
Using Advanced Expressions in Role and VLAN Derivation Rules 198
Configuring a User Role for VLAN Derivation 199
Creating a User VLAN Role 199
In the Instant UI 199
In the CLI 199
Assigning User VLAN Roles to a Network Profile 200
In the Instant UI 200
In the CLI 200
DHCP Configuration 201
Configuring DHCP Scopes 201
Configuring Distributed DHCP Scopes 201
In the Instant UI 201
In the CLI 203
17. Configuring a Centralized DHCP Scope 204
In the Instant UI 204
In the CLI 205
Configuring Local and Local,L3 DHCP Scopes 206
In the Instant UI 206
In the CLI 207
Configuring the Default DHCP Scope for Client IP Assignment 208
In the Instant UI 208
In the CLI 209
VPN Configuration 210
Understanding VPN Features 210
Configuring a Tunnel from an IAP to Aruba Mobility Controller 210
Configuring an IPSec Tunnel 210
In the Instant UI 210
In the CLI 211
Example 212
Enabling Automatic Configuration of GRE Tunnel 212
In the Instant UI 212
In the CLI 214
Manually Configuring a GRE Tunnel 214
In the Instant UI 214
In the CLI 215
Configuring an L2TPv3 Tunnel 215
In the Instant UI 216
In the CLI 218
Example 218
Configuring Routing Profiles 221
In the Instant UI 221
In the CLI 222
IAP-VPN Deployment 223
Understanding IAP-VPN Architecture 223
IAP-VPN Scalability Limits 223
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 17
18. 18 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
IAP-VPN Forwarding Modes 224
Local or NAT Mode 224
L2 Switching Mode 224
Distributed L2 Mode 224
Centralized L2 Mode 224
L3 Routing Mode 225
Distributed L3 mode 225
Centralized L3 Mode 225
Configuring IAP and Controller for IAP-VPN Operations 225
Configuring an IAP network for IAP-VPN operations 225
Defining the VPN host settings 225
Configuring Routing Profiles 226
Configuring DHCP Profiles 226
Configuring an SSID or Wired Port 226
Enabling Dynamic RADIUS Proxy 227
Configuring Enterprise Domains 227
Configuring a Controller for IAP-VPN Operations 227
OSPF Configuration 227
VPN Configuration 229
Whitelist Database Configuration 229
VPN LocalPoolConfiguration 230
Role Assignment for the Authenticated IAPs 230
VPN Profile Configuration 230
Branch-ID Allocation 230
Branch Status Verification 230
Example 230
Adaptive Radio Management 232
ARM Overview 232
Channel or Power Assignment 232
Voice Aware Scanning 232
Load Aware Scanning 232
Monitoring the Network with ARM 232
ARM Metrics 232
19. Configuring ARM Features on an IAP 233
Band Steering 233
In the Instant UI 233
In the CLI 233
Airtime Fairness Mode 233
In the Instant UI 234
In the CLI 234
Client Match 234
In the Instant UI 235
In the CLI 236
Access Point Control 236
In the Instant UI 236
In the CLI 237
Verifying ARM Configuration 237
Configuring Radio Settings for an IAP 238
In the Instant UI 238
In the CLI 239
Deep Packet Inspection and Application Visibility 241
Deep Packet Inspection 241
Enabling Application Visibility 241
In the Instant UI 241
In the CLI 241
Application Visibility 242
Application Category Charts 242
Application Charts 243
Web Categories Charts 245
Web Reputation Charts 245
Configuring Access Rules for Application and Application Categories 246
In the Instant UI 246
In the CLI 248
Example 249
Configuring URL Filtering Policies 249
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 19
20. 20 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
In the Instant UI 249
In the CLI 250
Example 250
Voice and Video 251
Wi-Fi Multimedia Traffic Management 251
Configuring WMM for Wireless Clients 251
In the Instant UI 252
In the CLI 252
Configuring WMM-DSCP Mapping 252
In the Instant UI 253
In the CLI 253
QoS for Microsoft Office OCS and Apple Facetime 253
Microsoft OCS 253
Apple Facetime 253
Services 255
AirGroup Configuration 255
Multicast DNS and Bonjour® Services 256
DLNA UPnP Support 257
AirGroup Features 258
AirGroup Services 259
AirGroup Components 260
CPPM and ClearPass Guest Features 260
Configuring AirGroup and AirGroup Services on an IAP 261
In the Instant UI 261
In the CLI 262
Configuring AirGroup and CPPM interface in Instant 263
Creating a RADIUS Server 263
Assign a Server to AirGroup 263
Configure CPPM to Enforce Registration 263
Change of Authorization (CoA) 263
Configuring an IAP for RTLS Support 263
In the Instant UI 263
21. In the CLI 264
Configuring an IAP for Analytics and Location Engine Support 265
ALE with Instant 265
Enabling ALE Support on an IAP 265
In the Instant UI 265
In the CLI 266
Verifying ALE Configuration on an IAP 266
Configuring OpenDNS Credentials 266
In the Instant UI 266
In the CLI 267
Integrating an IAP with Palo Alto Networks Firewall 267
Integration with Instant 267
Configuring an IAP for PAN integration 267
In the Instant UI 267
In the CLI 268
Integrating an IAP with an XML API interface 268
Integration with Instant 269
Configuring an IAP for XML API integration 269
In the Instant UI 269
In the CLI 269
CALEA Integration and Lawful Intercept Compliance 270
CALEA Server Integration 270
Traffic Flow from IAP to CALEA Server 270
Traffic Flow from IAP to CALEA Server through VPN 271
Client Traffic Replication 271
Configuring an IAP for CALEA Integration 271
Creating a CALEA Profile 272
In the Instant UI 272
In the CLI 272
Creating an Access Rule for CALEA 272
In the Instant UI 272
In the CLI 273
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 21
22. 22 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
Verifying the configuration 273
Example 273
IAP Management and Monitoring 275
Managing an IAP from AirWave 275
Image Management 275
IAP and Client Monitoring 275
Template-based Configuration 275
Trending Reports 276
Intrusion Detection System 276
Wireless Intrusion Detection System (WIDS) Event Reporting to AirWave 276
RF Visualization Support for Instant 276
PSK-based and Certificate-based Authentication 277
Configurable Port for IAP and AirWave Management Server Communication 277
Configuring Organization String 277
Shared Key 278
Configuring AirWave Information 278
In the Instant UI 278
In the CLI 278
Configuring for AirWave Discovery through DHCP 279
Standard DHCP option 60 and 43 on Windows Server 2008 279
Alternate Method for Defining Vendor-Specific DHCP Options 283
Aruba Central 285
Provisioning an IAP using Central 286
Maintaining the Subscription List 286
Firmware Maintenance 287
Uplink Configuration 288
Uplink Interfaces 288
Ethernet Uplink 288
Configuring PPPoE Uplink Profile 289
In the Instant UI 289
In the CLI 290
Cellular Uplink 290
23. Configuring Cellular Uplink Profiles 293
In the Instant UI 293
In the CLI 293
Wi-Fi Uplink 294
Configuring a Wi-Fi Uplink Profile 294
Uplink Preferences and Switching 295
Enforcing Uplinks 295
In the Instant UI 295
In the CLI 296
Setting an Uplink Priority 296
In the Instant UI 296
In the CLI 296
Enabling Uplink Preemption 296
In the Instant UI 296
In the CLI 296
Switching Uplinks Based on VPN and Internet Availability 297
Switching Uplinks Based on VPN Status 297
Switching Uplinks Based on Internet Availability 297
In the Instant UI 297
In the CLI 298
Viewing Uplink Status and Configuration 298
Intrusion Detection 299
Detecting and Classifying Rogue APs 299
OS Fingerprinting 299
Configuring Wireless Intrusion Protection and Detection Levels 300
Containment Methods 304
Configuring IDS Using CLI 304
Mesh IAP Configuration 306
Mesh Network Overview 306
Mesh IAPs 306
Mesh Portals 306
Mesh Points 307
Setting up Instant Mesh Network 307
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 23
24. 24 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
Configuring Wired Bridging on Ethernet 0 for Mesh Point 307
In the Instant UI 307
In the CLI 308
Mobility and Client Management 309
Layer-3 Mobility Overview 309
Configuring L3-Mobility 310
Home Agent Load Balancing 310
Configuring a Mobility Domain for Instant 310
In the Instant UI 310
In the CLI 311
Spectrum Monitor 312
Understanding Spectrum Data 312
Device List 312
Non Wi-Fi Interferers 313
Channel Details 315
Channel Metrics 316
Spectrum Alerts 317
Configuring Spectrum Monitors and Hybrid IAPs 317
Converting an IAP to a Hybrid IAP 317
In the Instant UI 317
In the CLI 318
Converting an IAP to a Spectrum Monitor 318
In the Instant UI 318
In the CLI 318
IAP Maintenance 320
Upgrading an IAP 320
Upgrading an IAP and Image Server 320
Image Management Using AirWave 320
Image Management Using Cloud Server 320
Configuring HTTP Proxy on an IAP 320
In the Instant UI 320
In the CLI 321
25. Upgrading an IAP Using Automatic Image Check 321
Upgrading to a New Version Manually 322
Upgrading an Image Using CLI 322
Backing up and Restoring IAP Configuration Data 322
Viewing Current Configuration 322
Backing up Configuration Data 323
Restoring Configuration 323
Converting an IAP to a Remote AP and Campus AP 323
Regulatory Domain Restrictions for IAP to RAP or CAP Conversion 323
Converting an IAP to a Remote AP 324
Converting an IAP to a Campus AP 326
Converting an IAP to Standalone Mode 327
Converting an IAP using CLI 328
Resetting a Remote AP or Campus AP to an IAP 328
Rebooting the IAP 328
Monitoring Devices and Logs 330
Configuring SNMP 330
SNMP Parameters for IAP 330
Configuring SNMP 331
Creating community strings for SNMPv1 and SNMPv2 Using Instant UI 331
Creating community strings for SNMPv3 Using Instant UI 331
Configuring SNMP Community Strings in the CLI 332
Configuring SNMP Traps 333
In the Instant UI 333
In the CLI 333
Configuring a Syslog Server 333
In the Instant UI 333
In the CLI 335
Configuring TFTP Dump Server 335
In the Instant UI 335
In the CLI 335
Running Debug Commands from the UI 336
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 25
26. 26 | Contents Aruba Instant 6.4.0.2-4.1 | User Guide
Support Commands 336
Hotspot Profiles 341
Understanding Hotspot Profiles 341
Generic Advertisement Service (GAS) 341
Access Network Query Protocol (ANQP) 342
Hotspot 2.0 Query Protocol (H2QP) 342
Information Elements (IEs) and Management Frames 342
NAI Realm List 342
Configuring Hotspot Profiles 342
Creating Advertisement Profiles for Hotspot Configuration 343
Configuring an NAI Realm Profile 343
Configuring a Venue Name Profile 345
Configuring a Network Authentication Profile 346
Configuring a Roaming Consortium Profile 347
Configuring a 3GPP Profile 347
Configuring an IP Address Availability Profile 347
Configuring a Domain Profile 347
Configuring an Operator-friendly Profile 348
Configuring a Connection Capability Profile 348
Configuring an Operating Class Profile 348
Configuring a WAN Metrics Profile 348
Creating a Hotspot Profile 349
Associating an Advertisement Profile to a Hotspot Profile 351
Creating a WLAN SSID and Associating Hotspot Profile 352
Sample Configuration 352
Mobility Access Switch Integration 355
Mobility Access Switch Overview 355
MAS Integration with an IAP 355
Configuring IAPs for MAS Integration 355
In the Instant UI 356
In the CLI 356
27. ClearPass Guest Setup 357
Testing 361
Troubleshooting 361
IAP-VPN Deployment Scenarios 362
Scenario 1 - IPSec: Single Datacenter Deployment with No Redundancy 363
Topology 363
AP Configuration 363
AP Connected Switch Configuration 365
Datacenter Configuration 365
Scenario 2 - IPSec: Single Datacenter with Multiple Controllers for Redundancy 366
Topology 366
AP Configuration 367
AP Connected Switch Configuration 369
Datacenter Configuration 369
Scenario 3 - IPSec: Multiple Datacenter Deployment with Primary and Backup Controllers for Redundancy 370
Topology 370
AP Configuration 371
AP Connected Switch Configuration 374
Datacenter Configuration 374
Scenario 4 - GRE: Single Datacenter Deployment with No Redundancy 375
Topology 375
AP Configuration 375
AP Connected Switch Configuration 377
Datacenter Configuration 377
Terminology 379
Acronyms and Abbreviations 379
Glossary 380
Aruba Instant 6.4.0.2-4.1 | User Guide Contents | 27
28. Aruba Instant 6.4.0.2-4.1 | User Guide About this Guide | 28
Chapter 1
About this Guide
This User Guide describes the features supported by Aruba Instant and provides detailed instructions for setting up
and configuring the Instant network.
Intended Audience
This guide is intended for customers who configure and use Instant.
Related Documents
In addition to this document, the Instant product documentation includes the following:
l Aruba Instant Installation Guides
l Aruba Instant 6.4.0.2-4.1 Quick Start Guide
l Aruba Instant 6.4.0.2-4.1 CLI Reference Guide
l Aruba Instant 6.4.0.2-4.1 MIB Reference Guide
l Aruba Instant 6.4.0.2-4.1 Syslog Messages Reference Guide
l Aruba Instant 6.4.0.2-4.1 Release Notes
Conventions
The following conventions are used throughout this manual to emphasize important concepts:
Type Style Description
Italics This style is used to emphasize important terms and to mark the titles of books.
System items This fixed-width font depicts the following:
l Sample screen output
l System prompts
l Filenames, software devices, and specific commands when mentioned in the text.
Commands In the command examples, this style depicts the keywords that must be typed exactly as
shown.
<Arguments> In the command examples, italicized text within angle brackets represents items that you
should replace with information appropriate to your specific situation. For example:
# send <text message>
In this example, you would type “send” at the system prompt exactly as shown, followed by
the text of the message you wish to send. Do not type the angle brackets.
[Optional] Command examples enclosed in brackets are optional. Do not type the brackets.
{Item A |
Item B}
In the command examples, items within curled braces and separated by a vertical bar
represent the available choices. Enter only one choice. Do not type the braces or bars.
Table 1: Typographical Conventions
29. 29 | About this Guide Aruba Instant 6.4.0.2-4.1 | User Guide
The following informational icons are used throughout this guide:
Indicates helpful suggestions, pertinent information, and important things to remember.
Indicates a risk of damage to your hardware or loss of data.
Indicates a risk of personal injury or death.
Contacting Support
Main Site arubanetworks.com
Support Site support.arubanetworks.com
Airheads Social Forums and
Knowledge Base
community.arubanetworks.com
North American Telephone 1-800-943-4526 (Toll Free)
1-408-754-1200
International Telephones arubanetworks.com/support-services/aruba-support-
program/contact-support/
Software Licensing Site licensing.arubanetworks.com/login.php
Wireless Security Incident
Response Team (WSIRT)
arubanetworks.com/support/wsirt.php
Support Email Addresses
Americas and APAC support@arubanetworks.com
EMEA emea_support@arubanetworks.com
WSIRT Email
Please email details of any
security problem found in an
Aruba product.
wsirt@arubanetworks.com
Table 2: Support Information
30. Aruba Instant 6.4.0.2-4.1 | User Guide About Aruba Instant | 30
Chapter 2
About Aruba Instant
This chapter provides the following information:
l Instant Overview
l What is New in Aruba Instant 6.4.0.2-4.1
Instant Overview
Instant virtualizes Aruba Mobility Controller capabilities on 802.11 access points (APs), creating a feature-rich
enterprise-grade wireless LAN (WLAN) that combines affordability and configuration simplicity.
Instant is a simple, easy to deploy turn-key WLAN solution consisting of one or more APs. An Ethernet port with
routable connectivity to the Internet or a self-enclosed network is used for deploying an Instant Wireless Network.
An Instant Access Point (IAP) can be installed at a single site or deployed across multiple geographically-dispersed
locations. Designed specifically for easy deployment, and proactive management of networks, Instant is ideal for
small customers or remote locations without any on-site IT administrator.
Instant consists of an IAP and a Virtual Controller. The Virtual Controller resides within one of the APs. In an Instant
deployment scenario, only the first IAP needs to be configured. After the first IAP is configured, the other IAPs inherit
all the required configuration information from the Virtual Controller. Instant continually monitors the network to
determine the IAP that should function as the Virtual Controller at any time, and the Virtual Controller will move from
one IAP to another as necessary without impacting network performance.
Supported Devices
The following devices are supported in the current release of Instant:
l IAP-103
l IAP-104
l IAP-105
l IAP-114/115
l IAP-134/135
l IAP-175P/175AC
l RAP-3WN/3WNP
l RAP-108/109
l RAP155/155P
l IAP-224/225
l IAP-274/275
As of Instant 4.1 relelase, Aruba recommends that networks with more than 128 APs should be designed as
multiple, smaller virtual-controller networks with Layer-3 mobility enabled between them.
All IAPs except IAP-224/225, IAP-114/115, and IAP-274/275 are available as the following variants:
l IAP-US (United States)
l IAP-JP (Japan)
l IAP-IL (Israel)
31. 31 | About Aruba Instant Aruba Instant 6.4.0.2-4.1 | User Guide
l IAP-RW (Rest of World)
The IAP-224/225, IAP-114/115, and IAP-274/275 are available as the following variants:
l IAP-US (United States)
l IAP-RW. The RW variant also includes IL and JP variants.
For information on regulatory domains and the list of countries supported by the IAP-RW type, see Country Code on
page 37.
Instant UI
The Instant User Interface (UI) provides a standard Web-based interface that allows you to configure and monitor a
Wi-Fi network. Instant is accessible through a standard Web browser from a remote management console or
workstation and can be launched using the following browsers:
l Internet Explorer 10 or lower
l Safari 6.0 or later
l Google Chrome 23.0.1271.95 or later
l Mozilla Firefox 17.0 or later
If the Instant UI is launched through an unsupported browser, a waring message is displayed along with a list of
recommended browsers. However, the users are allowed to login using the Continue login link on the Login page.
To view the Instant UI, ensure that the JavaScript is enabled on the Web browser.
The Instant UI logs out automatically if the window is inactive for 15 minutes.
Instant CLI
The Instant Command Line Interface (CLI) is a text-based interface accessible through a Secure Shell (SSH)
session.
SSH access requires that you configure an IP address and a default gateway on the IAP and connect the IAP to your
network. This is typically performed when the Instant network on an IAP is set up.
32. What is New in Aruba Instant 6.4.0.2-4.1
The following features are added in the Aruba Instant 6.4.0.2-4.1 release:
Feature Description
Support for AppRF and
DPI service
In the current release, Instant supports Layer 7 application and web-filtering service
called Deep Packet Inspection (DPI). As part of the DPI service and AppRF feature
support, Instant supports the following :
l Access control based on application and application categories
l Application visibility
l Web filtering service based on web categories and security ratings assigned to the
websites
URL filtering IAPs support access control and content filtering based on web categories and website
reputation ratings. The administrators can now configure access rules to permit or deny
client access to certain websites.
Support for new 4G
modems
Instant now supports the following 4G modems:
l Netgear Aircard 341u
l Pantech UML295
l Fraklin Wireless u770
l Huawei 3276s-150
AirGroup Enhancements IAPs now support Universal Plug and Play (UPnP) and DLNA (Digital Living Network
Alliance) enabled devices. DLNA is a network standard derived from UPnP, which
enables devices to discover the services available in a network.
DSCP Mapping for WMM
Access Categories
Instant now supports Wi-Fi Multimedia and DSCP mapping configuration for upstream
and downstream traffic.
Fast roaming
enhancements
IAPs now support 802.11K (Radio Resource Management) and 802.11v (BSS Transition
Management) standards to improve Quality of Service (QoS) and seamless connectivity.
Authentication
survivability with EAP-
TLS
Instant now supports the authentication survivability feature with the EAP-TLS
authentication protocol. The authentication survivability feature supports a survivable
authentication framework against the remote link failure when working with the external
authentication servers.
Support for AP zone
configuration
You can now configure zone settings on an IAP and an SSID, so that the SSID is created
on s specific IAP in the cluster.
Configurable port for
communication between
IAP and AirWave
management server
communication
You can now customize the port number of the AirWave management server through the
server_host:server_port format, for example, amp.google.com:4343.
Client match
visualization
The Instant UI now provides a graphical representation of the client distribution on an AP,
the RSSI details, and the channel availability and utilization metrics.
Console access to IAP In the current release, you can allow or restrict access to an IAP console through the
serial port. By default, the console access to an IAP is enabled.
Backup RADIUS server Instant now supports the configuration of the primary and backup RADIUS servers in an
Table 3: New Features in 6.4.0.2-4.1
Aruba Instant 6.4.0.2-4.1 | User Guide About Aruba Instant | 32
33. 33 | About Aruba Instant Aruba Instant 6.4.0.2-4.1 | User Guide
Feature Description
with EAP termination enterprise WLAN SSID that has EAP termination enabled.
Support for
TACACS+ Server
In this release, a new external server called TACACS+ Server is added to support
authentication and accounting privileges for management users.
XML API Integration The Instant UI now allows users to integrate an XML API Interface with an IAP. The users
can use the XML API interface to add, delete, authenticate, or query a user or a client.
Support for inbound
firewall rules
configuration
You can now configure firewall rules based on the source subnet for the inbound traffic
coming through the uplink ports of an IAP.
Full tunnel support Instant now allows you to configure full tunnel for the Centralized, L2 subnets. When the
split-tunnel feature is disabled, the redirect and source NAT ACL rules are not generated
for this subnet, thereby allowing all traffic to get switched to the GRE tunnel.
Table 3: New Features in 6.4.0.2-4.1
IAP Platform Description
IAP-270 Series The IAP-274 and IAP-275 are environmentally hardened, outdoor rated, dual-radio IEEE 802.11ac
wireless access points. These access points use MIMO (Multiple-in, Multiple-out) technology and
other high-throughput mode techniques to deliver high-performance, 802.11ac 2.4 GHz and 5 GHz
functionality while simultaneously supporting existing 802.11a/b/g/n wireless services. For more
information about this product, visit www.arubanetworks.com.
IAP-103 The IAP-103 wireless access point supports the IEEE 802.11n standard for high-performance
WLAN. This access point uses MIMO (Multiple-in, Multiple-out) technology and other high-
throughput mode techniques to deliver high performance, 802.11n 2.4 GHz or 5 GHz functionality
while simultaneously supporting existing 802.11a/b/g wireless services. For more information about
this product, visit www.arubanetworks.com.
Table 4: New Hardware Platforms introduced in this release
34. Aruba Instant 6.4.0.2-4.1 | User Guide Setting up an IAP | 34
Chapter 3
Setting up an IAP
This chapter describes the following procedures:
l Setting up Instant Network on page 34
l Logging in to the Instant UI on page 36
l Accessing the Instant CLI on page 40
Setting up Instant Network
Before installing an IAP:
l Ensure that you have an Ethernet cable of the required length to connect an IAP to the home router.
l Ensure that you have one of the following power sources:
n IEEE 802.3af/at-compliant Power over Ethernet (PoE) source. The PoE source can be any power source
equipment (PSE) switch or a midspan PSE device.
n IAP power adapter kit.
Perform the following procedures to set up the Instant network:
1. Connecting an IAP on page 34
2. Assigning an IP address to the IAP on page 34
3. Connecting to a Provisioning Wi-Fi Network on page 35
Connecting an IAP
Based on the type of the power source used, perform one of the following steps to connect an IAP to the power
source:
l PoE switch— Connect the ENET 0 port of the IAP to the appropriate port on the PoE switch.
l PoE midspan— Connect the ENET 0 port of the IAP to the appropriate port on the PoE midspan.
l AC to DC power adapter— Connect the 12V DC power jack socket to the AC to DC power adapter.
RAP-155P supports PSE for 802.3at powered device (class 0-4) on one port (E1 or E2), or 802.3af powered DC IN
(Power Socket) on two ports (E1 and E2).
Assigning an IP address to the IAP
The IAP needs an IP address for network connectivity. When you connect an IAP to a network, it receives an IP
address from a DHCP server.
To obtain an IP address for an IAP:
1. Ensure that the DHCP service is enabled on the network.
2. Connect the ENET 0 port of IAP to a switch or router using an Ethernet cable.
3. Connect the IAP to a power source. The IAP receives an IP address provided by the switch or router.
If there is no DHCP service on the network, the IAP can be assigned a static IP address. If a static IP is not
assigned, the IAP obtains an IP automatically within the 169.254 subnet.
35. 35 | Setting up an IAP Aruba Instant 6.4.0.2-4.1 | User Guide
Assigning a Static IP
To assign a static IP to an IAP:
1. Connect a terminal, PC, or workstation running a terminal emulation program to the Console port on the IAP.
2. Power on the IAP. An autoboot countdown prompt that allows you to interrupt the normal startup process and
access apboot is displayed.
3. Click Enter before the timer expires. The IAP goes into the apboot mode.
4. In the apboot mode, use the following commands to assign a static IP to the IAP.
Hit <Enter> to stop autoboot: 0
apboot>
apboot> setenv ipaddr 192.0.2.0
apboot> setenv netmask 255.255.255.0
apboot> setenv gatewayip 192.0.2.2
apboot> save
Saving Environment to Flash...
Un-Protected 1 sectors
.done
Erased 1 sectors
Writing
5. Use the printenv command to view the configuration.
apboot> printenv
Connecting to a Provisioning Wi-Fi Network
The IAPs boot with factory default configuration and try to provision automatically. If the automatic provisioning is
successful, the instant SSID will not be available. If AirWave and Activate are not reachable and the automatic
provisioning fails, the instant SSID becomes available and the users can connect to a provisioning network by using
the instant SSID.
To connect to a provisioning Wi-Fi network:
1. Ensure that the client is not connected to any wired network.
2. Connect a wireless enabled client to a provisioning Wi-Fi network: for example, instant.
3. If the Windows OS system is used:
a. Click the wireless network connection icon in the system tray. The Wireless Network Connection window
is displayed.
b. Click on the instant network and then click Connect.
4. If the Mac OS system is used:
a. Click the AirPort icon. A list of available Wi-Fi networks is displayed.
b. Click on the instant network.
The instant SSIDs are broadcast in 2.4 GHz only.
IAP Cluster
IAPs in the same VLAN automatically find each other and form a single functioning network managed by a Virtual
Controller.
Moving an IAP from one cluster to another requires a factory reset of the IAP.
36. Disabling the Provisioning Wi-Fi Network
The provisioning network is enabled by default. Instant provides the option to disable the provisioning network
through the console port. Use this option only when you do not want the default SSID instant to be broadcast in your
network.
To disable the provisioning network:
1. Connect a terminal or PC/workstation running a terminal emulation program to the Console port on the IAP.
2. Configure the terminal or terminal emulation program to use the following communication settings:
Baud Rate Data Bits Parity Stop Bits Flow Control
9600 8 None 1 None
Table 5: Terminal Communication Settings
3. Power on the IAP. An autoboot countdown prompt that allows you to interrupt the normal startup process and
access apboot is displayed.
4. Click Enter before the timer expires. The IAP goes into the apboot mode through console.
5. In the apboot mode, use the following commands to disable the provisioning network:
n apboot> factory_reset
n apboot> setenv disable_prov_ssid 1
n apboot> saveenv
n apboot> reset
Logging in to the Instant UI
Launch a Web browser and enter http://instant.arubanetworks.com. In the login screen, enter the following
credentials:
l Username— admin
l Password— admin
The following figure shows the Login screen:
Figure 1 Login Screen
When you use a provisioning Wi-Fi network to connect to the Internet, all browser requests are directed to the Instant
UI. For example, if you enter www.example.com in the address field, you are directed to the Instant UI. You can
change the default login credentials after the first login.
Aruba Instant 6.4.0.2-4.1 | User Guide Setting up an IAP | 36
37. 37 | Setting up an IAP Aruba Instant 6.4.0.2-4.1 | User Guide
Regulatory Domains
The IEEE 802.11/b/g/n Wi-Fi networks operate in the 2.4 GHz spectrum and IEEE 802.11a/n operates in the 5.0
GHz spectrum. The spectrum is divided into channels. The 2.4 GHz spectrum is divided into 14 overlapping,
staggered 20 MHz wireless carrier channels. These channels are spaced 5 MHz apart. The 5 GHz spectrum is
divided into more channels. The channels that can be used in a particular country differ based on the regulations of
that country.
The initial Wi-Fi setup requires you to specify the country code for the country in which the Instant operates. This
configuration sets the regulatory domain for the radio frequencies that the IAPs use. Within the regulated
transmission spectrum, a high-throughput 802.11ac, 802.11a, 802.11b/g, or 802.11n radio setting can be configured.
The available 20 MHz, 40 MHz, or 80MHz channels are dependent on the specified country code.
You cannot change the country code for the IAPs in the restricted regulatory domains such as US, Japan, and Israel
for most of the IAP models. Improper country code assignments can disrupt wireless transmissions. Most countries
impose penalties and sanctions on operators of wireless networks with devices set to improper country codes.
Country Code
The following table provides a list of supported country codes:
Code Country Name
AE United Arab Emirates
AR Argentina
AT Austria
AU Australia
BG Bulgaria
BH Bahrain
BM Bermuda
BO Bolivia
BR Brazil
CA Canada
CH Switzerland
CL Chile
CN China
CO Colombia
CR Costa Rica
CS Serbia and Montenegro
CY Cyprus
Table 6: Country Codes List
38. Code Country Name
CZ Czech Republic
DE Germany
DK Denmark
DO Dominican Republic
DZ Algeria
EC Ecuador
EE Estonia
EG Egypt
ES Spain
FI Finland
FR France
GB United Kingdom
GR Greece
GT Guatemala
HK Hong Kong
HN Honduras
ID Indonesia
IE Ireland
IL Israel
IN India
IS Iceland
IT Italy
JM Jamaica
JO Jordan
JP Japan
KE Kenya
KR Republic of Korea (South
Korea)
KW Kuwait
Aruba Instant 6.4.0.2-4.1 | User Guide Setting up an IAP | 38
39. 39 | Setting up an IAP Aruba Instant 6.4.0.2-4.1 | User Guide
Code Country Name
LB Lebanon
LI Liechtenstein
LI Liechtenstein
LK Sri Lanka
LT Lithuania
LU Luxembourg
MA Morocco
MU Mauritius
MX Mexico
NL Netherlands
NO Norway
NZ New Zealand
OM Oman
PA Panama
PE Peru
PH Philippines
PK Islamic Republic of Pakistan
PL Poland
PR Puerto Rico
PT Portugal
QA Qatar
RO Romania
RU Russia
SA Saudi Arabia
SG Singapore
SI Slovenia
SK Slovak Republic
SV El Salvador
40. Code Country Name
TH Thailand
TN Tunisia
TR Turkey
TT Trinidad and Tobago
TW Taiwan
UA Ukraine
US United States
UY Uruguay
VE Venezuela
VN Vietnam
ZA South Africa
Specifying Country Code
This procedure is applicable to the IAP-RoW (Rest of World) variants only. Skip this step if you are installing IAP in
the United States, Japan, or Israel.
The Country Code window is displayed for the IAP-RoW (Rest of World) variants when you log in to the UI for the
first time. You can specify a country code by selecting an appropriate option from the Please Specify the Country
Code drop-down list.
Figure 2 Specifying a Country Code
.
For the complete list of the country codes supported by the IAP-ROW variant type, see Country Code on page 37.
Accessing the Instant CLI
Instant supports the use of Command Line Interface (CLI) for scripting purposes. When you make configuration
changes on a master IAP in the CLI, all associated IAPs in the cluster inherit these changes and subsequently
update their configurations. By default, you can access the CLI from the serial port or from an SSH session. You
must explicitly enable Telnet access on the IAP to access the CLI through a Telnet session.
For information on enabling SSH and Telnet access to the IAP CLI, see Configuring Terminal Access on page 79.
Aruba Instant 6.4.0.2-4.1 | User Guide Setting up an IAP | 40
41. 41 | Setting up an IAP Aruba Instant 6.4.0.2-4.1 | User Guide
Connecting to a CLI Session
On connecting to a CLI session, the system displays its host name followed by the login prompt. Use the
administrator credentials to start a CLI session. For example:
(Instant AP)
User: admin
If the login is successful, the privileged command mode is enabled and a command prompt is displayed. For
example:
(Instant AP)#
The privileged mode provides access to show, clear, ping, traceroute, and commit commands. The configuration
commands are available in config mode. To move from privileged mode to the configuration mode, enter the
following command at the command prompt:
(Instant AP)# configure terminal
The configure terminal command allows you to enter the basic configuration mode and the command prompt is
displayed as follows:
(Instant AP)(config)#
The Instant CLI allows CLI scripting in several other sub-command modes to allow the users to configure individual
interfaces, SSIDs, access rules, and security settings.
You can use the question mark (?) to view the commands available in a privileged mode, configuration mode, or sub-
mode.
Although automatic completion is supported for some commands such as configure terminal, the complete exit
and end commands must be entered at command prompt.
Applying Configuration Changes
Each command processed by the Virtual Controller is applied on all the slaves in a cluster. The changes configured
in a CLI session are saved in the CLI context. The CLI does not support the configuration data exceeding the 4K
buffer size in a CLI session. Therefore, Aruba recommends that you configure fewer changes at a time and apply the
changes at regular intervals.
To apply and save the configuration changes at regular intervals, use the following command in the privileged mode:
(Instant AP)# commit apply
To apply the configuration changes to the cluster without saving the configuration, use the following command in the
privileged mode:
(Instant AP)# commit apply no-save
To view the changes that are yet to be applied, use the following command in the privileged mode:
(Instant AP)# show uncommitted-config
To revert to the earlier configuration, use the following command in the privileged mode.
(Instant AP)# commit revert
Example:
(Instant AP)(config)# rf dot11a-radio-profile
(Instant AP)(RF dot11a Radio Profile)# beacon-interval 200
(Instant AP)(RF dot11a Radio Profile)# no legacy-mode
(Instant AP)(RF dot11a Radio Profile)# dot11h
(Instant AP)(RF dot11a Radio Profile)# interference-immunity 3
(Instant AP)(RF dot11a Radio Profile)# csa-count 2
(Instant AP)(RF dot11a Radio Profile)# spectrum-monitor
(Instant AP)(RF dot11a Radio Profile)# end
42. (Instant AP)# show uncommitted-config
rf dot11a-radio-profile
no legacy-mode
beacon-interval 200
no dot11h
interference-immunity 3
csa-count 1
no spectrum-monitor
Instant Access Point# commit apply
Using Sequence Sensitive Commands
The Instant CLI does not support positioning or precedence of sequence-sensitive commands. Therefore, Aruba
recommends that you remove the existing configuration before adding or modifying the configuration details for
sequence-sensitive commands. You can either delete an existing profile or remove a specific configuration by using
the no… commands.
The following table lists the sequence-sensitive commands and the corresponding no command to remove the
configuration.
Sequence-Sensitive Command Corresponding no command
opendns <username <password> no opendns
rule <dest> <mask> <match> <protocol> <start-port>
<end-port> {permit |deny | src-nat | dst-nat {<IP-
address> <port>| <port>}}[<option1....option9>]
no rule <dest> <:mask> <match>
<protocol> <start-port> <end-port>
{permit | deny | src-nat | dst-nat}
mgmt-auth-server <auth-profile-name> no mgmt-auth-server <auth-profile-
name>
set-role <attribute>{{equals| not-equals| starts-
with| ends-with| contains} <operator> <role>| value-
of}
no set-role <attribute>{{equals|
not-equals| starts-with| ends-with|
contains} <operator>| value-of}
no set-role
set-vlan <attribute>{{equals| not-equals| starts-
with| ends-with| contains} <operator> <VLAN-ID>|
value-of}
no set-vlan <attribute>{{equals|
not-equals| starts-with| ends-with|
contains} <operator>| value-of}
no set-vlan
auth-server <name> no auth-server <name>
Table 7: Sequence-Sensitive Commands
Aruba Instant 6.4.0.2-4.1 | User Guide Setting up an IAP | 42
43. Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 43
Chapter 4
Instant User Interface
This chapter describes the following Instant UI elements:
l Login Screen
l Main Window
Login Screen
The Instant login page allows you to:
l Log in to the Instant UI.
l View Instant Network Connectivity summary
l View the Instant UI in a specific language
Logging into the Instant UI
To log in to the Instant UI, enter the following credentials:
l Username— admin
l Password— admin
The Instant UI main window is displayed.
Viewing Connectivity Summary
The Login page also displays the connectivity status to the Instant network. The users can view a summary that
indicates the status of the Internet availability, uplink, cellular modem and signal strength, VPN, and AirWave
configuration details before logging in to the Instant UI.
The following figure shows the information displayed in the connectivity summary:
Figure 3 Connectivity Summary
The Internet status is available only if the Internet failover feature (System > Show advanced option > uplink >
Internet failover) is enabled.
The cellular provider and cellular strength information is only available when a 3G or 4G modem is in use.
Language
The Language drop-down lists the languages and allows users to select their preferred language before logging in to
the Instant UI. A default language is selected based on the language preferences in the client desktop operating
system or browser. If Instant cannot detect the language, then English is used as the default language.
44. 44 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
You can also select the required language option from the Languages drop-down located at the bottom left corner of
the Instant main window.
Main Window
On logging into Instant, the Instant UI Main Window is displayed. The following figure shows the Instant main
window:
Figure 4 Instant Main Window
The main window consists of the following elements:
l Banner
l Search
l Tabs
l Links
l Views
Banner
The banner is a horizontal gray rectangle that appears at the top left corner of the Instant main window. It displays
the company name, logo, and Virtual Controller's name.
Search
Administrators can search for an IAP, client, or a network in the Search text box. When you type a search text, the
search function suggests matching keywords and allows you to automatically complete the search text entry.
Tabs
The Instant main window consists of the following tabs:
n Networks Tab— Provides information about the network profiles configured in the Instant network.
n Access Points Tab— Provides information about the IAPs configured in the Instant network.
n Clients Tab— Provides information about the clients in the Instant network.
Each tab appears in a compressed view by default. The number of networks, IAPs, or clients in the network
precedes the tab names. The individual tabs can be expanded or collapsed by clicking on the tabs. The list items in
each tab can be sorted by clicking the triangle icon next to the heading labels.
45. Networks Tab
This tab displays a list of Wi-Fi networks that are configured in the Instant network. The network names are
displayed as links. The expanded view displays the following information about each WLAN SSID:
l Name (SSID) — Name of the network.
l Clients — Number of clients that are connected to the network.
l Type — Type of network type such as Employee, Guest, or Voice.
l Band — Band in which the network is broadcast: 2.4 GHz band, 5 GHz band, or both.
l Authentication Method — Authentication method required to connect to the network.
l Key Management — Authentication key type.
l IP Assignment— Source of IP address for the client.
l Zone—AP zone configured on the SSID.
To add a wireless network profile, click the New link in the Networks tab. To edit, click the edit link that is displayed
on clicking the network name in the Networks tab. To delete a network, click on the link x.
For more information on the procedure to add or modify a wireless network, see Wireless Network Profiles on page
92.
Access Points Tab
If the Auto Join Mode feature is enabled, a list of enabled and active IAPs in the Instant network is displayed in the
Access Points tab. The IAP names are displayed as links. If the Auto Join Mode feature is disabled, the New link is
displayed. Click this link to add a new IAP to the network. If an IAP is configured and not active, its MAC Address is
displayed in red.
The expanded view of the Access Points tab displays the following information about each IAP:
l Name — Name of the IAP. If the IAP functions as a master IAP in the network, the asterisk sign "*" is displayed
next to the IAP.
l IP Address — IP address of the IAP.
l Mode — Mode of the IAP.
n Access — In this mode, the AP serves clients and scans the home channel for spectrum analysis while
monitoring channels for rogue APs in the background.
n Monitor — In this mode, the AP acts as a dedicated Air Monitor (AM), scanning all channels for rogue APs and
clients.
l Spectrum— When enabled, the AP functions as a dedicated full-spectrum RF monitor, scanning all channels to
detect interference from neighboring APs or non-Wi-Fi devices such as microwaves and cordless phones. When
Spectrum is enabled, the AP does not provide access services to clients.
l Clients — Number of clients that are currently associated to the IAP.
l Type — Model number of the IAP.
l Mesh Role — Role of the IAP as a mesh portal or mesh point.
l Zone—AP zone.
l Channel — Channel on which the IAP is currently broadcast.
l Power (dB) — Maximum transmission EIRP of the radio.
l Utilization (%) — Percentage of time that the channel is utilized.
l Noise (dBm) — Noise floor of the channel.
An edit link is displayed on clicking the IAP name. For details about editing IAP settings see Customizing IAP
Settings on page 83.
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 45
46. 46 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
Clients Tab
This tab displays a list of clients that are connected to the Instant network. The client names are displayed as links.
The expanded view displays the following information about each client:
l Name — User name of the client or guest users if available.
l IP Address — IP address of the client.
l MAC Address — MAC address of the client.
l OS — Operating system that runs on the client.
l Network — The network to which the client is connected.
l Access Point — IAP to which the client is connected.
l Channel — The client operating channel.
l Type — Type of the Wi-Fi client: A, G, AN, or GN.
l Role — Role assigned to the client.
l Signal — Current signal strength of the client, as detected by the AP.
l Speed (mbps) — Current speed at which data is transmitted. When the client is associated with an AP, it
constantly negotiates the speed of data transfer. A value of 0 means that the AP has not heard from the client for
some time.
Links
l The following links allow you to configure various features for the Instant network:
l New Version Available
l System
l RF
l Security
l Maintenance
l More
l Help
l Logout
l Monitoring
l Client Match
l AppRF
l Spectrum
l Alerts
l IDS
l Configuration
l AirGroup
l AirWave Setup
l Pause/Resume
Each of these links is explained in the subsequent sections.
New Version Available
This link is displayed in the top right corner of the Instant main window only if a new image version is available on the
image server and AirWave is not configured. For more information about the New version available link and its
functions, see Upgrading an IAP on page 320.
47. System
This link displays the System window. The System window consists of the following tabs:
Use the Show/Hide Advanced option at the bottom of the System window to view or hide the advanced options.
l General— Allows you to configure, view or edit the Name, IP address, NTP Server, and other IAP settings for the
Virtual Controller. For more information on the basic and additional configuration settings that can be performed
on this tab, see Basic Configuration Tasks on page 73 and Additional Configuration Tasks on page 77.
l Admin — Allows you to configure administrator credentials for access to the Virtual Controller Management User
Interface. You can also configure AirWave in this tab. For more information on management interface and
AirWave configuration, see Managing IAP Users on page 140 and Managing an IAP from AirWave on page 275
respectively.
l Uplink — Allows you to view or configure uplink settings. See Uplink Configuration on page 288 for more
information.
l L3 Mobility — Allows you to view or configure the Layer-3 mobility settings. See Configuring L3-Mobility on page
310 for more information.
l Enterprise Domains — Allows you to view or configure the DNS domain names that are valid in the enterprise
network. See Configuring Enterprise Domains on page 188 for more information.
l Monitoring — Allows you to view or configure the following details:
n Syslog — Allows you to view or configure Syslog Server details for sending syslog messages to the external
servers. See Configuring a Syslog Server on page 333 for more information.
n TFTP Dump — Allows you to view or configure a TFTP dump server for core dump files. See Configuring
TFTP Dump Server on page 335 for more information.
n SNMP — Allows you to view or configure SNMP agent settings. See Configuring SNMP on page 330 for more
information.
l WISPr — Allows you to view or configure the WISPr settings. See Configuring WISPr Authentication on page 170
for more information.
l Proxy — Allows you to configure HTTP proxy on an IAP. See Configuring HTTP Proxy on an IAP on page 320 for
more information.
The following figure provides a view of the System window with the advanced options.
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 47
48. 48 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
Figure 5 System Window
RF
The RF link displays a window for configuring Adaptive Radio Management (ARM) and Radio features.
l ARM — Allows you to view or configure channel and power settings for all the IAPs in the network. For information
about ARM configuration, see ARM Overview on page 232.
l Radio — Allows you to view or configure radio settings for 2.4 GHz and the 5 GHz radio profiles. For information
about Radio, see Configuring Radio Settings for an IAP on page 238.
The following figure provides a view of the RF window with the advanced options for ARM configuration:
49. Figure 6 RF Window
Security
The Security link displays a window with the following tabs:
l Authentication Servers— Use this tab to configure an external RADIUS server for a wireless network. For more
information, see Configuring an External Server for Authentication on page 157.
l Users for Internal Server— Use this tab to populate the system’s internal authentication server with users. This
list is used by networks for which per-user authorization is specified using the Virtual Controller’s internal
authentication server. For more information about users, see Managing IAP Users on page 140.
l Roles— Use this tab to view the roles defined for all the Networks. The Access Rules part allows you to configure
permissions for each role. For more information, see Configuring User Roles on page 190 and Configuring
Access Rules for Network Services on page 177.
l Blacklisting— Use this tab to blacklist clients. For more information, see Blacklisting Clients on page 171.
l Firewall Settings— Use this tab to enable or disable Application Layer Gateway (ALG) supporting address and
port translation for various protocols and to configure protection against wired attacks. For more information, see
Configuring ALG Protocols on page 181 and Configuring Firewall Settings for Protection from ARP Attacks on
page 181
l Inbound Firewall— Use this tab to enhance the inbound firewall by allowing configuration of inbound firewall
rules, management subnets, and restricted corporate access through an uplink switch. For more information, see
Managing Inbound Traffic on page 183.
l Walled Garden—Use this window to allow or prevent access to a selected list of websites. For more information,
see Configuring Walled Garden Access on page 138.
l External Captive Portal— Use this window to configure external captive portal profiles. For more information,
see Configuring External Captive Portal for a Guest Network on page 129.
The following figure shows the default view of the Security window:
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 49
50. 50 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
Figure 7 Security Window - Default View
Maintenance
The Maintenance link displays a window that allows you to maintain the Wi-Fi network. The Maintenance window
consists of the following tabs:
l About—Displays the name of the product, build time, IAP model name, the Instant version, website address of
Aruba Networks, and Copyright information.
l Configuration— Displays the following details:
n Current Configuration — Displays the current configuration details.
n Clear Configuration —Allows you to clear the current configuration details of the network.
n Backup Configuration — Allows you to back up local configuration details. The backed up configuration data
is saved in the file named instant.cfg.
n Restore Configuration — Allows you to restore the backed up configuration. The IAP must be rebooted after
restoring the configuration for the changes to affect.
l Certificates — Displays information about the certificates installed on the IAP. You can also upload new
certificates and set a passphrase for the certificates. For more information, see Uploading Certificates on page
173.
l Firmware — Displays the current firmware version and provides various options to upgrade to a new firmware
version. For more information, see Upgrading an IAP on page 320.
l Reboot — Displays the IAPs in the network and provides an option to reboot the required access point or all
access points. For more information, see Upgrading an IAP on page 320.
l Convert — Provides an option to convert an IAP to a mobility controller managed Remote AP or Campus AP, or
to the default Virtual Controller mode. For more information, see Converting an IAP to a Remote AP and Campus
AP on page 323.
The following figure shows the default view of the Maintenance window:
51. Figure 8 Maintenance Window - Default View
More
The More link allows you to select the following options:
l VPN
l IDS
l Wired
l Services
l DHCP Server
l Support
VPN
The VPN window allows you to define communication settings with a remote Controller. See VPN Configuration on
page 210 for more information. The following figure shows an example of the IPSec configuration options available in
the VPN window:
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 51
52. 52 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
Figure 9 VPN window for IPSec Configuration
IDS
The IDS window allows you to configure wireless intrusion detection and protection levels. The following figures
show the IDS window:
Figure 10 IDS Window: Intrusion Detection
53. Figure 11 IDS Window: Intrusion Protection
For more information on wireless intrusion detection and protection, see Detecting and Classifying Rogue APs on
page 299.
Wired
The Wired window allows you to configure a wired network profile. See Wired Profiles on page 111 for more
information. The following figure shows the Wired window:
Figure 12 Wired Window
Services
The Services window allows you to configure services such as AirGroup, RTLS, and OpenDNS. The Services
window consists of the following tabs:
l AirGroup — Allows you to configure the AirGroup and AirGroup services. For more information, see AirGroup
Configuration on page 255.
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 53
54. 54 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
l RTLS — Allows you to integrate AirWave Management platform or third-party Real Time Location Server such as
Aeroscout Real Time Location Server with Instant. For more information, see Configuring an IAP for
RTLS Support on page 263.
The RTLS tab also allows you to integrate IAP with the Analytics and Location Engine (ALE). For more
information about configuring an IAP for ALE integration, see Configuring an IAP for Analytics and Location
Engine Support on page 265.
l OpenDNS— Allows you to configure support for OpenDNS business solutions, which require an OpenDNS
(www.opendns.com) account. The OpenDNS credentials are used by Instant and AirWave to filter content at the
enterprise level. For more information, see Configuring OpenDNS Credentials on page 266.
l CALEA—Allows you configure support for Communications Assistance for Law Enforcement Act (CALEA)
server integration, thereby ensuring compliance with Lawful Intercept and CALEA specifications. For more
information, see CALEA Integration and Lawful Intercept Compliance on page 270.
l Network Integration—Allows you to configure an IAP for integration with Palo Alto Networks (PAN) Firewall and
XML API server. For more information about IAP integration with PAN, see Integrating an IAP with Palo Alto
Networks Firewall on page 267and Integrating an IAP with an XML API interface on page 268.
The following figure shows the default view of the Services window:
Figure 13 Services Window: Default View
DHCP Server
The DHCP Servers window allows you to configure various DHCP modes. The following figure shows the contents
of the DHCP Servers window:
55. Figure 14 DHCP Servers Window
For more information, see DHCP Configuration on page 201.
Support
The Support consists of the following fields:
l Command— Allows you to select a support command for execution.
l Target—Displays a list of IAPs in the network.
l Run— Allows you to execute the selected command for a specific IAP or all IAPs and view logs.
l Auto Run— Allows you to configure a schedule for automatic execution of a support command for a specific IAP
or all IAPs.
l Filter—Allows you to filter the contents of a command output.
l Clear—Clears the command output displayed after a command is executed.
l Save— Allows you to save the support command logs as an HTML or text file.
For more information on support commands, see Running Debug Commands from the UI on page 336. The following
figure shows the Support window:
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 55
56. 56 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
Figure 15 Support Window
Help
The Help link allows you to view a short description or definition of selected terms and fields in the UI windows or
dialogs.
To activate the context-sensitive help:
1. Click the Help link at the top right corner of Instant main window.
2. Click any text or term displayed in green italics to view its description or definition.
3. To disable the help mode, click Done.
Logout
The Logout link allows you to log out of the Instant UI.
Monitoring
The Monitoring link displays the Monitoring pane for the Instant network. Use the down arrow located to the
right side of these links to compress or expand the monitoring pane.
The monitoring pane consists of the following sections:
l Info
l RF Dashboard
l RF Trends
l Usage Trends
l Mobility Trail
Info
The Info section displays the configuration information of the Virtual Controller by default. On selecting the Network
View tab, the monitoring pane displays configuration information of the selected network. Similarly in the Access
Point or the Client view, this section displays the configuration information of the selected IAP or the client.
57. Name Description
Info section in Virtual
Controller view
The Info section in the Virtual Controller view displays the following information:
l Name— Displays the Virtual Controller name.
l Country Code— Displays the Country in which the Virtual Controller is operating.
l Virtual Controller IP address— Displays the IP address of the Virtual Controller.
l Management: Indicates if the IAP is managed locally or through AirWave or
Aruba Central.
l Master— Displays the IP address of the Access Point acting as Virtual Controller.
l OpenDNS Status— Displays the OpenDNS status. If the OpenDNS status
indicates Not Connected, ensure that the network connection is up and
appropriate credentials are configured for OpenDNS.
l MAS integration— Displays the status of the MAS integration feature.
l Uplink type — Displays the type of uplink configured on the IAP, for example,
Ethernet or 3G.
l Uplink status — Indicates the uplink status.
l Blacklisted clients — Displays the number of blacklisted clients.
l Internal RADIUS Users — Displays the number of internal RADIUS users.
l Internal Guest Users — Displays the number of internal guest users.
l Internal User Open Slots— Displays the available slots for user configuration as
supported by the IAP model.
Info section in Network view The Info section in the Network view displays the following information:
l Name — Displays the name of the network.
l Status — Displays the status of the network.
l Type — Displays the type of network, for example, Employee, Guest, or Voice.
l IP Assignment— Indicates if the IAP clients are assigned IP address from the
network that the Virtual Controller is connected to, or from an internal auto-
generated IP scope from the Virtual Controller.
l Access— Indicates the level of access control configured for the network.
l WMM DSCP—Displays WMM DSCP mapping details.
l Security level— Indicates the type of user authentication and data encryption
configured for the network.
The info section for WLAN SSIDs also indicates status of Captive Portal and CALEA
ACLs and provides a link to upload certificates for internal server. For more
information, see Uploading Certificates on page 173.
Info section in Access Point
view
The Info section in the Access Point view displays the following information:
l Name — Displays the name of the selected IAP.
l IP Address — Displays the IP address of the IAP.
l Mode — Displays the mode in which the AP is configured to operate:
l In Access mode, the IAP serves clients, while also monitoring for
rogue APs in the background.
l In Monitor mode, the IAP acts as a dedicated monitor, scanning all
channels for rogue APs and clients.
l Spectrum — Displays the status of the spectrum monitor.
l Clients — Number of clients associated with the IAP.
l Type — Displays the model number of the IAP.
l Zone — Displays AP zone details.
l CPU Utilization — Displays the CPU utilization in percentage.
l Memory Free — Displays the memory availability of the IAP in MB.
l Serial number — Displays the serial number of the IAP.
l MAC— Displays the MAC address.
l From Port— Displays the port from where the slave IAP is learned in hierarchy
mode.
Table 8: Contents of the Info Section in the Instant Main Window
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 57
58. 58 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
Name Description
Info section in Client view The Info section in the Client view displays the following information:
l Name— Displays the name of the client.
l IP Address— Displays IP address of the client.
l MAC Address— Displays MAC Address of the client.
l OS— Displays the Operating System that is running on the client.
l Network— Indicates the network to which the client is connected.
l Access Point— Indicates the IAP to which the client is connected.
l Channel— Indicates the channel that is currently used by the client.
l Type— Displays the channel type on which client is broadcasting.
l Role—Displays the role assigned to the client.
Table 8: Contents of the Info Section in the Instant Main Window
RF Dashboard
The RF Dashboard section lists the IAPs that exceed the utilization, noise, or error threshold. It also shows the
clients with low speed or signal strength in the network and the RF information for the IAP to which the client is
connected.
The IAP names are displayed as links. When an IAP is clicked, the IAP configuration information is displayed in the
Info section and the RF Dashboard section is displayed at the bottom left corner of the Instant main window.
The following figure shows an example of the RF dashboard with Utilization, Band frames, Noise Floor, and Errors
details:
Figure 16 RF Dashboard in the Monitoring Pane
The following table describes the icons available on the RF Dashboard pane:
59. Icon Name Description
1 Signal
Icon
Displays the signal strength of the client. Depending on the signal strength of the client, the color
of the lines on the Signal bar changes from Green > Orange > Red.
l Green— Signal strength is more than 20 decibels.
l Orange— Signal strength is between 15-20 decibels.
l Red— Signal strength is less than 15 decibels.
To view the signal graph for a client, click on the signal icon next to the client in the Signal
column.
2 Speed
icon
Displays the data transfer speed of the client. Depending on the data transfer speed of the client,
the color of the Signal bar changes from Green > Orange > Red.
l Green— Data transfer speed is more than 50 percent of the maximum speed supported by
the client.
l Orange— Data transfer speed is between 25-50 percent of the maximum speed supported by
the client.
l Red— Data transfer speed is less than 25 percent of the maximum speed supported by the
client.
To view the data transfer speed graph of a client, click on the speed icon against the client in the
Speed column.
3 Utilization
icon
Displays the radio utilization rate of the IAPs. Depending on the percentage of utilization, the
color of the lines on the Utilization icon changes from Green > Orange > Red.
l Green— Utilization is less than 50 percent.
l Orange— Utilization is between 50-75 percent.
l Red— Utilization is more than 75 percent.
To view the utilization graph of an IAP, click the Utilization icon next to the IAP in the Utilization
column.
4 Noise icon Displays the noise floor details for the IAPs. Noise is measured in decibels/meter. Depending on
the noise floor, the color of the lines on the Noise icon changes from Green > Orange > Red.
l Green— Noise floor is more than 87 dBm.
l Orange— Noise floor is between 80 dBm-87 dBm.
l Red— Noise floor is less than 80 dBm.
To view the noise floor graph of an IAP, click the noise icon next to the IAP in the Noise column.
5 Errors
icon
Displays the errors for the IAPs. Depending on the errors, color of the lines on the Errors icon
changes from Green > Yellow > Red.
l Green— Errors are less than 5000 frames per second.
l Orange— Errors are between 5000-10000 frames per second.
l Red— Errors are more than 10000 frames per second.
To view the errors graph of an IAP, click the Errors icon next to the IAP in the Errors column.
Table 9: RF Dashboard Icons
RF Trends
The RF Trends section displays the following graphs for the selected AP and the client. To view the details on the
graphs, click the graphs and hover the mouse on a data point:
Figure 17 RF Trends for Access Point
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 59
60. 60 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
Figure 18 RF Trends for Clients
Usage Trends
The Usage Trends displays the following graphs:
l Clients — In the default view, the Clients graph displays the number of clients that were associated with the
Virtual Controller in the last 15 minutes. In Network or Access Points view, this graph displays the number of
clients that were associated with the selected network or IAP in the last 15 minutes.
l Throughput— In the default view, the Throughput graph displays the incoming and outgoing throughput traffic for
the Virtual Controller in the last 15 minutes. In the Network or Access Points view, this graph displays the
incoming and outgoing throughput traffic for the selected network or IAP in the last 15 minutes.
Figure 19 Usage Trends Graphs in the Default View
61. The following table describes the graphs displayed in the Network view:
Graph Name Description Monitoring Procedure
Clients The Clients graph shows the number of clients
associated with the network for the last 15
minutes.
To see an enlarged view, click the graph.
l The enlarged view provides Last, Minimum,
Maximum, and Average statistics for the
number of clients associated with the Virtual
Controller for the last 15 minutes.
l To see the exact number of clients in the
Instant network at a particular time, move the
cursor over the graph line.
To check the number of clients associated
with the network for the last 15 minutes,
1. Log in to the Instant UI. The Virtual
Controller view appears. This is the
default view.
2. In the Networks tab, click the network for
which you want to check the client
association. The Network view is
displayed.
3. Study the Clients graph in the Usage
Trends pane. For example, the graph
shows that one client is associated with
the selected network at 12:00 hours.
Throughput The Throughput graph shows the throughput of
the selected network for the last 15 minutes.
l Outgoing traffic — Throughput for outgoing
traffic is displayed in green. Outgoing traffic is
shown above the median line.
l Incoming traffic — Throughput for incoming
traffic is displayed in blue. Incoming traffic is
shown below the median line.
To see an enlarged view, click the graph.
l The enlarged view provides Last, Minimum,
Maximum, and Average statistics for the
incoming and outgoing traffic throughput of the
network for the last 15 minutes.
To see the exact throughput of the selected
network at a particular time, move the cursor over
the graph line.
To check the throughput of the selected
network for the last 15 minutes,
1. Log in to the Instant UI. The Virtual
Controller view is displayed. This is the
default view.
2. In the Networks tab, click the network for
which you want to check the client
association. The Network view is
displayed.
3. Study the Throughput graph in the Usage
Trends pane. For example, the graph
shows 22.0 Kbps incoming traffic
throughput for the selected network at
12:03 hours.
Table 10: Network View — Graphs and Monitoring Procedures
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 61
62. 62 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
The following table describes the graphs displayed in the Access Point view:
Graph
Name
Description Monitoring Procedure
Neighboring
APs
The Neighboring APs graph shows the
number of APs heard by the selected IAP:
l Valid APs: An AP that is part of the
enterprise providing WLAN service.
l Interfering APs: An AP that is seen in
the RF environment but is not
connected to the network.
l Rogue APs: An unauthorized AP that is
plugged into the wired side of the
network.
To see the number of different types of
neighboring APs for the last 15 minutes,
move the cursor over the respective graph
lines.
To check the neighboring APs detected by the IAP for
the last 15 minutes,
1. Log in to the Instant UI. The Virtual Controller view
is displayed. This is the default view.
2. In the Access Points tab, click the IAP for which you
want to monitor the client association. The IAP view
is displayed.
3. Study the Neighboring APs graph in the Overview
section. For example, the graph shows that 148
interfering APs are detected by the IAP at 12:04
hours.
CPU
Utilization
The CPU Utilization graph displays the
utilization of CPU for the selected IAP.
To see the CPU utilization of the IAP, move
the cursor over the graph line.
To check the CPU utilization of the IAP for the last 15
minutes,
1. Log in to the Instant UI. The Virtual Controller view
is displayed. This is the default view.
2. In the Access Points tab, click the IAP for which you
want to monitor the client association. The IAP view
is displayed.
3. Study the CPU Utilization graph in the Overview
pane. For example, the graph shows that the CPU
utilization of the IAP is 30% at 12:09 hours.
Neighboring
Clients
The Neighboring Clients graph shows the
number of clients not connected to the
selected AP, but heard by it.
l Any client that successfully
authenticates with a valid AP and
passes encrypted traffic is classified as
a valid client.
l Interfering: A client associated to any
AP and is not valid is classified as an
interfering client.
To see the number of different types of
neighboring clients for the last 15 minutes,
move the cursor over the respective graph
lines.
To check the neighboring clients detected by the IAP
for the last 15 minutes,
1. Log in to the Instant UI. The Virtual Controller view
is displayed. This is the default view.
2. In the Access Points tab, click the IAP for which you
want to monitor the client association. The IAP view
is displayed.
3. Study the Neighboring Clients graph in the
Overview pane. For example, the graph shows that
20 interfering clients were detected by the IAP at
12:15 hours.
Table 11: Access Point View — Usage Trends and Monitoring Procedures
63. Graph
Name
Description Monitoring Procedure
Memory free
(MB)
The memory free graph displays the
memory availability of the IAP in MB.
To see the free memory of the IAP, move
the cursor over the graph line.
To check the free memory of the IAP for the last 15
minutes,
1. Log in to the Instant UI. The Virtual Controller view
is displayed. This is the default view.
2. In the Access Points tab, click the IAP for which you
want to monitor the client association. The IAP view
is displayed.
3. Study the Memory free graph in the Overview pane.
For example, the graph shows that the free memory
of the IAP is 64 MB at 12:13 hours.
Clients The Clients graph shows the number of
clients associated with the selected IAP for
the last 15 minutes.
To see an enlarged view, click the graph.
The enlarged view provides Last,
Minimum, Maximum, and Average
statistics for the number of clients
associated with the IAP for the last 15
minutes.
To see the exact number of clients
associated with the selected IAP at a
particular time, move the cursor over the
graph line.
To check the number of clients associated with the IAP
for the last 15 minutes,
1. Log in to the Instant UI. The Virtual Controller view
is displayed. This is the default view.
2. In the Access Points tab, click the IAP for which you
want to monitor the client association. The IAP view
is displayed.
3. Study the Clients graph. For example, the graph
shows that six clients are associated with the IAP at
12:11 hours.
Throughput The Throughput graph shows the
throughput for the selected IAP for the last
15 minutes.
l Outgoing traffic — Throughput for
outgoing traffic is displayed in green.
Outgoing traffic is shown about the
median line.
l Incoming traffic — Throughput for
incoming traffic is displayed in blue.
Incoming traffic is shown below the
median line.
To see an enlarged view, click the graph.
l The enlarged view provides Last,
Minimum, Maximum, and Average
statistics for the incoming and outgoing
traffic throughput of the IAP for the last
15 minutes.
To see the exact throughput of the selected
IAP at a particular time, move the cursor
over the graph line.
To check the throughput of the selected IAP for the last
15 minutes,
1. Log in to the Instant UI. The Virtual Controller view
is displayed. This is the default view.
2. In the Access Points tab, click the IAP for which you
want to monitor the throughput. The IAP view is
displayed.
3. Study the Throughput graph. For example, the
graph shows 44.03 Kbps incoming traffic
throughput at 12:08 hours.
Table 11: Access Point View — Usage Trends and Monitoring Procedures
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 63
64. 64 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
The following table describes the RF trends graphs available in the client view:
Graph
Name
Description Monitoring Procedure
Signal The Signal graph shows the signal
strength of the client for the last 15 minutes.
It is measured in decibels.
To see an enlarged view, click the graph.
The enlarged view provides Last,
Minimum, Maximum, and Average signal
statistics of the client for the last 15
minutes.
To see the exact signal strength at a
particular time, move the cursor over the
graph line.
To monitor the signal strength of the selected client for
the last 15 minutes,
1. Log in to the Instant UI. The Virtual Controller view is
displayed. This is the default view.
2. In the Clients tab, click the IP address of the client
for which you want to monitor the signal strength.
The client view is displayed.
3. Study the Signal graph in the RF Trends pane. For
example, the graph shows that signal strength for
the client is 54.0 dB at 12:23 hours.
Frames The Frames Graph shows the In and Out
frame rate per second of the client for the
last 15 minutes. It also shows data for the
Retry In and Retry Out frames.
l Outgoing frames — Outgoing frame
traffic is displayed in green. It is shown
above the median line.
l Incoming frames — Incoming frame
traffic is displayed in blue. It is shown
below the median line.
l Retry Out — Retries for the outgoing
frames are displayed above the median
line in black .
l Retry In — Retries for the incoming
frames are displayed below the median
line in red.
To see an enlarged view, click the graph.
The enlarged view provides Last,
Minimum, Maximum, and Average statistics
for the In, Out, Retries In, and Retries Out
frames.
To see the exact frames at a particular time
move the cursor over the graph line.
To monitor the In and Out frame rate per second and
retry frames for the In and Out traffic, for the last 15
minutes,
1. Log in to the Instant UI. The Virtual Controller view is
displayed. This is the default view.
2. In the Clients tab, click the IP address of the client
for which you want to monitor the frames. The client
view is displayed.
3. Study the Frames graph in the RF Trends pane. For
example, the graph shows 4.0 frames per second
for the client at 12:27 hours.
Speed The Speed graph shows the data transfer
speed for the client. Data transfer is
measured in Mbps.
To see an enlarged view, click the graph.
The enlarged view shows Last, Minimum,
Maximum, and Average statistics of the
client for the last 15 minutes.
To see the exact speed at a particular time,
move the cursor over the graph line.
To monitor the speed for the client for the last 15
minutes,
1. Log in to the Instant UI. The Virtual Controller view is
displayed. This is the default view.
2. In the Clients tab, click the IP address of the client
for which you want to monitor the speed. The client
view is displayed.
3. Study the Speed graph in the RF Trends pane. For
example, the graph shows that the data transfer
speed at 12:26 hours is 240 Mbps.
Throughput The Throughput Graph shows the
throughput of the selected client for the last
15 minutes.
l Outgoing traffic — Throughput for
outgoing traffic is displayed in green.
Outgoing traffic is shown above the
median line.
l Incoming traffic — Throughput for
To monitor the errors for the client for the last 15
minutes,
1. Log in to the Instant UI. The Virtual Controller view is
displayed. This is the default view.
2. In the Clients tab, click the IP address of the client
for which you want to monitor the throughput. The
client view is displayed.
3. Study the Throughput graph in the RF Trends pane.
Table 12: Client View — RF Trends Graphs and Monitoring Procedures
65. Graph
Name
Description Monitoring Procedure
incoming traffic is displayed in blue.
Incoming traffic is shown below the
median line.
To see an enlarged view, click the graph.
The enlarged view shows Last, Minimum,
Maximum, and Average statistics for the
incoming and outgoing traffic throughput of
the client for the last 15 minutes.
To see the exact throughput at a particular
time, move the cursor over the graph line.
For example, the graph shows 1.0 Kbps outgoing
traffic throughput for the client at 12:30 hours.
Table 12: Client View — RF Trends Graphs and Monitoring Procedures
Mobility Trail
The Mobility Trail section displays the following mobility trail information for the selected client:
l Association Time— The time at which the selected client was associated with a particular IAP.
The Instant UI shows the client and IAP association over the last 15 minutes.
l Access Point— The IAP name with which the client was associated.
Mobility information about the client is reset each time it roams from one IAP to another.
Client Match
If client match is enabled, the Client Match link provides a graphical representation of radio map view of an AP and
the client distribution on an AP radio.
On clicking an access point in the Access Points tab and the Client Match link, a stations map view is displayed
and a graph is drawn with real-time data points for the AP radio. If the AP supports dual band, you can toggle
between 2.4GHz and 5 GHz links in the client match graph area to view the data. When you hover the mouse on the
graph, details such as RSSI, client match status, and the client distribution on channels are displayed.
The following figure shows the client distribution details for an AP radio.
Figure 20 Client Distribution on AP Radio
On clicking a client in the Clients tab and the Client Match link, a graph is drawn with real-time data points for an AP
radio map. When you hover the mouse on the graph, details such as RSSI, channel utilization details, and client
count on each channel are displayed.
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 65
66. 66 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
The following figure shows the client view heatmap for an AP radio:
Figure 21 Channel Availability Map for Clients
AppRF
The AppRF link displays the application traffic summary for IAPs and client devices. The AppRF link in the activity
panel is displayed only if AppRF visibility is enabled in the System window. For more information on application
visibility and AppRF charts, see Application Visibility on page 242.
Spectrum
The spectrum link (in the Access Point view) displays the spectrum data that is collected by a hybrid AP or by an
IAP that has enabled spectrum monitor. The spectrum data is not reported to the Virtual Controller.
The spectrum link displays the following:
l Device list - The device list display consists of a device summary table and channel information for active non
Wi-Fi devices currently seen by a spectrum monitor or hybrid AP radio.
l Channel Utilization and Monitoring - This chart provides an overview of channel quality across the spectrum. It
shows channel utilization information such as channel quality, availability, and utilization metrics as seen by a
spectrum monitor for the 2.4 GHz and 5 GHz radio bands. The first bar for each channel represents the
percentage of air time used by non Wi-Fi interference and Wi-Fi devices. The second bar indicates the channel
quality. A higher percentage value indicates better quality.
l Channel Details - When you move your mouse over a channel, the channel details or the summary of the 5 GHz
and 2.4 GHz channels as detected by a spectrum monitor are displayed. You can view the aggregate data for
each channel seen by the spectrum monitor radio, including the maximum AP power, interference and the Signal-
to-Noise and Interference Ratio (SNIR). Spectrum monitors display spectrum analysis data seen on all channels
in the selected band, and hybrid IAPs display data from the one channel they are monitoring.
For more information on spectrum monitoring, see Spectrum Monitor on page 312.
Alerts
Alerts are generated when a user encounters problems while accessing or connecting to a network. The alerts that
are generated can be categorized as follows:
l 802.11 related association and authentication failure alerts
l 802.1X related mode and key mismatch, server, and client time-out failure alerts
l IP address related failures - Static IP address or DHCP related alerts.
The following figure shows the contents of details displayed on clicking the Alerts link:
67. Figure 22 Alerts Link
The Alerts link displays the following types of alerts:
l Client Alerts
l Active Faults
l Fault History
Type of Alert Description Information Displayed
Client Alerts The Client alerts occur when
clients are connected to the
Instant network.
A client alert displays the following fields:
l Timestamp— Displays the time at which the client alert was
recorded.
l MAC address— Displays the MAC address of the client that
caused the alert.
l Description— Provides a short description of the alert.
l Access Points— Displays the IP address of the IAP to which
the client is connected.
l Details— Provides complete details of the alert.
Active Faults The Active Faults occur in the
event of a system fault.
An Active Faults consists of the following fields:
l Time— Displays the system time when an event occurs.
l Number— Indicates the number of sequence.
l Description— Displays the event details.
Fault History The Fault History alerts occur in
the event of a system fault.
The Fault History displays the following information:
l Time— Displays the system time when an event occurs.
l Number— Indicates the number of sequence.
l Cleared by— Displays the module which cleared this fault.
l Description— Displays the event details.
Table 13: Types of Alerts
The following figures show the client alerts, fault history, and active faults:
Aruba Instant 6.4.0.2-4.1 | User Guide Instant User Interface | 67
68. 68 | Instant User Interface Aruba Instant 6.4.0.2-4.1 | User Guide
Figure 23 Client Alerts
Figure 24 Fault History
Figure 25 Active Faults
The following table displays a list of alerts that are generated in the IAP network: