great-tk: 2015

2015年12月16日水曜日

SHA2 support

Vendors support

General Japan's papers

IPA

https://www.ipa.go.jp/files/000013899.pdf

GlobalSign

https://jp.globalsign.com/information/important/detail.php?no=1444268118

Cybertrust

https://www.cybertrust.ne.jp/sureserver/productinfo/sha1ms.html

Blog

http://blogs.technet.com/b/jpsecurity/archive/2015/11/02/faq-microsoft-policy-on-sha1-deprecation.aspx

2015年11月4日水曜日

DFSのレーダーは約30分後にクリアされる

(Aruba3200) #show log all | include Radar
Nov 2 18:30:36 sapd[825]: <404076> <WARN> |AP AP2@10.215.1.27 sapd| AM 00:24:6c:83:3f:58: Radar detected on interface wifi0, channel 100, typeid 11
Nov 2 18:30:37 sapd[825]: <404088> <WARN> |AP AP2@10.215.1.27 sapd| AM 00:24:6c:83:3f:58: ARM HT Radar Detected Trigger Current Channel old 100+ new 132+/12
Nov 2 19:01:48 sapd[825]: <404102> <WARN> |AP AP2@10.215.1.27 sapd| AM 00:24:6c:83:3f:58: ARM - Radar event cleared on channel 100
Nov 4 18:47:20 sapd[825]: <404076> <WARN> |AP AP2@10.215.1.27 sapd| AM 00:24:6c:83:3f:58: Radar detected on interface wifi0, channel 100, typeid 5
Nov 4 18:47:20 sapd[825]: <404088> <WARN> |AP AP2@10.215.1.27 sapd| AM 00:24:6c:83:3f:58: ARM HT Radar Detected Trigger Current Channel old 100+ new 108+/12
Nov 4 19:10:20 sapd[825]: <404076> <WARN> |AP AP2@10.215.1.27 sapd| AM 00:24:6c:83:3f:58: Radar detected on interface wifi0, channel 108, typeid 0
Nov 4 19:10:21 sapd[825]: <404088> <WARN> |AP AP2@10.215.1.27 sapd| AM 00:24:6c:83:3f:58: ARM HT Radar Detected Trigger Current Channel old 108+ new 132+/12
Nov 4 19:18:26 sapd[825]: <404102> <WARN> |AP AP2@10.215.1.27 sapd| AM 00:24:6c:83:3f:58: ARM - Radar event cleared on channel 100

2015年9月1日火曜日

Control-Plane-Security: CPSec

Step1. default はAuto Cert Provisioningはオフになっているので、オンにする。
Step2. リブート後に成功。

(Aruba7210-1) (Control Plane Security Profile) # show control-plane-security

Control Plane Security Profile
------------------------------
Parameter Value
--------- -----
Control Plane Security Enabled
Auto Cert Provisioning Disabled
Auto Cert Allow All Enabled
Auto Cert Allowed Addresses N/A

(Aruba7210-1) (Control Plane Security Profile) #auto-cert-?
auto-cert-allow-all When enabled, automatic certificate provisioning is
allowed on all APs. When disabled, only APs whose IP
addresses are in the ranges specified by
auto-cert-allowed-addrs are allowed.
auto-cert-allowed-add.. Range of AP IP addresses allowed for automatic
certificate provisioning. Multiple ranges may be
specified.
auto-cert-prov Enable or disable automatic provisioning of
certificates on legacy APs

(Aruba7210-1) (Control Plane Security Profile) #auto-cert-prov ?
<cr>

(Aruba7210-1) (Control Plane Security Profile) #auto-cert-prov
(Aruba7210-1) (Control Plane Security Profile) #show control-plane-security

Control Plane Security Profile
------------------------------
Parameter Value
--------- -----
Control Plane Security Enabled
Auto Cert Provisioning Enabled
Auto Cert Allow All Enabled
Auto Cert Allowed Addresses N/A

(Aruba7210-1) #show ap database

AP Database
-----------
Name Group AP Type IP Address Status Flags Switch IP Standby IP
---- ----- ------- ---------- ------ ----- --------- ----------
93H TK-BP 93H 4.4.4.0 Up 12d:21h:36m:8s RI 10.215.107.128 0.0.0.0
AP-205-1 TK-BP 205 10.215.1.96 Up 1m:48s 2 10.215.107.128 0.0.0.0
RAP-1 TK-BP 105 4.4.4.1 Down R 10.215.107.128 0.0.0.0

Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = Unlicensed
I = Inactive; D = Dirty or no config; E = Regulatory Domain Mismatch
X = Maintenance Mode; P = PPPoE AP; B = Built-in AP; s = LACP striping
R = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP;
c = CERT-based RAP; 1 = 802.1x authenticated AP; 2 = Using IKE version 2
u = Custom-Cert RAP; S = Standby-mode AP; J = USB cert at AP
i = Indoor; o = Outdoor
M = Mesh node; Y = Mesh Recovery

2015年8月4日火曜日

AOS: RAP password based

How to configure password-based RAP's configuration

Step1: setting isakmp key on controller
crypto isakmp key aruba123 address 0.0.0.0 netmask 0.0.0.0

Step2: setting password for each AP on controller
local-userdb add username kuro password aruba123 remote-ip 4.4.4.1 role ap-role

!provision-ap copy-provisioning-params ap-name "6c:f3:7f:cb:61:a6"

Step3: setting APs for RAP. AP needs to be connected to controller once based on CAP at least.

conf t
provision-ap
read-bootinfo ap-name "6c:f3:7f:cb:61:a6"
pap-user "kuro"
pap-passwd "aruba123"
ikepsk "aruba123"
master 10.215.107.126
server-ip 10.215.107.126
ap-group "TK-BP"
ap-name "RAP-1"
remote-ap
show provisioning-params
reprovision ap-name "6c:f3:7f:cb:61:a6"

Step4: logging function

logging level debugging arm
logging level debugging arm subcat client-match
logging level debugging network process dhcpd
logging level informational network
logging level debugging network subcat dhcp
logging level debugging security process authmgr
logging level debugging security process crypto
logging level debugging security
logging level debugging security subcat aaa
logging level debugging security subcat ike
logging level debugging system process stm
logging level informational system
logging level debugging system process stm subcat ap
logging level debugging user
logging level debugging user subcat client-match
logging level informational wireless

2015年5月19日火曜日

電安法についてのあれこれ

・PSEマークはACケーブル独立で調達を海外からする場合には輸入業者が取得を行う。

・ACケーブルと製品が専用品であれば、ケーブルのPSEマークの取得はExceptionとして必要ない。

・ただし、専用品の場合はユーザーに混乱をきたさないように製品とケーブルを一緒に出荷する。

・ACアダプターは上記のACケーブルのようなExceptionはなく、必ず輸入業者がPSEの取得が必要。

・ACアダプターのみを輸入業者が代行をするのが一般的。この役割をメーカーのパートナーが担う。
・メーカーは外国の向上引き渡しで輸入はパートナーが行っていることになっている。
・APのような製品は通常はパートナーが輸入業者
・アダプターは日本で他が輸入したものをパートナーが日本で調達している。

【例外】

・日本の外資系メーカは会計上では物を販売していないことになっているので、輸入業者にはならない。
・同梱しているものは便宜上はArubaがアダプターのみ輸入しているのをパートナーに委託した形となっている。

2015年5月9日土曜日

AP: AP's setenv

apbootのコマンド:
name: AP-name
group: AP-group
master: controller
serverip: controller

name=AP1
group=test1
master=1015.200.197
serverip=0.197
a_ant_gain=cd373c172b56f83028d3a730ab478e0d12540551000020x002
g_ant_gain=cd373c172b56f83028d3a730ab478e0d12540551000020x002

リバースエンジニアリング的には以下のスペックが分かる。メモリは512Mbytes

Model: AP-22x
CPU0: P1020E, Version: 1.1, (0x80ec0011)
Core: E500, Version: 5.1, (0x80212051)
Clock:
CPU0: 800 MHz
CPU1: 800 MHz
CCB: 400 MHz
DDR: 333.333 MHz (666.667 MT/s data rate) (Asynchronous)

DRAM: Configuring DDR for 666.667 MT/s data rate
DDR: 512 MB (DDR3, 32-bit, CL=5, ECC off)

APのインターフェースは
anul0, ap0, bond0, br0, eht0, eth1, gre0, lo等がある。br0に外部からのAPのアドレスがふられている。

以下APのコンソールログ

~ # ifconfig
anul0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

ap0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP RUNNING MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

bond0 Link encap:Ethernet HWaddr 6C:F3:7F:C6:77:7A
inet6 addr: fe80::6ef3:7fff:fec6:777a/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:82 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8206 (8.0 KiB) TX bytes:2820 (2.7 KiB)

br0 Link encap:Ethernet HWaddr 6C:F3:7F:C6:77:7A
inet addr:10.215.1.22 Bcast:10.215.1.255 Mask:255.255.255.0
inet6 addr: fe80::6ef3:7fff:fec6:777a/64 Scope:Link
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:82 errors:0 dropped:0 overruns:0 frame:0
TX packets:71 errors:0 dropped:69 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

eth0 Link encap:Ethernet HWaddr 6C:F3:7F:C6:77:7A
UP BROADCAST RUNNING SLAVE MULTICAST MTU:9000 Metric:1
RX packets:82 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8206 (8.0 KiB) TX bytes:2820 (2.7 KiB)
Base address:0xa000

eth1 Link encap:Ethernet HWaddr 6C:F3:7F:C6:77:7A
UP BROADCAST SLAVE MULTICAST MTU:9000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Base address:0x2000

gre0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP RUNNING MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

~ # Switching to Full Access
~ # rebot
/bin/sh: rebot: not found
~ # reboot
The system is going down NOW !!
Sending SIGTERM to all processes.
Please stand by while rebooting the system.
Restarting system.

APBoot 1.4.0.2 (build 37665)
Built: 2013-03-18 at 15:36:24

Model: AP-22x
CPU0: P1020E, Version: 1.1, (0x80ec0011)
Core: E500, Version: 5.1, (0x80212051)
Clock:
CPU0: 800 MHz
CPU1: 800 MHz
CCB: 400 MHz
DDR: 333.333 MHz (666.667 MT/s data rate) (Asynchronous)
LBC: 25 MHz
L1: D-cache 32KB enabled
I-cache 32KB enabled
I2C: ready
DRAM: Configuring DDR for 666.667 MT/s data rate
DDR: 512 MB (DDR3, 32-bit, CL=5, ECC off)
POST1: memory passed
Flash: 32 MB
L2: 256 KB enabled
Power: 802.3at POE
PCIe1: RC, link up, x1
dev fn venID devID class rev MBAR0 MBAR1 MBAR2 MBAR3
00 00 14e4 43a2 00002 03 80000004 00000000 80200004 00000000
PCIe2: RC, link up, x1
dev fn venID devID class rev MBAR0 MBAR1 MBAR2 MBAR3
00 00 14e4 43a1 00002 03 a0000004 00000000 a0200004 00000000
Net: eth0, eth1
Radio: bcm43460#0, bcm43460#1

Hit <Enter> to stop autoboot: 0
apboot> printenv
bootdelay=2
baudrate=9600
autoload=n
boardname=Ardmore
servername=aruba-master
bootcmd=boot ap
autostart=yes
bootfile=e500.ari
ethaddr=6c:f3:7f:c6:77:7a
name=AP1
group=test1
master=1015.200.197
serverip=0.197
a_ant_gain=cd373c172b56f83028d3a730ab478e0d12540551000020x002
g_ant_gain=cd373c172b56f83028d3a730ab478e0d12540551000020x002
start_type=warm_start
stdin=serial
stdout=serial
stderr=serial
ethact=eth0

Environment size: 408/131068 bytes
apboot> printenv

2015年4月22日水曜日

IAP: RADIUS

IETFのSession-Timeout (27) とIdle-Timeout (28)でコントロール出来ます。

===========================

Default (3600 secs = 60 minutesに再認証間隔を設定。idle-timeout はデフォルトは1000

===========================

6c:f3:7f:c5:35:68# show clients debug

Client List

-----------

Name IP Address MAC Address OS Network Access Point Channel Type Role Signal Speed (mbps) *Reauth Age *Reauth Interval *Reauth ESSID *Authenticated DEL Age Vlan *ESSID *Private role info Accouting Session Name Accouting Start time BSSID Idle Timeout csum *mcast groups *Acct Interval *Class Attribute *Dhcp-Opt Vlan *Dhcp-Opt role Intercept Offline *FB Token *FB RxBytes *FB TxBytes

---- ---------- ----------- -- ------- ------------ ------- ---- ---- ------ ------------ ----------- ---------------- ------------- -------------- --- --- ---- ------ ------------------ ---------------------- -------------------- ----- ------------ ---- ------------- -------------- ---------------- -------------- -------------- --------- ------- --------- ----------- -----------

user1 10.215.1.35 7c:fa:df:80:7f:da TK-IAP-205-EAP 6c:f3:7f:c5:35:68 52+ AN TK-IAP-205-EAP 31(good) 60(ok) 10 3600 TK-IAP-205-EAP yes no 7 1(SSID) TK-IAP-205-EAP(EAP-PEAP) 144(RADIUS-7fff) user1 1422259993 6c:f3:7f:d3:56:93 1000 5c75e7c8 (0) 600 5e0cacfea57c4aa8af726af160b77caeb90b0000000000005230303030303036372d30312d35346335663737310000000000000000000000 0,(null) ,0,0-0 no no null null nul

================================

idel-timeout(300)をRADIUSで設定

================================

6c:f3:7f:c5:35:68# show clients debug

Client List

-----------

user2 10.215.1.35 7c:fa:df:80:7f:da TK-IAP-205-EAP 6c:f3:7f:c5:35:68 52+ AN TK-IAP-205-EAP 30(good) 60(ok) 36 3600 TK-IAP-205-EAP yes no 6 1(SSID) TK-IAP-205-EAP(EAP-PEAP) 144(RADIUS-7fff) user2 1422260822 6c:f3:7f:d3:56:93 300 81a84b14 (0) 600 null 0,(null) ,0,0-0 no no null null null

6c:f3:7f:c5:35:68#

================================

session-timeout(1200) をRADIUSで設定

================================

6c:f3:7f:c5:35:68# show clients debug

Client List

-----------

Name IP Address MAC Address OS Network Access Point Channel Type Role Signal Speed (mbps) *Reauth Age *Reauth Interval *Reauth ESSID *Authenticated DEL Age Vlan *ESSID *Private role info Accouting Session Name Accouting Start time BSSID Idle Timeout csum *mcast groups *Acct Interval *Class Attribute *Dhcp-Opt Vlan *Dhcp-Opt role Intercept Offline *FB Token *FB RxBytes *FB TxBytes

user3 10.215.1.35 7c:fa:df:80:7f:da TK-IAP-205-EAP 6c:f3:7f:c5:35:68 52+ AN TK-IAP-205-EAP 29(good) 60(poor) 10 1200 TK-IAP-205-EAP yes no 7 1(SSID) TK-IAP-205-EAP(EAP-PEAP) 144(RADIUS-7fff) user3 1422261196 6c:f3:7f:d3:56:93 1000 5aa8d979 (1)224.0.0.251 600 null 0,(null) ,0,0-0 no no null null null

6c:f3:7f:c5:35:68#

2015年4月19日日曜日

IAP/AOS:WISPR RADIUS Authentication&Accounting

Aruba-AP-Group is
Aruba-Location-ID is IAP's MAC address

IAP's WISPr RADIUS Authentication & Accounting thru ClearPass

Username:

user1

End-Host Identifier:

0811968a546c

Access Device IP/Port:

10.215.1.39:0

RADIUS Request

Radius:Aruba:Aruba-AP-Group	instant-C5:86:02
Radius:Aruba:Aruba-Essid-Name	Yokohama-Wi-Fi
Radius:Aruba:Aruba-Location-Id	6c:f3:7f:c5:35:68
Radius:IETF:Called-Station-Id	6cf37fc53568
Radius:IETF:Calling-Station-Id	0811968a546c
Radius:IETF:NAS-IP-Address	10.215.1.39
Radius:IETF:NAS-Port	0
Radius:IETF:NAS-Port-Type	19
Radius:IETF:Service-Type	1
Radius:IETF:User-Name	user1
Radius:WISPr:WISPr-Location-ID	isocc=JP,cc=81,ac=0,network=Yokohama-Wi-Fi
Radius:WISPr:WISPr-Location-Name	Wi2Connect,Yokohama-Wi-Fi
Radius:WISPr:WISPr-Logoff-URL	https://securelogin.arubanetworks.com/cgi-bin/login?cmd=logout

Computed Attributes

Authentication:ErrorCode	0
Authentication:Full-Username	user1
Authentication:Full-Username-Normalized	user1
Authentication:MacAuth	NotApplicable
Authentication:OuterMethod	PAP
Authentication:Posture	Unknown
Authentication:Source	[Local User Repository]
Authentication:Status	User
Authentication:Username	user1
Authorization:Sources	[Local User Repository]
Connection:AP-Mac	6cf37fc53568
Connection:Client-Mac-Address	0811968a546c
Connection:Client-Mac-Address-Colon	08:11:96:8a:54:6c
Connection:Client-Mac-Address-Dot	0811.968a.546c
Connection:Client-Mac-Address-Hyphen	08-11-96-8a-54-6c
Connection:Client-Mac-Address-NoDelim	0811968a546c
Connection:Client-Mac-Vendor	Intel Corporate
Connection:Dest-IP-Address	10.215.107.105
Connection:Dest-Port	1812
Connection:NAD-IP-Address	10.215.1.39
Connection:Protocol	RADIUS
Connection:Src-IP-Address	10.215.1.39
Connection:Src-Port	49160
Connection:SSID	Yokohama-Wi-Fi

Account Session ID:

6CF37FD35694-0811968A546C-552CA6C5

Start Timestamp:

Apr 14, 2015 14:33:57 JST

End Timestamp:

Apr 14, 2015 14:35:22 JST

Status:

Inactive

Termination Cause:

Admin-Reset

Service Type:

Number of Authentication Sessions:

Network Details

NAS IP Address:	10.215.1.39:0
NAS Port Type:	Wireless-802.11
Calling Station ID:	0811968a546c
Called Station ID:	6cf37fc53568
Framed IP Address:	10.215.1.95
Account Auth:	-

Utilization

Active Time:	85 Sec
Account Delay Time:	-
Account Input Octets :	566288
Account Output Octets :	768014
Account Input Packets :	1601
Account Output Packets :	1065

Authentication Sessions Details

SessionId	Type	Time Stamp
R00000052-01-552ca6c5	initial	Apr 14, 2015 14:33:57 JST

6c:f3:7f:c5:35:68# show ap bss-table

Aruba AP BSS Table

------------------

bss ess port ip phy type ch/EIRP/max-EIRP cur-cl ap name in-t(s) tot-t

--- --- ---- -- --- ---- ---------------- ------ ------- ------- -----

6c:f3:7f:d3:56:90 IAP-guest ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:51s

6c:f3:7f:d3:56:92 TK-IAP-205-1 ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:43s

6c:f3:7f:d3:56:93 TK-IAP-205-EAP ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:94 Yokohama-Wi-Fi ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:95 wayport ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:41s

6c:f3:7f:d3:56:96 Wayport_Access ?/? 10.215.1.39 a-HT ap 132+/15/22 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:41s

6c:f3:7f:d3:56:80 IAP-guest ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:47s

6c:f3:7f:d3:56:82 TK-IAP-205-1 ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:83 TK-IAP-205-EAP ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:84 Yokohama-Wi-Fi ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:42s

6c:f3:7f:d3:56:85 wayport ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:41s

6c:f3:7f:d3:56:86 Wayport_Access ?/? 10.215.1.39 g-HT ap 11/18/18 0 6c:f3:7f:c5:35:68 0 22d:23h:22m:41s

Channel followed by "*" indicates channel selected due to unsupported configured channel.

"Spectrum" followed by "^" indicates Local Spectrum Override in effect.

Num APs:12

Num Associations:0

6c:f3:7f:c5:35:68# show summary

Name :instant-C5:86:02
System Location :
Domain :JP3
VC IP Address :10.215.1.206
VC VLAN :0
VC Mask :0.0.0.0
VC Gateway :0.0.0.0
Content Filtering :disable
Terminal Access :enable
Telnet Server :enable
Organization :Shimbashi
Airwave Server :10.215.1.103
Airwave Backup Server:
Airwave Prov Backup :
Number of VC transition :0
Airwave Shared Key :f9011638d60b55ebf3c9bf0ca7fd20c48c529a62a9a29f2b
Airwave Config Via :UI
Airwave :Connected
Airwave Mode :Monitor
Aruba Central Server :
Aruba Central :Not Set Up
Managed Via :Airwave
Syslog Server :10.215.200.97
Syslog Level :debug
Band :all
Master IP Address *:10.215.1.39
IP Address :10.215.1.39
Netmask :255.255.255.0
Gateway :10.215.1.254
NameServer :10.44.10.10
NameServer :10.44.11.10

DNSDomain :arubanetworks.com

IAP's Condiguration:

wlan ssid-profile Yokohama-Wi-Fi
enable
index 4
type guest
essid Yokohama-Wi-Fi
opmode opensystem
max-authentication-failures 0
auth-server External-RADIUS
rf-band all
captive-portal external profile ClearPass
wispr
dtim-period 1
inactivity-timeout 1000
broadcast-filter arp
radius-accounting
dmo-channel-utilization-threshold 90
local-probe-req-thresh 0
max-clients-threshold 64
wmm-video-share 50
wmm-voice-share 50
!
wlan wispr-profile
wispr-location-name-operator-name Wi2Connect
wispr-location-name-location Yokohama-Wi-Fi
wispr-location-id-network Yokohama-Wi-Fi
wispr-location-id-cc 81
wispr-location-id-ac 0

wispr-location-id-isocc JP

登録: 投稿 (Atom)