- Table of Contents
- Related Documents
-
Title | Size | Download |
---|---|---|
01-Commonly Used Commands on H3C Access Controllers | 777.85 KB |
Commonly Used Commands on |
H3C Access Controllers |
New H3C Technologies Co., Ltd.
http://www.h3c.com
Document version: 6W101-20230331
Contents
display cloud-management state
display wips virtual-security-domain countermeasure record
display wips virtual-security-domain device
display wlan ap connection-record
display wlan ap running-configuration
display wlan statistics ap radio
display wlan statistics client
display wlan statistics connect-history
display wlan statistics service template
wlan ap-execute exec-console enable
Commands
display boot-loader
Use display boot-loader to display current software images and startup software images.
Syntax
display boot-loader [ slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
slot slot-number: Specifies the member ID of an IRF member device. If you do not specify a member device, this command displays the software images on each IRF member device.
Examples
# (IRF not supported) Display the current software images and startup software images.
<Sysname> display boot-loader
Software images on the device:
Current software images:
flash:/boot.bin
flash:/system.bin
Main startup software images:
flash:/boot.bin
flash:/system.bin
Backup startup software images:
flash:/boot.bin
flash:/system.bin
# (IRF supported.) Display the current software images and startup software images.
<Sysname> display boot-loader
Software images on slot 1:
Current software images:
cfa0:/boot.bin
cfa0:/system.bin
Main startup software images:
cfa0:/boot.bin
cfa0:/system.bin
Backup startup software images:
cfa0:/boot.bin
cfa0:/system.bin
Table 1 Command output
Field |
Description |
Current software images |
Software images that have been loaded. |
Main startup software images |
Primary software images for the next startup. |
Backup startup software images |
Backup software images for the next startup. |
Related commands
boot-loader file
display cloud-management state
Use display cloud-management state to display cloud connection state information.
Syntax
display cloud-management state
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display cloud connection state information.
<Sysname> display cloud-management state
Cloud connection state : Established
Device state : Request_success
Cloud server address : 101.36.161.141
Cloud server domain name : oasis.h3c.com
Cloud connection mode : Https
Cloud server port : 19443
Connected at : Wed Jan 27 14:18:40 2018
Duration : 00d 00h 02m 01s
Process state : Message received
Failure reason : N/A
Last down reason : socket connection error (Details:N/A)
Last down at : Wed Jan 27 13:18:40 2018
Last report failure reason : N/A
Last report failure at : N/A
Dropped packets after reaching buffer limit : 0
Total dropped packets : 1
Last report incomplete reason : N/A
Last report incomplete at : N/A
Buffer full count : 0
Table 2 Command output
Field |
Description |
Cloud connection state |
Cloud connection state: Unconnected, Request, and Established. |
Device state |
Local device state: · Idle—In idle state. · Connecting—Connecting to the cloud server. · Request_CAS_url—Sent a central authentication service (CAS) URL request. · Request_CAS_url_success—Requesting CAS URL succeeded. · Request_CAS_TGT—Sent a ticket granting ticket (TGT) request. · Request_CAS_TGT_success—Requesting TGT succeeded. · Request_CAS_ST—Sent a service ticket (ST) request. · Request_CAS_ST_success—Requesting ST succeeded. · Request_cloud_auth—Sent an authentication request. · Request_cloud_auth_success—Authentication succeeded. · Register—Sent a registration request. · Register_success—Registration succeeded. · Request—Sent a handshake request. · Request_success—Handshake succeeded. |
Cloud server address |
IP address of the cloud server. |
Cloud server domain name |
Domain name of the cloud server. |
Cloud server port |
TCP port number used to establish cloud connections. |
Connected at |
Time when the cloud connection was established. |
Duration |
Duration since the establishment of the cloud connection. |
Process state |
Cloud connection processing state: · DNS not parsed. · DNS parsed. · Message not sent. · Message sent. · Message not received. · Message received. |
Failure reason |
Cloud connection failure reason: · DNS parse failed. · Socket connection failed. · SSL creation failed. · Sending CAS url request failed. · Sending CAS TGT failed. · Sending CAS ST failed. · Sending cloud auth failed. · Sending register failed. · Processing CAS url response failed. · Processing CAS TGT response failed. · Processing CAS ST response failed. · Processing cloud auth response failed. · Processing register response failed. · Sending handshake request failed. · Processing handshake failed. · Sending websocket request failed. · Processing websocket packet failed. |
Last down reason |
Reason for the most recent cloud connection interruption: · Device or process rebooted. · Socket connection error. · Configuration changed. · Received websocket close packet from cloud. · Keepalive expired. · Packet processing failed. · Main connection went down. · Cloud reset connection. · Memory reached threshold. This field displays N/A if the detailed reason of the most recent disconnection cannot be obtained. |
Last down at |
Time when the cloud connection went down most recently. |
Last report failure reason |
Reason for the most recent cloud connection packet sending failure: · Tunnel is being deleted. · Tunnel socket is invalid. · Failed to convert string to json. · Failed to convert json to string. · Failed to create message node. · Tunnel is not ready. · Failed to create packet buffer. · SSL sending failure. If the reason is SSL sending failure, one of the following detailed reason will be displayed: · ssl error none. · ssl error ssl. · ssl error read. · ssl error write. · ssl error x509 lookup. · ssl error syscall. · ssl error zero return. · ssl error connect. · ssl error accept. |
Last report failure at |
Time when the most recent cloud connection packet sending failure occurred. |
Dropped packets after reaching buffer limit |
Number of packets that are dropped because the CMTNL buffer limit is reached. |
Total dropped packets |
Total number of dropped packets. |
Last report incomplete reason |
Reason for the most recent unfinished packet sending: · Interrupted system call. · Socket buffer is full. |
Last report incomplete at |
Time when the most recent unfinished packet sending occurred. |
Buffer full count |
Number of times that the buffer becomes full. |
display dot1x connection
Use display dot1x connection to display information about online 802.1X users.
Syntax
display dot1x connection [ ap ap-name [ radio radio-id ] | slot slot-number | user-mac mac-addr | user-name name-string ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ap ap-name: Specifies an AP by its name, a case-insensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-). If you do not specify an AP, this command displays information about online 802.1X users for all APs.
radio radio-id: Specifies a radio by its ID. The value range for the radio-id argument varies by AP model. If you do not specify a radio, this command displays information about online 802.1X users for all radios on the specified AP.
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays online 802.1X user information for all member devices.
user-mac mac-address: Specifies an 802.1X user by MAC address. The mac-address argument represents the MAC address of the user, in the form of H-H-H. If you do not specify an 802.1X user, this command displays online user information for all 802.1X users.
user-name name-string: Specifies an 802.1X user by its name. The name-string argument represents the username, a case-sensitive string of 1 to 253 characters. If you do not specify an 802.1X user, this command displays online user information for all 802.1X users.
Usage guidelines
If you do not specify any parameters, this command displays information about online 802.1X users for all member devices.
Examples
# Display all online 802.1X user information.
<Sysname> display dot1x connection
Total connections: 1
Slot ID: 1
User MAC address: 0015-e9a6-7cfe
Access interface: GigabitEthernet1/0/1
Username: ias
Authentication domain: h3c
IPv4 address: 192.168.1.1
IPv6 address: 2000:0:0:0:1:2345:6789:abcd
Authentication method: CHAP
Initial VLAN: 1
Authorization untagged VLAN: N/A
Authorization tagged VLAN list: 1 to 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 29 31 33
35 37 40 to 100
Authorization ACL ID: 3001
Authorization user profile: N/A
Termination action: Default
Session timeout period: 2 s
Online from: 2013/03/02 13:14:15
Online duration: 0h 2m 15s
Level flow statistic :
Level-0 Sent packets/bates : 1/54
Received packets/bates : 0/0
Level-1 Sent packets/bates : 0/0
Received packets/bates : 45/1248
User MAC address : 0015-e9a6-7cfe
AP name : ap1
Radio ID : 1
SSID : wlan_dot1x_ssid
BSSID : 0015-e9a6-7cf0
User name : ias
Authentication domain : 1
IPv4 address : 192.168.1.1
IPv6 address : 2000:0:0:0:1:2345:6789:abcd
Authentication method : CHAP
Initial VLAN : 1
Authorization VLAN : N/A
Authorization ACL number : 3001
Authorization user profile : N/A
Authorization CAR :
Average input rate : 102400 bps
Average output rate : 102400 bps
Authorization URL : http://oauth.h3c.com
Authorization IPv6 URL : N/A
Termination action : Default
Session timeout period : 2 sec
Online from : 2013/03/02 13:14:15
Online duration : 0 h 2 m 15 s
Level flow statistic :
Level-0 Sent packets/bates : 1/54
Received packets/bates : 0/0
Level-1 Sent packets/bates : 0/0
Received packets/bates : 45/1248
Total 1 connections matched.
Table 3 Command output
Field |
Description |
Total connections |
Number of online 802.1X users. |
User MAC address |
MAC address of the user. |
Access interface |
Interface through which the user access the device. |
AP name |
Name of the AP with which the user is associated. |
Radio ID |
ID of the radio with which the user is associated. |
SSID |
SSID with which the user is associated. |
BSSID |
ID of the BSS with which the user is associated. |
Authentication domain |
ISP domain used for 802.1X authentication. |
IPv4 address |
IPv4 address of the user. If the device does not get the IPv4 address of the user, this field is not available. |
IPv6 address |
IPv6 address of the user. If the device does not get the IPv6 address of the user, this field is not available. |
Authentication method |
EAP message handling method: · CHAP—Performs EAP termination and uses CHAP to communicate with the RADIUS server. · EAP—Relays EAP packets and supports any of the EAP authentication methods to communicate with the RADIUS server. · PAP—Performs EAP termination and uses PAP to communicate with the RADIUS server. |
Initial VLAN |
VLAN to which the user belongs before 802.1X authentication. |
Authorization untagged VLAN |
Untagged VLAN authorized to the user. |
Authorization tagged VLAN list |
Tagged VLANs authorized to the user. |
Authorization ACL ID |
Number of the ACL authorized to the user. |
Authorization user profile |
User profile authorized to the user. |
Authorization CAR |
Authorization CAR attributes assigned by the server. · Average input rate—Average rate of inbound traffic in bps. · Average output rate—Average rate of outbound traffic in bps. If no authorization CAR attributes are assigned, this field displays N/A. |
Authorization URL |
Authorization redirect URL. |
Authorization IPv6 URL |
Authorization IPv6 redirect URL. |
Termination action |
Action attribute assigned by the server to terminate the user session: · Default—Logs off the online authenticated 802.1X user when the session timeout timer expires. This attribute does not take effect when 802.1X periodic reauthentication is enabled and the periodic reauthentication timer is shorter than the session timeout timer. · Radius-request—Reauthenticates the online user when the session timeout timer expires, regardless of whether the 802.1X periodic reauthentication feature is enabled or not. If the device performs local authentication, this field displays N/A. |
Session timeout period |
Session timeout timer assigned by the server. If the device performs local authentication, this field displays N/A. |
Online from |
Time from which the 802.1X user came online. |
Online duration |
Online duration of the 802.1X user. |
Level flow statistic |
Statistics about traffic flows at each accounting level: · Level-n—Traffic accounting level. Available levels include level-0 to level-8. Accounting levels are defined in the WLAN accounting policy. · Sent packets/bytes—Number of sent packets and bytes. · Received packets/bytes—Number of received packets and bytes. This field is not displayed for a user if no WLAN accounting policy has been assigned to the user. This field does not display statistics for an accounting level if no traffic of that level has been sent or received. |
display irf
Use display irf to display IRF information.
Syntax
display irf
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display IRF information.
<Sysname> display irf
Member ID Role Priority CPU MAC Description
1 Loading 1 00e0-fcbe-3102 F1Num001
*+2 Master 1 00e0-fcb1-ade2 F1Num002
--------------------------------------------------------
The asterisk (*) indicates the master.
The plus sign (+) indicates the device through which you are logged in.
The right angle bracket (>) indicates the device's stack capability is disabled.
Bridge MAC of the IRF: 00e0-fc00-1000
Auto upgrade : Disabled
MAC persistence : Disabled
Topo-domain ID : 30
Auto merge : Enabled
Table 4 Command output
Field |
Description |
Member ID |
IRF member ID: · A prefix of asterisk sign (*) indicates the master device. · A prefix of plus sign (+) indicates the device where you are logged in. · A prefix of right angle bracket (>) indicates the device that has been temporarily removed from the IRF fabric by using the undo irf member stack enable command. |
Role |
Role of the member device in the IRF fabric: · Master—Master device. · Standby—Standby device. · Loading—The device is loading software images. |
Priority |
IRF member priority. |
CPU MAC |
MAC address of the CPU in the device. |
Description |
Description you have configured for the member device. · If no description is configured, this field displays a dashed line (---). · If the description exceeds the maximum number of characters that can be displayed, an ellipsis (…) is displayed in place of the exceeding text. To display the complete description, use the display current-configuration command. |
Bridge MAC of the IRF |
Bridge MAC address of the IRF fabric. |
Auto upgrade |
Status of the software auto-update feature: · Enabled. · Disabled. |
MAC persistence |
IRF bridge MAC persistence setting: · 6 min—Bridge MAC address of the IRF fabric remains unchanged for 6 minutes after the address owner leaves. · Always—Bridge MAC address of the IRF fabric does not change after the address owner leaves. · Disabled—Bridge MAC address of the current master replaces the original bridge MAC address as soon as the owner of the original address leaves. |
Topo-domain ID |
Topo-domain ID of the IRF fabric. The topo-domain ID you assign to an IRF fabric must uniquely identify the IRF fabric in a multi-IRF network. |
Auto merge |
Status of the auto-merge feature: · Enabled. · Disabled. |
display irf configuration
Use display irf configuration to display IRF settings for each member device in an IRF fabric.
Syntax
display irf configuration
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display IRF settings on all member devices.
<Sysname> display irf configuration
The New ID, Topo-domain, Stack, and Member interfaces fields display settings for the next startup.
Member ID New ID Topo-domain Stack Member interfaces
1 1 0 Enabled Disabled
Table 5 Command output
Field |
Description |
Member ID |
Current IRF member ID of the device. |
New ID |
IRF member ID assigned to the device. This member ID takes effect at reboot. |
Topo-domain |
IRF topo-domain ID. The topo-domain ID takes effect at reboot. |
Stack |
Whether multimember stacking capability is enabled: · Enabled—The device can form an IRF fabric with other member devices. · Disabled—The device cannot form an IRF fabric with other member devices. The device will be removed from the IRF fabric in a maximum of 5 seconds. |
Member interfaces |
Network interfaces bound to the IRF port. This field displays Disabled if no network interfaces have been bound to the IRF port. The channel type of each IRF link is enclosed in brackets. Available channel types include: · ctrl—Control channel. · data—Data channel. · ctrl&data—Hybrid channel. |
display irf forwarding
Use display irf forwarding to display information about the IRF hello packets received on a member device.
Syntax
display irf forwarding [ slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
slot slot-number: Specifies a member device by its IRF member ID. The member ID is in the range of 0 to 255. If you do not specify a member device, this command displays information about the IRF hello packets received on the master.
Examples
# Display information about the IRF hello packets received on the master.
<Sysname> display irf forwarding
Member ID CPU MAC Hello timeout (sec)
1 00e0-fc0f-8c02 5
2 00e0-fc0f-8c04 5
# Display information about the IRF hello packets received on member device 2.
<Sysname> display irf forwarding slot 2
Member ID CPU MAC Hello timeout (sec)
2 00e0-fc0f-8c04 5
1 00e0-fc0f-8c02 4
Table 6 Command output
Field |
Description |
Member ID |
IRF member ID of the packet sender. |
CPU MAC |
CPU MAC address of the packet sender. |
Hello timeout (sec) |
The remaining amount of time before the hello packet times out, in seconds. If a new hello packet is not received before the existing hello packet expires, the member device determines that the sender has left the IRF fabric. If a new hello packet is received before the existing hello packet expires, the device refreshes the hello timeout time for the sender based on the received packet. |
display irf link
Use display irf link to display IRF link information.
Syntax
display irf link
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display IRF link information.
<Sysname> display irf link
Member ID Member interfaces Status
1 Disabled --
Table 7 Command output
Field |
Description |
Member ID |
IRF member ID. |
Member interfaces |
Network interfaces bound to the IRF port. This field displays Disabled if no network interfaces have been bound to the IRF port. The channel type of each IRF link is enclosed in brackets. Available channel types include: · ctrl—Control channel. · data—Data channel. · ctrl&data—Hybrid channel. |
Status |
Link status of the network interface: · Up—The link is up. · Down—The link is down. · ADM—The interface has been manually shut down by using the shutdown command. · Blocked—The link is blocked. In this state, the device cannot join an IRF fabric. This field displays two hyphens (--) if no network interfaces are bound to the IRF port. |
display license
Use display license to display detailed license information.
Syntax
display license [ activation-file | activation-key ] [ slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
activation-file: Displays license information about activation files.
activation-key: Displays information about activation keys.
slot slot-number: Specifies the member ID of an IRF member device. If no member device is specified, this command displays license information for all IRF member devices.
Usage guidelines
If you do not specify any parameters, this command displays detailed information about all licenses.
Examples
# Display detailed information about all licenses.
<Sysname> display license
cfa0:/license/210235A1AMB1450000272015052317092592481.ak
Feature: APMGR
Product Description: Enhanced Access Controller License,128 APs,for Verticals,for V7 Registered at: 2015-05-28 16:54:24
License Type: Trial (days restricted)
Trial Time Left (days): 30
Current State: In use
Pre-installed License
Feature: APMGR
Feature Description: PreAtom This is APMGR license
Time Left (days): 0
Current State: Expired
Table 8 Command output
Field |
Description |
Feature |
Feature name. |
Product Description |
License description. |
Registered at |
Time when the license was installed. |
License Type |
License type by validity period: · NA—The system cannot obtain the license type. · Permanent—Purchased license that never expires and is always valid. · Days restricted—Purchased license that is valid for a period of days, for example, 30 days. · Trial (days restricted)—Free trial license that is valid for a period of days. |
Time Left (days) |
Remaining days of the license. This field is available for a purchased license. |
Trial Time Left (days) |
Remaining days of the trial period. This field is available for a trial license. |
Current State |
State of the license: · In use—The license is being used. · Usable—The license is available for use. ¡ If multiple days-restricted licenses for one feature are installed, only one license is in In use state and the rest licenses are in Usable state. ¡ A date restricted license is in this state if its start date is not reached. · Expired—The license has expired. · Uninstalled—The license has been uninstalled. · Unusable—The license cannot be used. · Invalid—The license is invalid and cannot be used. |
Uninstall Key |
This field is available for licenses that have been uninstalled. |
Uninstall Date |
Date when the activation file was uninstalled. |
display license device-id
Use display license device-id to display SN and DID information.
Syntax
display license device-id slot slot-number
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
slot slot-number: Specifies the member ID of an IRF member device.
Usage guidelines
When you register a license for a device, you must provide its unique SN and DID.
The DID changes each time you use the license compress command to compress the license storage. Use the display license device-id command to identify the up-to-date DID each time you register licenses.
Examples
# Display the device SN and DID.
<Sysname> display license device-id
SN: 210235A0VSB011000029
SN CHECK_SUM: FFFFFFEA
Device ID: cfa0:/license/210235A0VSB011000029.did
display license feature
Use display license feature to display brief license information for features.
Syntax
display license feature
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display brief feature license information.
<Sysname> display license feature
Total: 128 Usage: 2
Feature Licensed State
APMGR Y Trial
Table 9 Command output
Field |
Description |
Total |
Total number of licenses that can be installed. |
Usage |
Number of licenses stored in the license storage. |
Feature |
Feature that must be licensed before being used. |
Licensed |
Licensing state of the feature: · N—Not licensed. · Y—Licensed. |
State |
License type by purchasing state: · Trial—Trial license. · Pre-licensed—Pre-installed license. If the feature is not licensed, this field displays a hyphen (-). To use the feature, you must install a valid license file. |
display portal user
Use display portal user to display information about portal users.
Syntax
display portal user { all | ap ap-name [ radio radio-id ] | auth-type { cloud | email | facebook | local | mac-trigger | normal | qq | wechat } | interface interface-type interface-number | ip ip-address | ipv6 ipv6-address | mac mac-address | pre-auth [ interface interface-type interface-number | ip ip-address | ipv6 ipv6-address ] | username username } [ brief | verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Displays information about all portal users.
ap ap-name: Specifies an AP by its name, a case-insensitive string of 1 to 64 characters. Valid characters are letters, digits, underscores (_), left brackets ([), right brackets (]), slashes (/), and minus signs (-).
radio radio-id: Specifies a radio by its ID. The value range for the radio-id argument varies by AP model. If you do not specify a radio, this command displays information about portal users for all radios of the AP.
auth-type: Specifies an authentication type.
cloud: Specifies the cloud authentication (a cloud portal authentication server performs portal authentication on portal users).
email: Specifies the email authentication.
facebook: Specifies the Facebook authentication.
local: Specifies the local authentication (a local portal authentication server performs portal authentication on portal users).
mac-trigger: Specifies the MAC-trigger authentication.
normal: Specifies the normal authentication (a remote portal authentication server performs portal authentication on portal users).
qq: Specifies QQ authentication.
wechat: Specifies WeChat authentication.
interface interface-type interface-number: Displays information about portal users on the specified interface.
ip ipv4-address: Specifies the IPv4 address of a portal user.
ipv6 ipv6-address: Specifies the IPv6 address of a portal user.
mac mac-address: Specifies the MAC address of a portal user, in the format of H-H-H.
username username: Specifies the username of a portal user, a case-sensitive string of 1 to 253 characters. The username cannot contain the domain name.
pre-auth: Displays information about users before portal authentication is performed. If you do not specify this keyword, the command displays information about portal users.
brief: Displays brief information about portal users.
verbose: Displays detailed information about portal users.
Usage guidelines
If you specify neither the brief nor the verbose keyword, this command displays portal authentication-related information for portal users.
Examples
# Display information about all portal users.
<Sysname> display portal user all
Total portal users: 1
Username: def
AP name: ap1
Radio ID: 1
SSID: portal
Portal server: pts
State: Online
VPN instance: vpn1
MAC IP VLAN Interface
000d-88f8-0eac 4.4.4.4 2 Bss1/2
Authorization information:
DHCP IP pool: N/A
User profile: N/A
Session group profile: N/A
ACL number: 3000
Inbound CAR: CIR 9000 bps PIR 20500 bps
CBS 20500 bit (active, AAA)
Outbound CAR: CIR 9000 bps PIR 20400 bps
CBS 20400 bit (active, AAA)
Web URL: http://1.1.1.1
# Display information about portal users whose authentication type is normal authentication.
<Sysname> display portal user auth-type normal
Total remote users: 1
Username: abc
Portal server: pts
State: Online
VPN instance: N/A
MAC IP VLAN Interface
000d-88f8-0eab 2.2.2.2 2 WLAN-BSS1/0/1
Authorization information:
DHCP IP pool: N/A
User profile: abc (active, OAuth)
Session group profile: cd (inactive, OAuth)
ACL number: N/A
Inbound CAR: N/A
Outbound CAR: N/A
Web URL: http://1.1.1.1
# Display information about the portal user whose MAC address is 000d-88f8-0eab.
<Sysname> display portal user mac 000d-88f8-0eab
Username: abc
Portal server: pts
State: Online
VPN instance: N/A
MAC IP VLAN Interface
000d-88f8-0eab 2.2.2.2 2 WLAN-BSS1/0/1
Authorization information:
DHCP IP pool: N/A
User profile: abc (active, OAuth)
Session group profile: cd (inactive, AAA)
ACL number: N/A
Inbound CAR: N/A
Outbound CAR: N/A
Web URL: http://1.1.1.1
# Display information about the portal user whose username is abc.
<Sysname> display portal user username abc
Username: abc
Portal server: pts
State: Online
VPN instance: N/A
MAC IP VLAN Interface
000d-88f8-0eab 2.2.2.2 2 WLAN-BSS1/0/1
Authorization information:
DHCP IP pool: N/A
User profile: abc (active, OAuth)
Session group profile: cd (inactive, OAuth)
ACL number: N/A
Inbound CAR: N/A
Outbound CAR: N/A
Web URL: http://1.1.1.1
Table 10 Command output
Field |
Description |
Total portal users |
Total number of portal users. |
Total normal users |
Total number of portal users whose authentication type is normal authentication. |
Total local users |
Total number of portal users whose authentication type is local authentication. |
Total email users |
Total number of portal users whose authentication type is email authentication. |
Total cloud users |
Total number of portal users whose authentication type is cloud authentication. |
Total QQ users |
Total number of portal users whose authentication type is QQ authentication. |
Total WeChat users |
Total number of portal users whose authentication type is WeChat authentication. |
Total facebook users |
Total number of portal users whose authentication type is Facebook authentication. |
Total MAC-trigger users |
Total number of portal users whose authentication type is MAC-trigger authentication. |
Username |
Name of the user. |
Portal server |
Name of the portal authentication server. |
State |
Current state of the portal user: · Initialized—The user is initialized and ready for authentication. · Authenticating—The user is being authenticated. · Waiting SetRule—Deploying portal rules to the user. · Authorizing—The user is being authorized. · Online—The user is online. · Waiting Traffic—Waiting for traffic from the user. · Stop Accounting—Stopping accounting for the user. · Done—The user is offline. |
VPN instance |
This field is not supported in the current software version. MPLS L3VPN the portal user belongs to. If the portal user is on a public network, this field displays N/A. |
MAC |
MAC address of the portal user. |
IP |
IP address of the portal user. |
VLAN |
VLAN where the portal user resides. |
Interface |
Access interface of the portal user. |
Authorization information |
Authorization information for the portal user. |
DHCP IP pool |
Name of the authorized IP address pool. If no IP address pool is authorized for the portal user, this field displays N/A. |
User profile |
Authorized user profile: · N/A—No user profile is authorized. · active, AAA—The AAA server has authorized the user profile successfully. · inactive, AAA—The AAA server failed to authorize the user profile or the user profile does not exist on the device. · active, OAuth—The OAuth server has authorized the user profile successfully. · inactive, OAuth—The OAuth server failed to authorize the user profile. |
Session group profile |
This field is not supported in the current software version. Authorized session group profile: · N/A—No session group profile is authorized. · active, AAA—The AAA server has authorized the session group profile successfully. · inactive, AAA—The AAA server failed to authorize the session group profile or the session group profile does not exist on the device. · active, OAuth—The OAuth server has authorized the session group profile successfully. · inactive, OAuth—The OAuth server failed to authorize the session group profile. |
ACL number/name |
Number or name of the authorized ACL: · N/A—No ACL is authorized. · active, AAA—The AAA server has authorized the ACL successfully. · inactive, AAA—The AAA server failed to authorize the ACL or the ACL does not exist on the device. · active, OAuth—The OAuth server has authorized the ACL successfully. · inactive, OAuth—The OAuth server failed to authorize the ACL. |
Inbound CAR |
Authorized inbound CAR information: · N/A—No inbound CAR is authorized. · CIR—Committed information rate in bps. · PIR—Peak information rate in bps. · CBS—Committed burst size in bits. · active, AAA—The AAA server has authorized the inbound CAR successfully. · inactive, AAA—The AAA server failed to authorize the inbound CAR. · active, OAuth—The OAuth server has authorized the inbound CAR successfully. · inactive, OAuth—The OAuth server failed to authorize the inbound CAR. |
Outbound CAR |
Authorized outbound CAR information: · N/A—No outbound CAR is authorized. · CIR—Committed information rate in bps. · PIR—Peak information rate in bps. · CBS—Committed burst size in bits. · active, AAA—The AAA server has authorized the outbound CAR successfully. · inactive, AAA—The AAA server failed to authorize the outbound CAR. · active, OAuth—The OAuth server has authorized the outbound CAR successfully. · inactive, OAuth—The OAuth server failed to authorize the outbound CAR. |
Web URL |
Authorized Web URL. This field displays N/A if no Web URL is authorized. |
# Display detailed information about the portal user whose IP address is 18.18.0.20.
<Sysname> display portal user ip 18.18.0.20 verbose
Basic:
AP name: ap1
Radio ID: 1
SSID: portal
Current IP address: 18.18.0.20
Original IP address: 18.18.0.20
Username: chap1
User ID: 0x10000001
Access interface: WLAN_BSS1/0/1
Service-VLAN/Customer-VLAN: 50/-
MAC address: 7854-2e1c-c59e
Authentication type: Normal
Domain name: portal
VPN instance: N/A
Status: Online
Portal server: pt
Vendor: Apple
Portal authentication method: Direct
AAA:
Realtime accounting interval: 720s, retry times: 5
Idle cut: N/A
Session duration: 0 sec, remaining: 0 sec
Remaining traffic: N/A
Online duration (hh:mm:ss): 1:53:7
Login time: 2014-12-25 10:47:53 UTC
DHCP IP pool: N/A
Web URL: http://1.1.1.1
ACL&QoS&Multicast:
Inbound CAR: N/A
Outbound CAR: N/A
ACL number/name: N/A
User profile: N/A
Session group profile: N/A
Max multicast addresses: 4
Traffic statistic:
Uplink packets/bytes: 6/412
Downlink packets/bytes: 0/0
Dual-stack traffic statistics:
IPv4 address: 18.18.0.20
Uplink packets/bytes: 3/200
Downlink packets/bytes: 0/0
IPv6 address: 2001::2
Uplink packets/bytes: 3/212
Downlink packets/bytes: 0/0
Accounting-separate traffic statistics:
18.18.0.20:
Uplink packets/bytes: 3/200
Downlink packets/bytes: 0/0
2001::2:
Uplink packets/bytes: 3/200
Downlink packets/bytes: 0/0
2001::3:
Uplink packets/bytes: 4/300
Downlink packets/bytes: 0/0
2001::4:
Uplink packets/bytes: 4/300
Downlink packets/bytes: 0/0
Table 11 Command output
Field |
Description |
Current IP address |
IP address of the portal user after passing authentication. |
Original IP address |
IP address of the portal user during authentication. |
Username |
Name of the portal user. |
User ID |
Portal user ID. |
Access interface |
Access interface of the portal user. |
Service-VLAN/Customer-VLAN |
Public VLAN/Private VLAN to which the portal user belongs. If no VLAN is configured for the portal user, this field displays -/-. |
MAC address |
MAC address of the portal user. |
Authentication type |
Type of portal authentication: · Normal—Normal authentication. · Local—Local authentication. · Email—Email authentication. · Cloud—Cloud authentication. · QQ—QQ authentication. · WeChat—WeChat authentication. · Facebook—Facebook authentication. · MAC-trigger—MAC-trigger authentication. |
Domain |
ISP domain name for portal authentication. |
VPN instance |
This field is not supported in the current software version. MPLS L3VPN to which the portal user belongs. If the portal user is on a public network, this field displays N/A. |
Status |
Status of the portal user: · Authenticating—The user is being authenticated. · Authorizing—The user is being authorized. · Waiting SetRule—Deploying portal rules to the user. · Online—The user is online. · Waiting Traffic—Waiting for traffic from the user. · Stop Accounting—Stopping accounting for the user. · Done—The user is offline. |
Portal server |
Name of the portal server. |
Vendor |
Vendor name of the endpoint. |
Portal authentication method |
Portal authentication method on the access interface. The value Direct indicates direct authentication. |
AAA |
AAA information about the portal user. |
Realtime accounting interval |
Interval for sending real-time accounting updates, and the maximum number of accounting attempts. If the real-time accounting is not authorized, this field displays N/A. |
Idle-cut |
Idle timeout period and the minimum traffic threshold. If idle-cut is not authorized, this field displays N/A. |
Session duration |
Session duration and the remaining session time. If the session duration is not authorized, this field displays N/A. |
Remaining traffic |
Remaining traffic for the portal user. If the remaining traffic is not authorized, this field displays N/A. |
Login time |
Time when the user logged in. The field uses the device time format, for example, 2023-1-19 2:42:30 UTC. |
DHCP IP pool |
Authorized DHCP IP address pool. If no DHCP IP address pool is authorized for the portal user, this field displays N/A. |
Web URL |
Authorized Web URL. If no Web URL is authorized for the portal user, this field displays N/A. |
Inbound CAR |
Authorized inbound CAR information: · N/A—No inbound CAR is authorized. · CIR—Committed information rate in bps. · PIR—Peak information rate in bps. · CBS—Committed burst size in bits. · active, AAA—The AAA server has authorized the inbound CAR successfully. · inactive, AAA—The AAA server failed to authorize the inbound CAR. · active, OAuth—The OAuth server has authorized the inbound CAR successfully. · inactive, OAuth—The OAuth server failed to authorize the inbound CAR. |
Outbound CAR |
Authorized outbound CAR information: · N/A—No outbound CAR is authorized. · CIR—Committed information rate in bps. · PIR—Peak information rate in bps. · CBS—Committed burst size in bits. · active, AAA—The AAA server has authorized the outbound CAR successfully. · inactive, AAA—The AAA server failed to authorize the outbound CAR. · active, OAuth—The OAuth server has authorized the outbound CAR successfully. · inactive, OAuth—The OAuth server failed to authorize the outbound CAR. |
ACL number/name |
Number or name of the authorized ACL: · N/A—No ACL is authorized.. · active, AAA—The AAA server has authorized the ACL successfully. · inactive, AAA—The AAA server failed to authorize the ACL or the ACL does not exist on the device. · active, OAuth—The OAuth server has authorized the ACL successfully. · inactive, OAuth—The OAuth server failed to authorize the ACL. |
User profile |
Authorized user profile: · N/A—No user profile is authorized. · active, AAA—The AAA server has authorized the user profile successfully. · inactive, AAA—The AAA server failed to authorize the user profile or the user profile does not exist on the device. · active, OAuth—The OAuth server has authorized the user profile successfully. · inactive, OAuth—The OAuth server failed to authorize the user profile. |
Session group profile |
This field is not supported in the current software version. Authorized session group profile: · N/A—No session group profile is authorized. · active, AAA—The AAA server has authorized the session group profile successfully. · inactive, AAA—The AAA server failed to authorize the session group profile or the session group profile does not exist on the device. · active, OAuth—The OAuth server has authorized the session group profile successfully. · inactive, OAuth—The OAuth server failed to authorize the session group profile. |
Max multicast addresses |
Maximum number of multicast groups the portal user can join. |
Multicast address list |
Multicast group list the portal user can join. If no multicast group is authorized, this field displays N/A. |
Traffic statistic |
Traffic statistics for the portal user. |
Uplink packets/bytes |
Packet and byte statistics of the upstream traffic. |
Downlink packets/bytes |
Packet and byte statistics of the downstream traffic. |
Dual-stack traffic statistic |
IPv4 and IPv6 traffic statistics for the dual-stack user. |
Accounting-separate traffic statistics |
Traffic statistics of dual-stack users or users with multiple IPv6 addresses. |
IPv4 address |
IPv4 address of the portal user. |
IPv6 address |
IPv6 address of the portal user. |
Uplink packets/bytes |
Packet and byte statistics of the upstream traffic. |
Downlink packets/bytes |
Packet and byte statistics of the downstream traffic. |
# Display brief information about all portal users.
<Sysname> display portal user all brief
IP address MAC address Online duration Username
4.4.4.4 000d-88f8-0eac 1:53:7 def
Table 12 Command output
Field |
Description |
IP address |
IP address of the portal user. |
MAC address |
MAC address of the portal user. |
Online duration |
Online duration of the portal user, in hh:ss:mm. |
Username |
Username of the portal user. |
Related commands
portal enable
display process cpu
Use display process cpu to display CPU usage of all processes.
Syntax
display process cpu [ slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays CPU usage of all processes on the master device.
cpu cpu-number: Specifies a CPU by its number.
Examples
# Display CPU usage of all processes.
<Sysname> display process cpu
CPU utilization in 5 secs: 16.8%; 1 min: 4.7%; 5 mins: 4.7%
JID 5Sec 1Min 5Min Name
1 0.0% 0.0% 0.0% scmd
2 0.0% 0.0% 0.0% [kthreadd]
3 0.1% 0.0% 0.0% [ksoftirqd/0]
4 0.0% 0.0% 0.0% [watchdog/0]
5 0.0% 0.0% 0.0% [events/0]
6 0.0% 0.0% 0.0% [khelper]
29 0.0% 0.0% 0.0% [kblockd/0]
49 0.0% 0.0% 0.0% [vzmond]
52 0.0% 0.0% 0.0% [pdflush]
53 0.0% 0.0% 0.0% [pdflush]
54 0.0% 0.0% 0.0% [kswapd0]
110 0.0% 0.0% 0.0% [aio/0]
712 0.0% 0.0% 0.0% [mtdblockd]
719 0.0% 0.0% 0.0% [TNetJob]
720 0.0% 0.0% 0.0% [TMTH]
727 0.0% 0.0% 0.0% [CF]
730 0.0% 0.0% 0.0% [DIBC]
752 0.0% 0.0% 0.0% [lipc_topology]
762 0.0% 0.0% 0.0% [MNET]
763 0.0% 0.0% 0.0% [SYSM]
---- More ----
Table 13 Command output
Field |
Description |
CPU utilization in 5 secs: 16.8%; 1 min: 4.7%; 5 mins: 4.7% |
System CPU usage within the last 5 seconds, 1 minute, and 5 minutes. |
JID |
Job ID of a process. It never changes. |
5Sec |
CPU usage of the process within the last 5 seconds. |
1Min |
CPU usage of the process within the last minute. |
5Min |
CPU usage of the process within the last 5 minutes. |
Name |
Name of the process. If square brackets ([ ]) exist in a process name, the process is a kernel thread. |
display process memory
Use display process memory to display memory usage of all user processes.
Syntax
display process memory [ slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays memory usage of all user processes on the master device.
cpu cpu-number: Specifies a CPU by its number.
Usage guidelines
When a user process starts, it requests the following types of memory from the system:
· Text memory—Stores code for the user process.
· Data memory—Stores data for the user process.
· Stack memory—Stores temporary data.
· Dynamic memory—Heap memory dynamically assigned and released by the system according to the needs of the user process. To view dynamic memory information, execute the display process memory heap command.
Examples
# Display memory usage for all user processes.
<Sysname> display process memory
JID Text Data Stack Dynamic Name
1 156 9844 32 1256 scmd
891 8 431052 40 43124 drvuserd
914 32 1248 20 980 lipcd
915 24 1228 16 968 eventd
917 40 1343908 36 281696 forward
922 136 10220 20 1136 fsd
---- More ----
Table 14 Command output
Field |
Description |
JID |
Job ID of a process. It never changes. |
Text |
Text memory used by the user process, in KB. The value for a kernel thread is 0. |
Data |
Data memory used by the user process, in KB. The value for a kernel thread is 0. |
Stack |
Stack memory used by the user process, in KB. The value for a kernel thread is 0. |
Dynamic |
Dynamic memory used by the user process, in KB. The value for a kernel thread is 0. |
Name |
Name of the user process. If square brackets ([ ]) exist in a process name, the process is a kernel thread. |
Related commands
display process memory heap
display process memory heap address
display process memory heap size
display wips sensor
Use display wips sensor to display information about all sensors.
Syntax
display wips sensor
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display information about all sensors.
<Sysname> display wips sensor
Total number of sensors: 1
Sensor ID Sensor name VSD name Radio ID Status
3 ap1 aaa 1 Active
Table 15 Command output
Field |
Description |
VSD name |
Name of the VSD to which the AP belongs. |
Radio ID |
ID of the radio enabled with WIPS. |
Status |
Status of the sensor: · Active—The sensor is enabled with WIPS. · Inactive—The sensor is not enabled with WIPS. |
display wips statistics
Use display wips statistics to display WLAN attack detection statistics collected from sensors.
Syntax
display wips statistics [ receive | virtual-security-domain vsd-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
receive: Displays attack detection statistics information for all VSDs.
virtual-security-domain vsd-name: Displays attack detection statistics information for the specified VSD. The vsd-name argument represents the name of a VSD, a case-sensitive string of 1 to 63 characters.
Examples
# Display attack detection statistics information for all VSDs.
<Sysname> display wips statistics receive
Information from sensor 3
Information about attack statistics:
Detected association-request flood messages: 0
Detected authentication flood messages: 0
Detected beacon flood messages: 0
Detected block-ack flood messages: 0
Detected cts flood messages: 0
Detected deauthentication flood messages: 0
Detected disassociation flood messages: 0
Detected eapol-start flood messages: 0
Detected null-data flood messages: 0
Detected probe-request flood messages: 0
Detected reassociation-request flood messages: 0
Detected rts flood messages: 0
Detected eapol-logoff flood messages: 0
Detected eap-failure flood messages: 0
Detected eap-success flood messages: 0
Detected duplicated-ie messages: 0
Detected fata-jack messages: 0
Detected illegal-ibss-ess messages: 0
Detected invalid-address-combination messages: 0
Detected invalid-assoc-req messages: 0
Detected invalid-auth messages: 0
Detected invalid-deauth-code messages: 0
Detected invalid-disassoc-code messages: 0
Detected invalid-ht-ie messages: 0
Detected invalid-ie-length messages: 0
Detected invalid-pkt-length messages: 0
Detected large-duration messages: 0
Detected null-probe-resp messages: 0
Detected overflow-eapol-key messages: 0
Detected overflow-ssid messages: 0
Detected redundant-ie messages: 0
Detected AP spoof AP messages: 0
Detected AP spoof client messages: 0
Detected AP spoof ad-hoc messages: 0
Detected ad-hoc spoof AP messages: 0
Detected client spoof AP messages: 0
Detected weak IV messages: 0
Detected excess AP messages: 0
Detected excess client messages: 0
Detected signature rule messages: 0
Detected 40MHZ messages: 0
Detected power save messages: 0
Detected omerta messages: 0
Detected windows bridge messages: 0
Detected soft AP messages: 0
Detected broadcast disassoc messages: 2
Detected broadcast deauth messages: 0
Detected AP impersonate messages: 0
Detected HT greenfield messages: 0
Detected association table overflow messages: 0
Detected wireless bridge messages: 0
Detected AP flood messages: 11
Table 16 Command output
Field |
Description |
Information from sensor n |
Information collected from sensor n, where n represents the ID of the sensor. |
Detected association-request flood messages |
Number of detected messages for association request flood attacks. |
Detected authentication flood messages |
Number of detected messages for authentication request flood attacks. |
Detected beacon flood messages |
Number of detected messages for beacon flood attacks. |
Detected block-ack flood messages |
Number of detected messages for Block Ack flood attacks. |
Detected cts flood messages |
Number of detected messages for CTS flood attacks. |
Detected deauthentication flood messages |
Number of detected messages for deauthentication flood attacks. |
Detected disassociation flood messages |
Number of detected messages for disassociation flood attacks. |
Detected eapol-start flood messages |
Number of detected messages for EAPOL-start flood attacks. |
Detected null-data flood messages |
Number of detected messages for null data flood attacks. |
Detected probe-request flood messages |
Number of detected messages for probe request flood attacks. |
Detected reassociation-request flood messages |
Number of detected messages for reassociation request flood attacks. |
Detected rts flood messages |
Number of detected messages for RTS flood attacks. |
Detected eapol-logoff flood messages |
Number of detected messages for EAPOL-logoff flood attacks. |
Detected eap-failure flood messages |
Number of detected messages for EAP-failure flood attacks. |
Detected eap-success flood messages |
Number of detected messages for EAP-success flood attacks. |
Detected duplicated-ie messages |
Number of detected messages for malformed packets with duplicated IE. |
Detected fata-jack messages |
Number of detected messages for FATA-Jack malformed packets. |
Detected illegal-ibss-ess messages |
Number of detected messages for malformed packets with abnormal IBSS and ESS setting. |
Detected invalid-address-combination messages |
Number of detected messages for malformed packets with invalid source address. |
Detected invalid-assoc-req messages |
Number of detected messages for malformed association request frames. |
Detected invalid-auth messages |
Number of detected messages for malformed authentication request frames. |
Detected invalid-deauth-code messages |
Number of detected messages for malformed packets with invalid deauthentication code. |
Detected invalid-disassoc-code messages |
Number of detected messages for malformed packets with invalid disassociation code. |
Detected invalid-ht-ie messages |
Number of detected messages for malformed packets with malformed HT IE. |
Detected invalid-ie-length messages |
Number of detected messages for malformed packets with invalid IE length. |
Detected invalid-pkt-length messages |
Number of detected messages for malformed packets with invalid packet length. |
Detected large-duration messages |
Number of detected messages for malformed packets with oversized duration. |
Detected null-probe-resp messages |
Number of detected messages for malformed probe response frames. |
Detected overflow-eapol-key messages |
Number of detected messages for malformed packets with oversized EAPOL key. |
Detected overflow-ssid messages |
Number of detected messages for malformed packets with oversized SSID. |
Detected redundant-ie messages |
Number of detected messages for malformed packets with redundant IE. |
Detected AP spoof AP messages |
Number of detected messages for AP spoofing (AP spoofs AP) attacks. |
Detected AP spoof client messages |
Number of detected messages for client spoofing (AP spoofs client) attacks. |
Detected AP spoof ad-hoc messages |
Number of detected messages for Ad hoc spoofing (AP spoofs Ad hoc) attacks. |
Detected ad-hoc spoof AP messages |
Number of detected messages for AP spoofing (Ad hoc spoofs AP) attacks. |
Detected client spoof AP messages |
Number of detected messages for AP spoofing (client spoofs AP) attacks. |
Detected weak IV messages |
Number of detected messages for weak IVs. |
Detected excess AP messages |
Number of detected messages for AP entry attacks. |
Detected excess client messages |
Number of detected messages for client entry attacks. |
Detected 40MHZ messages |
Number of detected messages for clients disabled with the 40 MHz bandwidth mode. |
Detected power save messages |
Number of detected messages for power saving attacks. |
Detected omerta messages |
Number of detected messages for Omerta attacks. |
Detected windows bridge messages |
Number of detected messages for Windows bridge. |
Detected soft AP messages |
Number of detected messages for soft APs. |
Detected broadcast disassoc messages |
Number of detected messages for broadcast disassociation attacks. |
Detected broadcast deauth messages |
Number of detected messages for broadcast deauthentication attacks. |
Detected AP impersonate messages |
Number of detected messages for AP impersonation attacks. |
Detected HT greenfield messages |
Number of detected messages in HT greenfield mode. |
Detected association table overflow messages |
Number of detected messages for association and reassociation DoS attacks. |
Detected wireless bridge messages |
Number of messages detected by wireless bridges. |
Detected AP flood messages |
Number of detected messages for AP flood attacks. |
# Display attack detection statistics information for the specified VSD.
<Sysname> display wips statistics virtual-security-domain 111
Information from VSD 111
Information about attack statistics:
Detected hotspot attack messages: 1
Detected unencrypted authorized AP messages: 0
Detected unencrypted trust client messages: 0
Detected honeypot AP messages: 1
Detected man in the middle messages: 1
Detected AP channel change messages: 0
Table 17 Command output
Field |
Description |
Detected hotspot attack messages |
Number of detected hotspot attack messages. |
Detected unencrypted authorized AP messages |
Number of detected unencrypted authorized AP messages. |
Detected unencrypted trust client messages |
Number of detected unencrypted trust client messages. |
Detected honeypot AP messages |
Number of detected honeypot AP messages. |
Detected man in the middle messages |
Number of detected man-in-the-middle messages. |
Detected AP channel change messages |
Number of detected AP channel change messages. |
Related commands
reset wips statistics
display wips virtual-security-domain countermeasure record
Use display wips virtual-security-domain countermeasure record to display information about countermeasures that WIPS has taken against rogue devices.
Syntax
display wips virtual-security-domain vsd-name countermeasure record
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vsd-name: Specifies a VSD by its name, a case-sensitive string of 1 to 63 characters.
Examples
# Display information about countermeasures that WIPS has taken against rogue devices for VSD office.
<Sysname> display wips virtual-security-domain office countermeasure record
Total 3 times countermeasure, current 3 countermeasure record in virtual-security-domain office
Reason: Attack; Ass - associated; Black - blacklist;
Class - classification; Manu - manual;
MAC address Type Reason Countermeasure AP Radio ID Time
1000-0000-00e3 AP Manu ap1 1 2016-05-03/09:32:01
1000-0000-00e4 AP Manu ap2 1 2016-05-03/09:32:11
2000-0000-f282 Client Black ap3 1 2016-05-03/09:31:56
Table 18 Command output
Field |
Description |
Total number times countermeasure, current number countermeasure record in virtual-security-domain name |
Number of successful countermeasures. This field can display up to 1024 countermeasure records. |
MAC Address |
MAC address of the wireless device against which WIPS has taken countermeasures. |
Type |
Type of the wireless device: AP or Client. |
Reason |
Reason why WIPS takes countermeasures against the wireless device: · Att—WIPS takes countermeasures against the device because it is an attacker. · Ass—WIPS takes countermeasures against the device because WIPS has taken countermeasures against its associated AP. · Black—After WIPS takes countermeasures against the client, the client is added to the blacklist when it associates with an AP. · Class—WIPS takes countermeasures against the device based on its device type. · Manu—WIPS takes countermeasures against the device based on its MAC address. |
Countermeasure AP |
Name of the sensor that takes countermeasures against the wireless device. |
Radio ID |
Radio ID of the sensor that takes countermeasures against the wireless device. |
Time |
Time when the AC informs the sensor of taking countermeasures against the wireless device. |
Related commands
reset wips virtual-security-domain countermeasure record
display wips virtual-security-domain device
Use display wips virtual-security-domain device to display information about wireless devices detected in a VSD.
Syntax
display wips virtual-security-domain vsd-name device [ ap [ ad-hoc | authorized | external | mesh | misconfigured | potential-authorized | potential-external | potential-rogue | rogue | uncategorized ] |client [ [ dissociative-client ] | [ authorized | misassociation | unauthorized | uncategorized ] ] | mac-address mac-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vsd-name: Specifies a VSD by its name, a case-sensitive string of 1 to 63 characters.
device: Specifies wireless devices.
ap: Specifies APs.
ad-hoc: Specifies APs operating in Ad hoc mode.
authorized: Specifies authorized APs.
external: Specifies external APs.
mesh: Specifies MPs.
misconfigured: Specifies misconfigured APs.
potential-authorized: Specifies potential-authorized APs.
potential-rogue: Specifies potential-rogue APs.
potential-external: Specifies potential-external APs.
rogue: Specifies rogue APs.
uncategorized: Specifies uncategorized APs.
client: Specifies clients.
dissociative-client: Specifies unassociated clients.
authorized: Specifies authorized clients.
misassociation: Specifies misassociated clients.
unauthorized: Specifies unauthorized clients.
uncategorized: Specifies uncategorized clients.
mac-address mac-address: Specifies a wireless device by its MAC address in the H-H-H format.
verbose: Displays detailed device information.
Examples
# Display information about wireless devices detected in VSD office.
<Sysname> display wips virtual-security-domain office device
Total 200 detected devices in virtual-security-domain office
Class: Auth - authorization; Ext - external; Mis - mistake;
Unauth - unauthorized; Uncate - uncategorized;
(A) - associate; (C) - config; (P) - potential
MAC address Type Class Duration Sensors Channel Status
1000-0000-0000 AP Ext(P) 00h 10m 46s 1 11 Active
1000-0000-0001 AP Ext(P) 00h 10m 46s 1 6 Active
1000-0000-0002 AP Ext(P) 00h 10m 46s 1 1 Active
Table 19 Command output
Field |
Description |
Type |
Wireless device type: AP, Client, or Mesh. |
Class |
Category of the wireless device. |
Duration |
Duration since the wireless device entered the current state. |
Sensors |
Number of sensors that have detected the wireless device. |
Channel |
Channel on which the wireless device was most recently detected. |
Status |
Status of the AP or client: · Active—The AP or client is active. · Inactive—The AP or client is inactive. |
# Display detailed information about wireless devices detected in VSD a.
<Sysname> display wips virtual-security-domain a device verbose
Total 2 detected devices in virtual-security-domain a
AP: 1000-0000-0000
Mesh Neighbor: None
Classification: Mis(C)
Severity level: 0
Classify way: Auto
Status: Active
Status duration: 00h 27m 57s
Vendor: Not found
SSID: service
Radio type: 802.11g
Countermeasuring: No
Security: None
Encryption method: None
Authentication method: None
Broadcast SSID: Yes
QoS supported: No
Ad-hoc: No
Beacon interval: 100 TU
Up duration: 00h 27m 57s
Channel band-width supported: 20MHZ
Hotspot AP: No
Soft AP: No
Honeypot AP: No
Total number of reported sensors: 1
Sensor 1:
Sensor ID: 3
Sensor name: 1
Radio ID: 1
RSSI: 15
Channel: 149
First reported time: 2014-06-03/09:05:51
Last reported time: 2014-06-03/09:05:51
Total number of associated clients: 1
01: 2000-0000-0000
Client: 2000-0000-0000
Last reported associated AP: 1000-0000-0000
Classification: Uncate
Severity level: 0
Classify way: Auto
Dissociative status: No
Status: Active
Status duration: 00h 00m 02s
Vendor: Not found
Radio type: 802.11a
40mhz intolerance: No
Countermeasuring: No
Man in the middle: No
Total number of reported sensors: 1
Sensor 1:
Sensor ID: 2
Sensor name: 1
Radio ID: 1
RSSI: 50
Channel: 149
First reported time: 2014-06-03/14:52:56
Last reported time: 2014-06-03/14:52:56
Reported associated AP: 1000-0000-0000
Table 20 Command output
Field |
Description |
AP |
MAC address of the AP. |
Mesh Neighbor |
MAC address of the mesh AP's neighbor. |
Client |
MAC address of the client. |
Last reported associated AP |
MAC address of the associated AP that the client most recently reports. |
Classification |
Category of the AP or client: · AP category: ¡ ad_hoc. ¡ authorized. ¡ rogue. ¡ misconfigured. ¡ external. ¡ potential-authorized. ¡ potential-rogue. ¡ potential-external. ¡ uncategorized. · Client category: ¡ authorized. ¡ unauthorized. ¡ misassociated. ¡ uncategorized. |
Severity level |
Severity level of the device. |
Classify way |
AP or client classification method: · Manual—Manual classification. · Invalid OUI—Added to the invalid OUI list. · Block List—Added to the prohibited device list. · Associated—APs that are connected to the AC. · Trust List—Added to the permitted device list. · User Define—User-defined classification. · Auto—Automatic classification. |
Dissociative status |
Whether the client is an unassociated client. |
Status |
Status of the AP or client: · Active—The AP or client is active. · Inactive—The AP or client is inactive. |
Status duration |
Duration since the wireless device entered the current state. |
Vendor |
OUI of the device. This field displays the device OUI if the OUI matches an imported OUI. This field displays Not found if no OUI is configured for the device or the OUI does not match any imported OUIs. |
SSID |
SSID of the wireless service provided by the AP. |
Radio Type |
Radio mode of the wireless device. |
40MHz intolerance |
Whether the client supports 40 MHz bandwidth mode. |
Countermeasuring |
Whether WIPS is taking countermeasures against the wireless device: · No. · Yes. |
Man in the middle |
Whether an MITM attack is detected. |
Security |
Security method: · None. · WEP. · WPA. · WPA2. |
Encryption method |
Data encryption method: · TKIP. · CCMP. · WEP. · WAPI-SMS4. · None. |
Authentication method |
Authentication method: · None. · PSK. · 802.1X. · Others—Authentication methods except for PSK authentication and 802.1X authentication. |
Broadcast SSID |
Whether the AP broadcasts the SSID. This field displays nothing if the AP does not broadcast the SSID. |
QoS supported |
Whether the wireless device supports QoS. |
Ad-hoc |
Whether the wireless device is in Ad hoc mode. |
Beacon interval |
Beacon interval in TUs. One TU is equal to 1024 microseconds. |
Channel band-width supported |
Supported channel bandwidth mode: · 20/40/80MHZ. · 20/40MHZ. · 20MHZ. |
Hotspot AP |
Whether the AP is a hotspot attack AP. |
Soft AP |
Whether the AP is a soft AP. |
Honeypot AP |
Whether the AP is a honeypot AP. |
Sensor n |
Sensor that detected the wireless device. n represents the ID assigned by the system. |
Channel |
Channel on which the sensor most recently detected the wireless device. |
First reported time |
Time when the sensor first detected the wireless device. |
Last reported time |
Time when the sensor most recently detected the wireless device. |
n: H-H-H |
MAC address of the client associated with the AP. n represents the number assigned by the system. |
Reported associated AP |
MAC address of the associated AP that the sensor reports. |
Related commands
reset wips virtual-security-domain device
display wlan ap
Use display wlan ap to display AP information.
Syntax
display wlan ap { all | name ap-name } [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
verbose: Displays detailed information.
Examples
# Display information about all APs.
<Sysname> display wlan ap all
Total number of APs: 3
Total number of connected APs: 3
Total number of connected manual APs: 3
Total number of connected auto APs: 0
Total number of connected common APs: 2
Total number of connected WTUs: 1
Total number of inside APs: 0
Maximum supported APs: 2048
Remaining APs: 2046
Total AP licenses: 128
Local AP licenses: 128
Server AP licenses: 0
Remaining local AP licenses: 126.75
Sync AP licenses: 0
AP information
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, DC = DataCheck, R = Run M = Master, B = Backup
AP name APID State Model Serial ID
ap1 1 I WA6320 219801A28N819CE0002T
ap2 2 R WT1020 219801A0SS9156G00072
ap3 3 R WTU420H 219801A0SS9156G00169
Table 21 Command output
Field |
Description |
Total number of APs |
Total number of fit APs, WTs, and WTUs. |
Total number of connected APs |
Total number of connected fit APs, WTs, and WTUs. |
Total number of connected manual APs |
Total number of connected manual fit APs, WTs, and WTUs. |
Total number of connected auto APs |
Total number of connected auto fit APs, WTs, and WTUs. |
Total number of connected common APs |
Total number of connected fit APs. |
Total number of inside APs |
Total number of connected inside APs. Inside APs are manual APs that are automatically created when anchor APs act as ACs. The name and the serial ID of an inside AP are the local MAC address and local serial ID, respectively. |
Maximum supported APs |
Maximum number of APs supported by the AC, including fit APs and WTUs. |
Total AP licenses |
Total number of AP licenses, including the number of common AP licenses and a quarter of the WTU license quantity. The number of AP licenses used for activating an AP varies by AP type: · Common AP—One. · WTU—A quarter. · WT—None. |
Local AP licenses |
Number of AP licenses installed on the AC. |
Server AP licenses |
This field is not supported in the current software version. Number of AP licenses requested from the license server. |
Remaining local AP licenses |
Number of unused AP licenses installed on the AC. Each AP occupies one AP license and each WTU occupies 0.25 AP licenses. WTs do not require AP licenses. |
Sync AP licenses |
This field is not supported in the current software version. Number of synchronized AP licenses. |
APID |
ID of the AP to uniquely identify the AP on the AC. |
State |
Current state of the AP: · I—Idle. · J—Join. · JA—Join acknowledge. · IL—The AP is downloading the image file. · C—The AP is downloading initial configurations. · DC—The AP is checking data. · R—The CAPWAP tunnel is operating. It indicates that the AP and the AC have established a CAPWAP tunnel. · R/M—The master CAPWAP tunnel is operating. It indicates that the AP and the master AC have established a CAPWAP tunnel. · R/B—The backup CAPWAP tunnel is operating. It indicates that the AP and the backup AC have established a CAPWAP tunnel. · M—The AP is connected to the master AC. · B—The AP is connected to the backup AC. · R/IL—The CAPWAP tunnel is operating and the AP is downloading the image file. |
Serial ID |
Serial ID of the AP. This field displays Not configured if the serial ID of the AP is not configured. |
# Display detailed information about AP ap1.
<Sysname> display wlan ap name ap1 verbose
AP name : ap1
AP ID : 1
AP group name : default-group
State : Run
Backup type : Master
Online time : 0 days 1 hours 25 minutes 12 seconds
System uptime : 0 days 2 hours 22 minutes 12 seconds
Model : WA6320
Region code : CN
Region code lock : Disable
Serial ID : 219801A0CNC138011454
MAC address : 0AFB-423B-893C
IP address : 192.168.1.50
UDP control port number : 18313
UDP data port number : N/A
H/W version : Ver.C
S/W version : E2321
Boot version : 1.01
USB state : N/A
Power level : N/A
Power info : N/A
Description : wtp1
Priority : 4
Echo interval : 10 seconds
Echo count : 3 counts
Keepalive interval : 10 seconds
Discovery-response wait-time : 2 seconds
Statistics report interval : 50 seconds
Fragment size (data) : 1500
Fragment size (control) : 1450
MAC type : Local MAC & Split MAC
Tunnel mode : Local Bridging & 802.3 Frame & Native Frame
CWPCAP data-tunnel status : Down
Discovery type : Static Configuration
Retransmission count : 3
Retransmission interval : 5 seconds
Firmware upgrade : Enabled
Sent control packets : 1
Received control packets : 1
Echo requests : 147
Lost echo responses : 0
Average echo delay : 3
Last reboot reason : User soft reboot
Last reboot reason (AP check) : The radio physical status was down
Last reboot reason (AC check) : The radio physical status was down
Latest IP address : 10.1.0.2
Current AC IP : 192.168.1.1
Tunnel down reason : Request wait timer expired
Connection count : 1
Backup IPv4 : Not configured
Backup IPv6 : Not configured
Ctrl-tunnel encryption : Disabled
Ctrl-tunnel encryption state : Not encrypted
Data-tunnel encryption : Disabled
Data-tunnel encryption state : Not encrypted
LED mode : Normal
Remote configuration : Enabled
Radio 1:
Basic BSSID : 7848-59f6-3940
Admin state : Up
Radio type : 802.11ac
Antenna type : internal
Client dot11ac-only : Disabled
Client dot11n-only : Disabled
Channel band-width : 20/40/80MHz
Active band-width : 20/40/80MHz
Secondary channel offset : SCB
Short GI for 20MHz : Supported
Short GI for 40MHz : Supported
Short GI for 80MHz : Supported
Short GI for 160MHz : Not supported
MIMO : Not Config
Green-Energy-Management : Disabled
A-MSDU : Enabled
A-MPDU : Enabled
LDPC : Not Supported
STBC : Supported
Operational VHT-MCS Set:
Mandatory : Not configured
Supported : NSS1 0,1,2,3,4,5,6,7,8,9
NSS2 0,1,2,3,4,5,6,7,8,9
Multicast : Not configured
Operational HT MCS Set:
Mandatory : Not configured
Supported : 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 12, 13, 14, 15
Multicast : Not configured
Channel : 44(auto)
Channel usage(%) : 15
Max power : -102 dBm
Operational rate:
Mandatory : 6, 12, 24 Mbps
Multicast : Auto
Supported : 9, 18, 36, 48, 54 Mbps
Disabled : Not configured
Distance : 1 km
ANI : Enabled
Fragmentation threshold : 2346 bytes
Beacon interval : 100 TU
Protection threshold : 2346 bytes
Long retry threshold : 4
Short retry threshold : 7
Maximum rx duration : 2000 ms
Noise Floor : 5 dBm
Smart antenna : Enabled
Smart antenna policy : Auto
Protection mode : rts-cts
Continuous mode : N/A
Client dot11ax-only : Disabled
Operational HE-MCS Set:
Mandatory : Not configured
Supported : NSS1 0,1,2,3,4,5,6,7,8,9,10,11
NSS2 0,1,2,3,4,5,6,7,8,9,10,11
Multicast : Not configured
OFDMA random access RUs : Not Supported
DL-OFDMA : Disabled
UL-OFDMA : Disabled
UL-MU-MIMO : Disabled
BSS-COLOR : Disabled
TWT negotiation : Disabled
Radar-detect : Enabled
HT protection mode : No protection
Radio 2:
Basic BSSID : 7848-59f6-3950
Admin state : Down
Radio type : 802.11b
Antenna type : internal
Client dot11n-only : Disabled
Channel band-width : 20MHz
Active band-width : 20MHz
Secondary channel offset : SCN
Short GI for 20MHz : Supported
Short GI for 40MHz : Supported
A-MSDU : Enabled
A-MPDU : Enabled
LDPC : Not Supported
STBC : Supported
Operational HT MCS Set:
Mandatory : Not configured
Supported : 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 12, 13, 14, 15
Multicast : Not configured
Channel : 5(auto)
Channel usage(%) : 0
Max power : 20 dBm
Preamble type : Short
Operational rate:
Mandatory : 1, 2, 5.5, 11 Mbps
Multicast : Auto
Supported : 6, 9, 12, 18, 24, 36, 48, 54 Mbps
Disabled : Not configured
Distance : 1 km
ANI : Enabled
Fragmentation threshold : 2346 bytes
Beacon interval : 100 TU
Protection threshold : 2346 bytes
Long retry threshold : 4
Short retry threshold : 7
Maximum rx duration : 2000 ms
Noise Floor : 0 dBm
Smart antenna : Enabled
Smart antenna policy : Auto
Protection mode : rts-cts
Continuous mode : N/A
Client dot11ax-only : Disabled
Operational HE-MCS Set:
Mandatory : Not configured
Supported : NSS1 0,1,2,3,4,5,6,7,8,9,10,11
NSS2 0,1,2,3,4,5,6,7,8,9,10,11
Multicast : Not configured
OFDMA random access RUs : Not Supported
DL-OFDMA : Disabled
UL-OFDMA : Disabled
UL-MU-MIMO : Disabled
BSS-COLOR : Disabled
TWT negotiation : Disabled
Radar-detect : Enabled
HT protection mode : No protection
Table 22 Command output
Field |
Description |
State |
Current state of the AP: · Idle—Idle. · Join—Join. · JoinAck—Join acknowledge. · Image—The AP is downloading the version. · Config—The AP is downloading initial configurations. · Data Check—The AP is checking data. · Run—The CAPWAP tunnel is operating. It indicates that the AP and the AC have established a CAPWAP tunnel. · R/M—The master CAPWAP tunnel is operating. It indicates that the AP and the master AC have established a CAPWAP tunnel. · R/B—The backup CAPWAP tunnel is operating. It indicates that the AP and the backup AC have established a CAPWAP tunnel. · M—The AP is connected to the master AC. · B—The AP is connected to the backup AC. |
Backup type |
CAPWAP tunnel type: · Idle—The AP has not established a CAPWAP tunnel with the AC. · Master—The CAPWAP tunnel established between the AP and the master AC. · Backup—The CAPWAP tunnel established between the AP and the backup AC. |
Region code lock |
· Enabled. · Disabled. |
Serial ID |
Serial ID of the AP. If no serial ID is configured, this field displays Not configured. |
MAC address |
MAC address of the AP. If no MAC address is configured, this field displays Not configured. |
UDP control port number |
Port number used by the AP to establish the CAPWAP control tunnel. |
UDP data port number |
Port number used by the AP to establish the CAPWAP data tunnel. |
H/W version |
Hardware version of the AP. |
S/W version |
Software version of the AP. |
WT serial ID |
Serial ID of the WT that connects to the WTU. This field is displayed only for WTUs. |
WT name |
Name of the WT that connects to the WTU. This field is displayed only for WTUs. |
WT MAC address |
MAC address of the WT that connects to the WTU. This field is displayed only for WTUs. |
USB state |
USB state: · Enabled. · Disabled. This field displays N/A if no USB state information is available. |
Power level |
Power level: · Low. · Middle. · High. This field displays N/A if the power level is unknown. Support for this field depends on the AP model. |
Power info |
Power supply information. · Power adapter—The AP uses local power supply. · PoE (port1+port2)—The AP uses PoE power supply. The port1 and port2 arguments represent the power supply status of PoE+ ports. ¡ N/A. ¡ 802.3af. ¡ 802.3at. Support for this field depends on the AP model. |
AP type |
AP type: · Unknown—This field displays Unknown before the AP comes online. · WTU. · Virtual AP. · Fat AP. · Cloud AP. · Normal AP. |
PoE status |
PoE power supply state for each PI: · Enabled. · Disabled. Support for this field depends on the AP model. |
Description |
Description for the AP. If no description is configured, this field displays Not configured. |
Priority |
AP connection priority for the AC. |
Echo interval |
Interval for an AP to send echo requests to the AC. |
Echo count |
Maximum number of echo request transmission attempts. |
Keepalive interval |
Interval for an AP to send keepalive packets through the CAPWAP data tunnel. |
Discovery-response wait-time |
Discovery-response timeout timer. |
Statistics report interval |
Interval for an AP to send statistics reports to the AC. |
Fragment size (data) |
Maximum fragment size for CAPWAP data packets. |
Fragment size (control) |
Maximum fragment size for CAPWAP control packets. |
MAC type |
MAC type of the AP-AC connection: · Local MAC—The AP encapsulates frames in 802.3 format before sending them to the AC. · Split MAC—The AP encapsulates frames in 802.11 format before sending them to the AC. · Local & Split MAC—The AP can encapsulate frames in either 802.3 format or 802.11 format before sending them to the AC. |
Tunnel mode |
Supported tunnel mode of the AP: · Local Bridging—The AP supports local bridging and does not forward data to the AC. · 802.3 Frame—The AP encapsulates the frames in 802.3 format to send them to the AC. · Native Frame—The AP encapsulates the frames in 802.11 format to send them to the AC. · Local Bridging & 802.3 Frame—The AP supports the Local Bridging mode and the 802.3 Frame mode. · 802.3 Frame & Native Frame—The AP supports the 802.3 Frame mode and the Native Frame mode. · Local Bridging & Native Frame—The AP supports the Local Bridging mode and the Native Frame mode. |
CWPCAP data-tunnel status |
Running status of the CAPWAP data tunnel: · Up. · Down. |
Discovery type |
Discovery type of the AP: · Static Configuration—The AP uses the manually configured IPv4 or IPv6 address of the AC. · DHCP—The AP gets the IP address of an AC through DHCP. · DNS—The AP gets the IP address of an AC through DNS. · Unknown. NOTE: In a dual-link backup network, the discovery method of an AP on the backup AC is consistent with that on the master AC. |
Retransmission count |
Number of retransmission attempts for an AC request. |
Retransmission interval |
Interval at which AC requests can be retransmitted. |
Firmware upgrade |
AP software upgrade: · Enabled. · Disabled. |
Sent control packets |
Number of sent packets, including Change State Event Response packets after the AC enters Run state. . |
Received control packets |
Number of received packets, including Change State Event Response packets after the AC enters Run state. |
Echo requests |
Number of echo requests sent by the AP in RUN state. |
Lost echo responses |
Number of echo responses not received by the AP in RUN state. |
Average echo delay |
Average echo delay in milliseconds. |
Last reboot reason |
Last reboot reason for the AP: · Power on. · Hard reboot. · Watchdog reboot. · Unknown reboot. · User soft reboot. · Kernel exception soft reboot. · Kernel deadloop soft reboot. · Auto update soft reboot. · Unknown soft reboot. · Memory exhausted. · Other unknown soft reboot. |
Last reboot reason(AP check) |
Reason for the most recent AP check failure that caused an AP reboot: · The radio state was incorrect. · The radio channel was incorrect. · The radio type was incorrect. · The radio bandwidth was incorrect. · The radio rate was incorrect. · The radio dependence was incorrect. · The radio physical status was down. |
Last reboot reason(AC check) |
Reason for the most recent AC check failure that caused an AP reboot: · The radio state was incorrect. · The radio channel was incorrect. · The radio type was incorrect. · The radio bandwidth was incorrect. · The radio rate was incorrect. · The radio dependence was incorrect. · The radio physical status was down. |
Latest IP address |
IP address that was most recently used by the AP. |
Current AC IP |
IP address of the AC that is associated with the AP. |
Tunnel down reason |
CAPWAP tunnel down reason: · Failed to create timer. · Neighbor dead timer expired. · Request wait timer expired. · Data check timer expired. · Failed to process data channel keep-alive message. · Failed to process request. · AP was reset. · AP was deleted. · Failed to come online. · Serial number changed. · MAC address changed. · Number of APs exceeded the limit. · Processed join request in Run state. · Failed to create AP context. · Received failure result code. · Failed to retransmit message. · Failed to download image file. · Image file downloaded successfully. · File operation timer expired. · Failed to add tunnel. · Received WTP tunnel down event from AP. · Backup AC closed the backup tunnel. · Master and backup tunnel switchover. · Failed to inherit configuration. · AP authentication failed. · Encryption status mismatch. · AP was reset due to inconsistent local and reported radio statistics. · AP was reset due to inconsistent AP state on APMGR and lib. · AP was reset due to inconsistent BSS state on AC and AP. · The AP mode will change from fat or cloud-managed AP to fit AP. This field displays N/A if the CAPWAP tunnel did not go down. |
Connection count |
Number of times that the AP connects to the AC. It is cleared in either one of the following cases: · The AC reboots. · The serial ID of the AP changes. The reset wlan ap command does not clear the connection count. |
Backup IPv4 |
IPv4 address of the backup AC. If no backup AC is specified, this field displays Not configured. |
Backup IPv6 |
IPv6 address of the backup AC. If no backup AC is specified, this field displays Not configured. |
Ctrl-tunnel encryption |
CAPWAP control tunnel encryption: · Enabled. · Disabled. |
Ctrl-tunnel encryption state |
CAPWAP control tunnel encryption state: · Encrypted. · Not encrypted. |
Data-tunnel encryption |
CAPWAP data tunnel encryption: · Enabled. · Disabled. |
Data-tunnel encryption state |
CAPWAP data tunnel encryption state: · Encrypted. · Not encrypted. |
LED mode |
LED lighting mode: · quiet—All LEDs are off. · awake—All LEDs flash once every minute. · always-on—All LEDs are steady on. · normal—How LEDs flash in this mode varies by AP model. |
Remote configuration |
Remote configuration assignment: · Enabled. · Disabled. |
EnergySaving Level |
Energy saving level: · 0—Energy saving disabled. · 1—Level 1. · 2—Level 2. |
Basic BSSID |
MAC address of the radio. This field displays N/A if the AP has not established a CAPWAP tunnel with the AC. |
Admin state |
Radio state: · Up. · Down. |
Radio type |
Wireless mode: · 5 GHz: ¡ 802.11a. ¡ 802.11n(5GHz). ¡ 802.11ac. ¡ 802.11ax. · 2.4 GHz: ¡ 802.11b. ¡ 802.11g. ¡ 802.11n(2.4GHz). ¡ 802.11gac. ¡ 802.11gax. |
Client dot11ax-only |
· Disabled—Allows 802.11a/b/g/n/ac/ax clients to associate with the radio. · Enabled—Allows only 802.11ax clients to associate with the radio. |
Client dot11ac-only |
· Disabled—Allows 802.11a/b/g/n/ac/ax clients to associate with the radio. · Enabled—Allows only 802.11ac and 802.11ax clients to associate with the radio. |
Client dot11n-only |
· Disabled—Allows 802.11a/b/g/n/ac/ax clients to associate with the radio. · Enabled—Allows only 802.11n, 802.11ac, and 802.11ax clients to associate with the radio. |
Channel bandwidth |
Channel bandwidth mode: · 20 MHz. · 20 or 40 MHz. · 20/40/80 MHz. · 20/40/80/160MHz. · 20/40/80/160/(80+80)MHz. |
Operating bandwidth |
Bandwidth being used by the radio. This field displays (auto switch) if automatic bandwidth switching between 20 MHz and 40 MHz is enabled. |
Secondary channel mode |
Secondary channel information for the 802.11n, 802.11ac, and 802.11ax radio mode: · SCA (Second Channel Above)—The AP operates in 40 MHz bandwidth mode, and the secondary channel is above the primary channel. · SCB (Second Channel Below)—The AP operates in 40 MHz bandwidth mode, and the secondary channel is below the primary channel. · SCN—The AP does not operate in 40 MHz bandwidth mode. This field is available only when the bandwidth that the radio is using is 20/40/80MHz. |
Secondary channel center frequency |
Center frequency information about the 80 MHz bandwidth of the secondary channel when the radio operates in 802.11ac or 802.11ax radio mode with a channel bandwidth of 160/(80+80)MHz. This field is available only when the bandwidth that the radio is using is 160/(80+80)MHz. |
Short GI for 20MHz |
Whether the radio supports short GI when it operates in 20 MHz mode. |
Short GI for 40MHz |
Whether the radio supports short GI when it operates in 40 MHz mode. |
Short GI for 80MHz |
Whether the radio supports short GI when it operates in 80 MHz mode. |
Short GI for 160MHz |
Whether the radio supports short GI when it operates in 160 MHz mode. |
MIMO |
MIMO mode: · 1x1—The radio sends and receives signals through one spatial stream. · 2x2—The radio sends and receives signals through two spatial streams. · 3x3—The radio sends and receives signals through three spatial streams. · 4x4—The radio sends and receives signals through four spatial streams. · 5x5—The radio sends and receives signals through five spatial stream. · 6x6—The radio sends and receives signals through six spatial streams. · 7x7—The radio sends and receives signals through seven spatial streams. · 8x8—The radio sends and receives signals through eight spatial streams. · Not configured—The radio sends and receives signals through the maximum number of spatial streams supported by the radio. If this field also displays (PowerLow) after any value option to indicate low power level, the radio can send and receive signals only through one spatial stream. |
Green-Energy-Management |
Energy-saving: · Disabled. · Enabled. |
A-MSDU |
· Disabled. · Enabled. |
A-MPDU |
· Disabled. · Enabled. |
LDPC |
· Supported. · Not supported. |
STBC |
· Supported. · Not supported. |
Operational HE-MCS Set |
· Supported—Supported HE MCS set. · Mandatory—Mandatory HE MCS set. · Multicast—Multicast HE MCS set. |
Operational VHT MCS Set |
· Supported—Supported VHT MCS set. · Mandatory—Mandatory VHT MCS set. · Multicast—Multicast VHT MCS set. |
Operational HT MCS Set |
· Supported—Supported HT MCS set. · Mandatory—Mandatory HT MCS set. · Multicast—Multicast HT MCS set. |
Channel |
This field displays Number<auto> if the current channel is the optimal channel automatically selected by the AP. This field displays Number if the current channel is manually configured. This field displays Number<avoid radar> if the current channel is automatically selected by the AP to avoid radar signals. |
Max power |
Maximum transmission power of the radio. |
Preamble type |
Preamble type: · Short. · Long. |
Operational rate |
· Mandatory. · Supported. · Multicast. · Disabled. · Not configured. |
Distance |
Maximum distance that the radio signal can reach. |
ANI |
· Enabled. · Disabled. |
Protection threshold |
Frame length threshold required for triggering the protection mechanism. |
Long retry threshold |
Maximum number of retransmission attempts for frames whose length exceeds the RTS threshold. |
Short retry threshold |
Maximum number of retransmission attempts for frames whose length is below the RTS threshold. |
Maximum rx duration |
Maximum buffer duration for frames. |
Smart antenna |
· Enabled. · Disabled. This field is not supported in the current software version. |
Smart antenna policy |
· Auto. · High availability. · High throughput. This field is not supported in the current software version. |
Protection mode |
Conflict avoidance mode: · cts-to-self. · rts-cts. |
Continuous mode configuration: · Rate. · MCS index. · NSS index. · VHT-MCS index. This field displays N/A if the continuous mode is not configured. |
|
OFDMA random access RUs |
· Supported. · Not Supported. |
TWT negotiation |
TWT negotiation: · Enabled. · Disabled. Support for this field depends on the AP model. |
DL-OFDMA |
Downlink OFDMA: · Enabled. · Disabled. Support for this field depends on the AP model. |
UL-OFDMA |
Uplink OFDMA: · Enabled. · Disabled. Support for this field depends on the AP model. |
UL-MU-MIMO |
Uplink MU-MIMO: · Enabled. · Disabled. Support for this field depends on the AP model. |
BSS-COLOR |
BSS coloring: · Enabled. · Disabled. Support for this field depends on the AP model. |
HT protection mode |
802.11n protection mode: · No protection. ¡ AP-associated clients and nearby wireless devices are operating in 802.11n mode and AP-associated clients are 802.11n clients with a bandwidth of 40 MHz. ¡ AP-associated clients are 802.11n clients with a bandwidth of 20 MHz. · Non-member protection. · 20 MHz protection. · Non-HT mixed. |
MU-TxBF |
· Enabled. · Disabled. Support for this field depends on the AP model. |
SU-TxBF |
· Enabled. · Disabled. Support for this field depends on the AP model. |
ATF |
· Enabled. · Disabled. |
display wlan ap address
Use display wlan ap address to display AP address information.
Syntax
display wlan ap { all | name ap-name } address
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
Examples
# Display address information for all APs.
<Sysname> display wlan ap all address
Total number of APs: 1
Total number of connected APs: 1
Total number of connected manual APs: 1
Total number of connected auto APs: 0
Total number of inside APs: 0
AP name IP address MAC address
ap1 1.1.1.5 000b-6b8f-fc6a
Table 23 Command output
Field |
Description |
Total number of APs |
Total number of fit APs, WTs, and WTUs. |
Total number of connected APs |
Total number of connected fit APs, WTs, and WTUs. |
Total number of connected manual APs |
Total number of connected manual fit APs, WTs, and WTUs. |
Total number of connected auto APs |
Total number of connected auto fit APs, WTs, and WTUs. |
Total number of inside APs |
Total number of connected inside APs. Inside APs are manual APs that are automatically created when anchor APs act as ACs. The name and the serial ID of an inside AP are the local MAC address and local serial ID, respectively. |
IP address |
IP address of an AP. This field displays N/A for an offline AP. |
MAC address |
MAC address of an AP. This field displays N/A for an offline AP. |
display wlan ap connection-record
Use display wlan ap connection-record to display AP connection records on the AC.
Syntax
display wlan ap { all | name ap-name } connection-record
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Examples
# Display all AP connection records on an AC.
<Sysname> display wlan ap all connection-record
AP name IP address State Time
ap1 2001::3 Run 05-06 09:47:44
ap2 2001::5 Run 05-06 09:50:38
Table 24 Command output
Field |
Description |
State |
Current state of the AP: · Discovery—AC discovery. · Join—The CAPWAP tunnel is being established. · Offline—Offline. · Run—The CAPWAP tunnel is operating. It indicates that the AP and the AC have established a CAPWAP tunnel successfully. |
Time |
Most recent time when the AP established a CAPWAP tunnel with the AC. |
display wlan ap files
Use display wlan ap files to display information about files and file folders on an AP.
Syntax
display wlan ap name ap-name files
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Examples
# Display information about files and file folders on AP ap1.
<Sysname> display wlan ap name ap1 files
Directory of flash:
0 13638656 wa6300-system.bin
1 2573312 wa6300-boot.bin
131072 KB total (114208 KB free)
Table 25 Command output
Field |
Description |
0 13638656 xx.xx |
File or file folder information: · 0—Serial number, which is automatically assigned by the system. · 13638656— File size in bytes. A hyphen (-) is displayed if it is a file folder. · xx.xx—Name of the file or file folder. |
Related commands
delete file
download file
display wlan ap gps
Use display wlan ap gps to display Global Positioning System (GPS) information for the specified APs.
Syntax
display wlan ap { all | name ap-name } gps
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Usage guidelines
This command takes effect only on APs that support the GPS module.
Examples
# Display GPS information for AP ap1.
<Sysname> display wlan ap name ap1 gps
AP name : ap1
Serial ID : 219801A17C817200001
Model : WA5630X
Longitude : 117.788887
Latitude : 30.822136
Velocity : 25.445878
Orientation: 8.054548
Elevation : 156.655897
Obtained at: 2017-02-20 15:32:19
Table 26 Command output
Description |
|
Name of the AP. |
|
Serial ID of the AP. |
|
AP model. |
|
Longitude rounded to six decimal places. |
|
Latitude |
Latitude rounded to six decimal places. |
Velocity |
Horizontal velocity rounded to six decimal places. |
Orientation |
Orientation rounded to six decimal places. |
Elevation |
Elevation rounded to six decimal places. |
Obtained at |
Time when the GPS information was obtained. |
display wlan ap online-time
Use display wlan ap online-time to display the online duration for APs.
Syntax
display wlan ap { all | name ap-name } online-time
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Examples
# Display online duration for all APs.
<Sysname> display wlan ap all online-time
AP name IP address Time
ap1 1.1.1.2 0 days 0 hours 2 minutes 6 seconds
ap2 1.1.1.1 0 days 0 hours 5 minutes 6 seconds
ap3 1.1.1.6 0 days 0 hours 2 minutes 1 seconds
Table 27 Command output
Field |
Description |
IP address |
IP address of an AP. |
Time |
Realtime association duration of an AP since the AP came online. |
display wlan ap radio
Use display wlan ap radio to display AP radio information.
Syntax
display wlan ap { all | name ap-name } radio [ frequency-band { 5 | 2.4 } ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
frequency-band: Specifies a frequency band.
5: Specifies the 5 GHz frequency band.
2.4: Specifies the 2.4 GHz frequency band.
Examples
# Display radio information for all APs.
<Sysname> display wlan ap all radio
Total number of APs: 1
Total number of connected APs: 1
Total number of connected manual APs: 1
Total number of connected auto APs: 0
Total number of connected common APs: 1
Total number of connected WTUs: 0
Total number of inside APs: 0
Maximum supported APs: 6144
Remaining APs: 6144
Total AP licenses: 128
local AP licenses: 0
Server AP licenses: 0
Remaining local AP licenses: 127
Sync AP licenses: 0
AP name RID State Channel BW Usage TxPower Clients
(MHz) (%) (dBm)
ap1 1 Up 48(auto) 40 10 20 5
ap1 2 Up 56(auto) 20 15 20 10
# Display 2.4 GHz radio information for AP ap1.
<Sysname> display wlan ap name ap1 radio frequency-band 2.4
AP name RID State Channel BW Usage TxPower Clients
(MHz) (%) (dBm)
ap1 2 Up 48(auto) 20 15 20 15
Table 28 Command output
Field |
Description |
Total number of connected WTUs |
Total number of connected WTUs. |
Total number of inside APs |
An inside AP is a manual AP automatically created for radio management when an anchor AP acts as an AC. The name and serial ID of the inside AP are the MAC address and serial ID of the anchor AP, respectively. |
Maximum supported APs |
Maximum number of supported APs, including fit APs and WTUs, on the AC. |
Remaining APs |
Remaining number of supported APs. The value equals the number of maximum supported APs minus the number of connected common APs and the number of connected WTUs. |
Total AP licenses |
Total number of AP licenses. Each WTU license is considered as 0.25 AP licenses. |
local AP licenses |
Number of local AP licenses on the AC. |
Server AP licenses |
Number of AP licenses requested from the server by the AC. |
Remaining local AP licenses |
Number of remaining local AP licenses. Each AP occupies one AP license and each WTU occupies 0.25 AP licenses. WTs do not require AP licenses. |
Sync AP licenses |
Number of synchronized AP licenses. |
State |
Radio state: · Up. · Down. |
BW(MHz) |
Maximum supported bandwidth. |
Usage |
Channel usage. |
TxPower (dBm) |
Transmission power. By default, the maximum supported power is used to transmit packets. |
Clients |
Number of online clients. |
display wlan ap radio channel
Use display wlan ap radio channel to display radio channel information.
Syntax
display wlan ap { all | name ap-name } radio channel
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Examples
# Display radio channel information for AP ap3.
<Sysname> display wlan ap name ap3 radio channel
AP name RID Channel Band-width CenterFreq
(MHz)
ap3 1 36(auto) 20/40/80/160/(80+80) 42/58
ap3 2 52 20/40/80 155
ap3 3 11(auto) 20 0
Table 29 Command output
Field |
Description |
Band-width (MHz) |
Supported channel bandwidth. |
CenterFreq |
Central frequencies. This field is available only when the supported channel bandwidth reaches 80 MHz. This field displays the central frequencies for both the main and the secondary channels when 160 MHz or 80+80 MHz bandwidth is supported. |
display wlan ap radio type
Use display wlan ap radio type to display radio type information.
Syntax
display wlan ap { all | name ap-name } radio type
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Examples
# Display radio type information for AP ap1.
<Sysname> display wlan ap name ap1 radio type
AP name RID AP state Radio state Radio type
ap1 1 Up Up 802.11n(5GHz)
ap1 2 Up Down 802.11n(2.4GHz)
Table 30 Command output
Field |
Description |
AP state |
AP state: · Up—The AP has established a CAPWAP tunnel with the AC. · Down—The AP has not established a CAPWAP tunnel with the AC. |
Radio state |
Radio state: · Up. · Down. |
display wlan ap reboot-log
Use display wlan ap reboot-log to display reboot logs for an AP.
Syntax
display wlan ap name ap-name reboot-log
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Usage guidelines
If the AP has suffered a system crash, you can use this command to view detailed information about the crash.
To use this command, make sure the specified AP is in Run state.
Examples
# Display reboot logs for AP ap1.
<Sysname> display wlan ap name ap1 reboot-log
Debugging information is not available on the AC.
Downloading debugging data from AP. Continue? [Y/N]:y
Downloading debugging data. Please wait...
Please enter the same command again to view the log messages.
<Sysname>dis wlan ap name ap1 reboot-log
--------------------- Reboot record 1 ---------------------
Recorded at : 2018-07-20 03:29:43.324529
Occurred at : 2018-07-20 03:29:43.324529
Reason : 0x8
Thread : devd (TID: 50)
Context : thread context
Cpu : 0
Kernel module info : module name (system) module address (0xd145a000)
module name (addon) module address (0xd00d5000)
Last 5 thread switches : WDRVFwdKthread (3:29:43.323999)-->
swapper (3:29:43.324011)-->
WDRVFwdKthread (3:29:43.324467)-->
swapper (3:29:43.324478)-->
devd (3:29:43.324502)-->
…
Related commands
reset wlan ap reboot-log
display wlan ap region-code
Use display wlan ap region-code to display region code information for all APs or the specified AP.
Syntax
display wlan ap { all | name ap-name } region-code
Views
Any view
Predefined user roles
network-admin
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Examples
# Display region code information for all APs.
<Sysname> display wlan ap all region-code
Region Code
AP name Region Code
ap1 CN CHINA
ap2 CN CHINA
ap3 CN CHINA
Field |
Description |
Region Code |
Region code. |
display wlan ap running-configuration
Use display wlan ap running-configuration to display running configuration for the specified AP or all APs.
Syntax
display wlan ap running-configuration { all | ap-name ap-name } [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
verbose: Displays detailed running configuration.
Examples
# Display detailed running configuration for all APs.
<Sysname> display wlan ap running-configuration all verbose
(i) -- Inherited from AP group
(g) -- Inherited from AP global-configuration
#
wlan ap ap1 model WA6320 id 5
ap group name 1
serial-id 210235A1BSC123000050
region code CN (g)
echo interval 10 (i)
echo count 3 (i)
keepalive interval 10 (i)
retransmission count 3 (i)
retransmission interval 5 (i)
statistics interval 50 (i)
fragment-size data 1500 (i)
fragment-size control 1450 (i)
tunnel-preempt disable (g)
firmware update 1
priority 4 (i)
…
radio 1
radio type 802.11ax (i)
radio disable (i)
channel auto<64> (i)
channel unlock (i)
max-power 20 (i)
power unlock (i)
distance 1 kilometer (i)
ANI Enabled (i)
…
radio 2
radio type 802.11gax (i)
radio disable (i)
channel auto<11> (i)
channel unlock (i)
max-power 20 (i)
power unlock (i)
distance 1 kilometer (i)
ANI Enabled (i)
…
#
wlan ap ap2 model WA6320 id 6
ap group name 2
serialid 219801A28N819CE0002T
region code CN (g)
echo interval 10 (i)
echo count 3 (i)
keepalive interval 10 (i)
retransmission count 3 (i)
retransmission interval 5 (i)
statistics interval 50 (i)
fragment-size data 1500 (i)
fragment-size control 1450 (i)
preempt disable (g)
firmware-upgrade disable (g)
priority 4 (i)
…
radio 1
radio type 802.11ac (i)
radio disable (i)
channel auto<60> (i)
channel unlock (i)
max-power 20 (i)
power unlock (i)
distance 1 kilometer (i)
ANI Enabled (i)
…
radio 2
radio type 802.11n(2.4GHz) (i)
radio disable (i)
channel auto<13> (i)
channel unlock (i)
max-power 20 (i)
power unlock (i)
distance 1 kilometer (i)
ANI Enabled (i)
…
display wlan ap-distribution
Use display wlan ap-distribution to display AP distribution information.
Syntax
display wlan ap-distribution { all | local-ac-name local-ac-name | slot slot-number }
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Displays distribution information for APs attached to ACs.
· On a non-IRF and non-AC hierarchical network, this command displays distribution information for APs attached to the current device.
· On an IRF fabric, this command displays distribution information for APs attached to all IRF member devices.
· On a AC hierarchical network, the command output depends on the AC's role.
¡ Central AC—Distribution information for APs attached to the central AC and all local ACs.
¡ Local AC—Distribution information for APs attached to the current local AC.
local-ac-name local-ac-name: Specifies a local AC by its AC name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-). This option is supported only on the central AC.
slot slot-number: Specifies an IRF member device by its member ID.
Examples
# Display distribution information for all APs.
<Sysname> display wlan ap-distribution all
Slot : 1
Total number of APs: 1
AP name : 722a-d561-0301
# On the central AC, display distribution information for APs attached to the central AC and all local ACs.
<Sysname> display wlan ap-distribution all
Central AC Slot 0 Total number of APs: 1
AP name AP ID AP IP AC IP
ap1 1 1.1.1.1 1.1.1.10
Local AC local-ac1 Total number of APs: 3
AP name AP ID AP IP AC IP
Ap2 2 1.1.1.2 1.1.1.11
Ap3 3 1.1.1.3 1.1.1.11
Ap4 4 1.1.1.4 1.1.1.11
Table 32 Command output
Field |
Description |
Central AC |
Distribution information for APs attached to the central AC. |
Slot |
Member ID of the IRF member device. This field indicates the member ID only for centralized IRF devices. |
AC IP |
IP address of the associated AC. The AP can associate with a local AC or the central AC. |
Local AC |
Distribution information for APs attached to the local AC. |
local-ac1 |
Local AC name. |
# On the central AC, display distribution information for APs attached to local AC local-ac1.
<Sysname> display wlan ap-distribution local-ac-name local-ac1
Total number of APs: 1
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, DC = DataCheck, R = Run, M = Master, B = Backup
AP name APID State Model Serial ID
722a-d561-0300 8 R/M WA6320 219801A28N819CE0002T
# On an IRF fabric, display distribution information for APs attached to the specified slot.
<Sysname> display wlan ap-distribution slot 0
Total number of APs: 1
AP information
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, DC = DataCheck, R = Run, M = Master, B = Backup
AP name APID State Model Serial ID
722a-d561-0300 4 R/M WA6320 210235A1BSC123000050
Table 33 Command output
Field |
Description |
APID |
ID of the AP to uniquely identify the AP on the AC. |
State |
Current state of the AP: · I—Idle. · J—Join. · JA—Join acknowledge. · IL—The AP is downloading the software image version. · C—The AP is downloading initial configurations. · DC—The AP is checking data. · R—The CAPWAP tunnel is operating. It indicates that the AP and the AC have established a CAPWAP tunnel. · R/M—The master CAPWAP tunnel is operating. It indicates that the AP and the master AC have established a CAPWAP tunnel. · R/B—The backup CAPWAP tunnel is operating. It indicates that the AP and the backup AC have established a CAPWAP tunnel. · M—The AP is connected to the master AC. · B—The AP is connected to the backup AC. |
Model |
AP model information. |
Serial ID |
Serial ID of the AP. This field displays Not configured if the serial ID of the AP is not configured. |
display wlan ap-group
Use display wlan ap-group to display information about all AP groups or the specified AP group.
Syntax
display wlan ap-group [ brief | name group-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
brief: Displays brief information about all AP groups.
name group-name: Displays detailed information about the specified AP group. The group-name argument represents the name of an AP group, a case-insensitive string of 1 to 31 characters.
Usage guidelines
If you do not specify any parameter, this command displays detailed information about all AP groups.
Examples
# Display detailed information about all AP groups.
[Sysname] display wlan ap-group
Total number of AP groups: 2
AP group name : default-group
Description : Not configured
AP model : Not configured
APs : Not configured
AP group name : group1
Description : abcd
AP model : WA6320
AP grouping rules:
AP name : ap1, ap2
Serial ID : 219801A28N819CE0002T
MAC address : 0AFB-423B-893C
IPv4 address : Not configured
IPv6 address : Not configured
APs : ap1 (AP name)
# Display detailed information about AP group group1.
[Sysname] display wlan ap-group group1
AP group name : group1
Description : Not configured
AP model : WA6320
AP grouping rules:
AP name : ap1, ap2
Serial ID : 219801A28N819CE0002T
MAC address : 0AFB-423B-893C
IPv4 address : Not configured
IPv6 address : Not configured
APs : ap1 (AP name)
# Display brief information about all AP groups.
<Sysname> display wlan ap-group brief
Total number of AP groups: 4
AP group name Group ID Member APs Online APs
default-group 1 1 0
group1 2 2006 1986
group2 3 10 10
group3 4 4 4
Related commands
wlan ap-group
display wlan ap-model
Use display wlan ap-model to display AP model information.
display wlan ap-model { all | name model-name }
name model-name: Specifies an AP model by its name.
# Display information about AP model WA6320.
<Sysname> display wlan ap-model name WA6320
AP model : WA6320
Alias : WA6320
Vendor name : H3C
Vendor ID : 25506
License weight : 100
Radio count : 2
Radio 1:
Mode : 802.11a, 802.11an, 802.11ac
Default mode : 802.11ac
BSS count : 16
Radio 2:
Mode : 802.11b, 802.11g, 802.11gn
Default mode : 802.11gn
BSS count : 16
Version Support List :
Hardware Version Ver.A:
Software Version : R2206P02
Default Software Version : R2206P02
Image Name : wa6300.ipe
Hardware Version Ver.B:
Software Version : R2206P02
Default Software Version : R2206P02
Image Name : wa6300.ipe
Hardware Version Ver.C:
Software Version : R2206P02
Default Software Version : R2206P02
Image Name : wa6300.ipe
Hardware Version Ver.D:
Software Version : R2206P02
Default Software Version : R2206P02
Image Name : wa6300.ipe
Hardware Version Ver.E:
Software Version : R2206P02
Default Software Version : R2206P02
Image Name : wa6300.ipe
Hardware Version Ver.F:
Software Version : R2206P02
Default Software Version : R2206P02
Image Name : wa6300.ipe
display wlan blacklist
Use display wlan blacklist to display blacklist entries.
Syntax
display wlan blacklist { dynamic | static }
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
dynamic: Specifies the dynamic blacklist.
static: Specifies the static blacklist.
Examples
# Display static blacklist entries.
<Sysname> display wlan blacklist static
Total number of clients: 3
MAC addresses:
000e-35b2-000e
0019-5b8e-b709
001c-f0bf-9c92
# Display dynamic blacklist entries.
<Sysname> display wlan blacklist dynamic
Total number of clients: 3
MAC address APID RID Lifetime (s) Duration (hh:mm:ss)
000f-e2cc-0001 1 1 300 00:02:11
000f-e2cc-0002 2 1 300 00:01:17
000f-e2cc-0003 3 1 300 00:02:08
Table 35 Command output
Field |
Description |
MAC address |
Client MAC address. |
APID |
ID of the AP that detected the rogue client. |
RID |
Radio ID of the AP that detected the rogue client. |
Lifetime (s) |
Lifetime of the entry in seconds. |
Duration (hh:mm:ss) |
Duration for the entry since the entry was added to the dynamic blacklist. |
display wlan client
Use display wlan client to display client information.
Syntax
display wlan client [ ap ap-name [ radio radio-id ] | mac-address mac-address | service-template service-template-name | frequency-band { 2.4 | 5 } | vlan vlan-id ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ap ap-name: Displays information about clients that are connected to the specified AP. The AP name is a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
radio radio-id: Displays information about clients that are connected to the specified radio. The value range for the radio-id argument varies by device model. If you do not specify this option, the command displays information about all clients that are connected to the specified AP.
mac-address mac-address: Specifies a client by its MAC address.
service-template service-template-name: Displays information about clients that are associated with the specified service template. The service template name is a case-insensitive string of 1 to 63 characters.
frequency-band: Displays information about clients working on the specified band.
2.4: Specifies the 2.4 GHz band.
5: Specifies the 5 GHz band.
verbose: Displays detailed client information. If you do not specify this keyword, the command displays brief client information.
vlan vlan-id: Displays information about clients in the specified VLAN. The vlan-id argument represents the VLAN ID in the range of 1 to 4094.
Examples
# Display brief information about all clients.
<Sysname> display wlan client
Total number of clients: 3
MAC address Username AP name R IP address VLAN
000f-e265-6400 N/A ap1 1 1.1.1.1 100
000f-e265-6401 user ap2 1 3.0.0.3 200
84db-ac14-dd08 N/A ap1 1 5.5.5.3 1
Table 36 Command output
Field |
Description |
MAC address |
Client MAC address. |
Username |
Client username: · The field displays the client username if the client uses 802.1X or MAC authentication. · The field displays N/A if the client does not use 802.1X or MAC authentication. NOTE: If the client uses portal authentication, this field does not display the portal username of the client. |
AP name |
Name of the AP that the client is associated with. |
R |
ID of the radio that the client is associated with. |
IP address |
IPv4 address of the client. |
VLAN ID |
ID of the VLAN to which the client belongs. |
# Display detailed information about the client with MAC address 000f-e265-6400.
<Sysname> display wlan client mac-address 000f-e265-6400 verbose
Total number of clients: 1
MAC address : 000f-e265-6400
IPv4 address : 10.1.1.114
IPv6 address : 2001::1234:5678:0102:0304
Username : N/A
AID : 1
AP ID : 1
AP name : ap1
Radio ID : 1
Channel : 36
SSID : office
BSSID : 0026-3e08-1150
VLAN ID : 3
VLAN ID2 : N/A
Sleep count : 3
Wireless mode : 802.11gn
Channel bandwidth : 20MHz
20/40 BSS Coexistence Management : Not supported
SM power save : Enabled
Short GI for 20MHz : Supported
Short GI for 40MHz : Supported
Short GI for 80MHz : Supported
Short GI for 160/80+80MHz : Not supported
STBC RX capability : Not supported
STBC TX capability : Not supported
LDPC RX capability : Not supported
SU beamformee capability : Not supported
MU beamformee capability : Not supported
Beamformee STS capability : N/A
Block Ack : TID 0 In
Supported VHT-MCS set : NSS1 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
NSS2 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Supported HT MCS set : 0, 1, 2, 3, 4, 5, 6, 7,
8, 9, 10, 11, 12, 13, 14,
15
Supported rates : 1, 2, 5.5, 6, 9, 11,
12, 18, 24, 36, 48, 54 Mbps
QoS mode : WMM
Listen interval : 10
RSSI : 62
Rx/Tx rate : 130/195 Mpbs
Speed : N/A
Authentication method : Open system
Security mode : PRE-RSNA
AKM mode : Not configured
Cipher suite : N/A
User authentication mode : Bypass
WPA3 status : Disabled
Authorization ACL ID : 3001(Not effective)
Authorization user profile : N/A
Authorization CAR :
Average input rate : 102400 bps
Average output rate : 102400 bps
Roam status : N/A
Key derivation : SHA1
PMF status : Enabled
Forwarding policy name : Not configured
Online time : 0days 0hours 1minutes 13seconds
FT status : Inactive
BTM status : Disabled
Table 37 Command output
Field |
Description |
MAC address |
Client MAC address. |
IPv4 address |
Client IPv4 address. |
IPv6 address |
Client IPv6 address. |
Username |
Client username: · The field displays the client username if the client uses 802.1X or MAC authentication. · The field displays N/A if the client does not use 802.1X or MAC authentication. NOTE: If the client uses portal authentication, this field does not display the portal username of the client. |
AID |
Association ID. |
AP ID |
ID of the AP that the client is associated with. |
AP name |
Name of the AP that the client is associated with. |
Radio ID |
ID of the radio that the client is associated with. |
Channel |
Working channel of the associated radio. |
SSID |
SSID with which the client is associated. |
VLAN ID |
ID of the inner VLAN to which the client belongs. |
VLAN ID2 |
ID of the outer VLAN to which the client belongs. This field displays N/A if no outer VLAN is specified. |
Sleep count |
Client sleep times. |
Wireless mode |
Wireless mode: · 802.11a. · 802.11b. · 802.11g. · 802.11gn. · 802.11an. · 802.11ac. · 802.11ax. · 802.11gax. |
Channel bandwidth |
Channel bandwidth: · 20 MHz. · 40 MHz. · 80 MHz. · 160 MHz. |
20/40 BSS Coexistence Management |
Whether the client supports 20/40MHz channel bandwidth coexistence. |
SM Power Save |
SM Power Save status: · Enabled—Only one antenna of a client operates in active state, and others operate in sleep state to save power. · Disabled. |
Short GI for 20MHz |
Whether the client supports short GI when its channel bandwidth is 20 MHz: · Supported. · Not supported. |
Short GI for 40MHz |
Whether the client supports short GI when its channel bandwidth is 40 MHz: · Supported. · Not supported. |
Short GI for 80MHz |
Whether the client supports short GI when its channel bandwidth is 80 MHz: · Supported. · Not supported. |
Short GI for 160/80+80MHz |
Whether the client supports short GI when its channel bandwidth is 160 MHz or 80 + 80 MHz: · Supported. · Not supported. |
STBC Rx Capability |
Client STBC receive capability; · Not Supported. · Supported. |
STBC Tx Capability |
Client STBC transmission capability: · Not Supported. · Supported. |
LDPC Rx capability |
Client LDPC receive capability; · Not Supported. · Supported. |
SU beamformee capability |
Client SU beamformee capability: · Not Supported. · Supported. |
MU beamformee capability |
Client MU beamformee capability: · Not Supported. · Supported. |
Beamformee STS capability |
Supported spatial stream quantity if the client is a beamformee receiver, in the range of 0 to 7 (the maximum spatial stream quantity specified by the MIMO mode minus one). This field displays N/A if the client cannot act as a beamformee receiver. |
Number of Sounding Dimensions |
Supported spatial stream quantity if the client is a beamformee transmitter, in the range of 0 to 7 (the maximum spatial stream quantity specified by the MIMO mode minus one). This field displays N/A if the client cannot act as a beamformee transmitter. |
Block Ack |
Negotiation result of Block ACK with TID: · TID 0 In—Sends Block ACK for inbound traffic. · TID 0 Out—Sends Block ACK for outbound traffic. · TID 0 Both—Sends Block ACK for both inbound and outbound traffic. · N/A—Does not send Block ACK for both inbound and outbound traffic. |
Supported VHT-MCS set |
VHT-MCS supported by the client. |
Supported HT MCS set |
HT-MCS supported by the client. |
2.4G 40MHz Channel bandwidth |
Client support for 2.4G 40 MHz channel bandwidth: · Not Supported. · Supported. |
5G 40And80MHz Channel bandwidth |
Client support for 5G 40 MHz and 80 MHz channel bandwidth: · Not Supported. · Supported. |
5G 160MHz Channel bandwidth |
Client support for 5G 160 MHz channel bandwidth: · Not Supported. · Supported. |
5G 8080MHz Channel bandwidth |
Client support for 5G 80+80 MHz channel bandwidth: · Not Supported. · Supported. |
OFDMA random access RUs |
Support for OFDMA random selection of RUs. · Not Supported. · Supported. |
Supported HE80MHz-MCS set |
Supported 80 MHz HE-MCS sets. |
Supported HE160MHz-MCS set |
Supported 160 MHz HE-MCS sets. |
Supported HE 8080MHz-MCS set |
Supported 80+80 MHz HE-MCS sets. |
TWT scheduled |
Whether the client is a TWT scheduled client. A TWT scheduled client can calculate and negotiate TWT scheduling information. · Yes. · No. |
QoS mode |
QoS mode: · N/A—WMM is not supported. · WMM—WMM is supported. WMM information negotiation is carried out between an AP and a client that both support WMM. |
Listen interval |
Interval at which the client wakes up to listen for beacon frames. It is counted by beacon interval. |
RSSI |
Received signal strength indication. This value indicates the client signal strength detected by the AP. |
Rx/Tx rate |
Sending and receiving rates of data, management, and control frames. |
Speed |
Sending and receiving rates in the past 2 minutes in Kbps, rounded to three decimal places. This field displays N/A if both the sending and receiving rates are 0. |
Authentication method |
Authentication method: · Open system. · Shared key. · SAE. · FT. |
Security mode |
Security mode: · RSN—Beacons and probe responses carry RSN IE. · WPA—Beacons and probe responses carry WPA IE. · PRE-RSNA—Beacons and probe responses do not carry RSN IE or WPA IE. |
AKM mode |
AKM mode: · 802.1X. · PSK. · OWE. · Not configured. |
Cipher suite |
Cipher suite: · N/A. · WEP40. · WEP104. · WEP128. · CCMP. · TKIP. · GCMP. |
User authentication mode |
User authentication mode: · Bypass—No client authentication. · MAC. · 802.1X. · OUI. |
WPA3 status |
WPA3 status: · Disabled. · Enabled. · N/A. |
Authorization ACL ID |
Authorized ACL number: · This field displays the ACL number if the authorized ACL takes effect. · This field displays ACL number(Not effective) if the authorized ACL does not take effect. · This field displays N/A if the authentication server is configured without any authorized ACL. |
Authorization user profile |
Name of the authorized user profile: · This field displays the authorized user profile name if the authorized user profile takes effect. · This field displays authorized user profile name + Not effective if the authorized user profile does not take effect. · This field displays N/A if the authentication server is configured without any authorized user profile. |
Authorization CAR |
Authorization CAR: · Average input rate—Average uplink rate in bps. · Average output rate—Average downlink rate in bps. · N/A—This field displays N/A if the authentication server is not configured with authorization CAR for users. |
Roam status |
Roam status: · Roaming in progress. · Inter-AC roam. · Inter-MA roam. · Intra-AC roam. · Intra-MA roam. · This field displays N/A if the client stays in one BSS after coming online. |
Key derivation |
Key derivation type: · SHA1—Uses the HMAC-SHA1 hash algorithm. · SHA256—Uses the HMAC-SHA256 hash algorithm. · SHA384—Uses the HMAC-SHA384 hash algorithm. · N/A—No key derivation algorithm is involved for the authentication type. |
PMF status |
PMF status: · Enabled—Management frame protection is enabled. · Disabled—Management frame protection is disabled. · N/A—Management frame protection is not involved. |
Forwarding policy name |
WLAN forwarding policy name: · Not configured. · Policy-name. |
Online time |
Client online duration. |
FT status |
Fast BSS transition (FT) status: · Active—FT is enabled. · Inactive—FT is disabled. |
BTM status |
BSS transition management (BTM) status: · Disabled. · Enabled. |
display wlan client status
Use display wlan client status to display client status information.
Syntax
display wlan client status [ mac-address mac-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
mac-address mac-address: Specifies a client by its MAC address in the format of H-H-H. If you do not specify this option, the command displays status information about all clients.
verbose: Displays detailed client status information. If you do not specify this keyword, the command displays brief client status information.
Examples
# Display brief status information about the specified client.
<Sysname> display wlan client status mac-address 001c-f08f-f804
Total number of clients: 1
MAC address RSSI Rx/Tx rate Speed(bps) Discard AP name RID
001c-f08f-f804 0 39M/117M N/A 0.00% ap2 2
# Display brief status information about all clients.
<Sysname> display wlan client status
Total number of clients: 2
MAC address RSSI Rx/Tx rate Speed(bps) Discard AP name RID
000b-c002-9d09 65 39M/117M N/A 0.00% ap2 2
000f-e265-6401 62 130M/195M N/A 0.00% ap1 1
Table 38 Command output
Field |
Description |
MAC address |
Client MAC address. |
RSSI |
RSSI of the client. |
Rx/Tx rate |
Rates at which the client receives and sends data, management packets, and control packets. |
Speed(bps) |
Rates at which the client receives and sends packets in the past 2 minutes, rounded to one decimal place. · If a rate is smaller than 1 Mbps, the value is displayed in Kbps. · If a rate equals 1 Mbps or is larger than 1 Mbps, the value is displayed in Mbps. · If a rate equals 1 Gbps or is larger than 1 Gbps, the value is displayed in Gbps. This field displays N/A if both the sending and receiving rates are 0. |
Discard |
Ratio of packets discarded by the client. |
AP name |
Name of the AP with which the client is associated. |
RID |
ID of the radio with which the client is associated. |
# Display detailed status information about the specified client.
<Sysname> display wlan client status mac-address 001c-f08f-f804 verbose
Total number of clients: 1
MAC address : 001c-f08f-f804
AP name : ap2
Radio ID : 2
RSSI : 0
Rx/Tx rate : 39/117 Mbps
Speed :N/A
Received:
Retransmitted packets : 84
Retransmitted packet ratio : 64.12 %
Sent:
Retransmitted packets : 0
Retransmitted packet ratio : 0.00 %
Discarded:
Discarded packets : 0
Discarded packet ratio : 0.00 %
Table 39 Command output
Field |
Description |
MAC address |
Client MAC address. |
AP name |
Name of the AP that the client is associated with. |
Radio ID |
ID of the radio that the client is associated with. |
RSSI |
RSSI of the client. |
Rx/Tx rate |
Rates at which the client receives and sends data, management packets, and control packets. |
Speed |
Rates at which the client receives and sends packets in the past 2 minutes, rounded to one decimal place. · If a rate is smaller than 1 Mbps, the value is displayed in Kbps. · If a rate equals 1 Mbps or is larger than 1 Mbps, the value is displayed in Mbps. · If a rate equals 1 Gbps or is larger than 1 Gbps, the value is displayed in Gbps. This field displays N/A if both the sending and receiving rates are 0. |
Received |
Received packet statistics: · Retransmitted packets. · Retransmitted packet ratio. |
Sent |
Sent packet statistics: · Retransmitted packets. · Retransmitted packet ratio. |
Discarded |
Discarded packet statistics: · Discarded packets. · Discarded packet ratio. |
display wlan service-template
Use display wlan service-template to display service template information.
Syntax
display wlan service-template [ service-template-name ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
service-template-name: Specifies a service template by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this argument, the command displays information about all service templates.
verbose: Displays detailed service template information.
Examples
# Display brief information about all service templates.
<Sysname> display wlan service-template
Total number of service templates: 2
Service template name SSID Status
1 2333 Enabled
2 3222 Enabled
# Display detailed information about all service templates.
<Sysname> display wlan service-template verbose
Service template name : service1
Description : Not configured
SSID : wuxianfuwu
SSID-hide : Disabled
User-isolation : Disabled
Service template status : Disabled
Maximum clients per BSS : 64
Frame format : Dot3
Seamless roam status : Disabled
Seamless roam RSSI threshold : 50
Seamless roam RSSI gap : 20
VLAN ID : 1
AKM mode : PSK
Security IE : RSN
Cipher suite : CCMP
WEP key ID : 1
TKIP countermeasure time : 100 sec
PTK lifetime : 43200 sec
GTK rekey : Enabled
GTK rekey method : Time-based
GTK rekey time : 86400 sec
GTK rekey client-offline : Enabled
WPA3 status : Disabled
PPSK : Disabled
PPSK Fail Permit : Disabled
Enhance-open status : Enabled
Enhanced-open transition-mode service-template : N/A
User authentication mode : Bypass
Intrusion protection : Disabled
Intrusion protection mode : Temporary-block
Temporary block time : 180 sec
Temporary service stop time : 20 sec
Fail VLAN ID : 1
802.1X handshake : Enabled
802.1X handshake secure : Disabled
802.1X domain : my-domain
MAC-auth domain : Not configured
Max 802.1X users per BSS : 4096
Max MAC-auth users per BSS : 4096
802.1X re-authenticate : Enabled
Authorization fail mode : Online
Accounting fail mode : Online
Authorization : Permitted
Key derivation : SHA1
PMF status : Optional
Hotspot policy number : Not configured
Forwarding policy status : Disabled
Forward policy name : Not configured
Forwarder : AC
FT status : Enabled
QoS trust : Port
QoS priority : 0
BTM status : Disabled
Table 40 Command output
Field |
Description |
SSID |
SSID of the service template. |
SSID-hide |
Whether the SSID is hidden in beacons: · Disabled. · Enabled. |
User-isolation |
Use isolation: · Disabled. · Enabled. |
Service template status |
Service template status: · Disabled. · Enabled. |
Maximum clients per BSS |
Maximum number of clients that the BSS supports. |
Frame format |
Client data frame encapsulation format: · Dot3—802.3 format. · Dot11—802.11 format. |
Seamless roam status |
Seamless roaming status: · Disabled. · Enabled. |
Seamless roam RSSI threshold |
Seamless roaming RSSI threshold. |
Seamless roam RSSI gap |
Seamless roaming RSSI gap. |
VLAN ID |
ID of the inner VLAN to which clients belong after they come online through the service template. |
Service VLAN ID |
ID of the outer VLAN to which clients belong after they come online through the service template. This field displays N/A if no outer VLAN is specified. |
Service VLAN TPID |
TPID of the outer VLAN. · dot1q—0x8100. · dot1ad—0x88A8. |
AKM mode |
AKM mode: · 802.1X. · PSK. |
Security IE |
Security IE: · RSN. · WPA. |
Cipher suite |
Cipher suite: · WEP40. · WEP104. · WEP128. · TKIP. · CCMP. · GCMP. |
TKIP countermeasure time |
TKIP countermeasure time. The value 0 indicates no countermeasures are taken. |
PTK rekey |
Whether PTK rekey is enabled: · Enabled. · Disabled. |
GTK rekey |
Whether GTK rekey is enabled: · Enabled. · Disabled. |
GTK rekey method |
GTK rekey method: · Time-based. · Packet-based. |
GTK rekey time |
GTK rekey interval. |
GTK rekey packets |
Number of packets that can be transmitted before the GTK is refreshed. |
GTK rekey client-offline |
Whether client-off GTK rekey is enabled: · Enabled. · Disabled. |
WPA3 status |
WPA3 security mode: · Disabled. · Mandatory. · Optional. |
PPSK |
Whether PPSK is enabled: · Disabled. · Enabled. |
PPSK Fail Permit |
Whether PPSK fail permit is enabled: · Disabled. · Enabled. |
Enhance-open status |
Whether enhanced open system authentication is enabled: · Disabled. · Enabled. |
Enhanced-open transition-mode service-template |
Recommended service template in transition mode. If no service template is specified, this field displays N/A. |
User authentication mode |
Authentication mode: · Bypass—No authentication. · MAC. · MAC-or-802.1X—MAC authentication is performed first. If MAC authentication fails, 802.1X authentication is performed. · 802.1X. · 802.1X-or-MAC—802.1X authentication is performed first. If 802.1X authentication fails, MAC authentication is performed. · OUI-or-802.1X—OUI authentication is performed first. If OUI authentication fails, 802.1X authentication is performed. · MAC-and-802.1X—MAC authentication is performed first. If MAC authentication succeeds, 802.1X authentication is performed. |
Intrusion protection |
Whether intrusion protection is enabled: · Enabled. · Disabled. |
Intrusion protection mode |
Intrusion protection mode: · Temporary-block—Temporarily adds intruders to the block list. · Service-stop—Stops all services provided by the BSS that receives illegal packets until it resets. · Temporary-service-stop—Temporarily stops the access service provided by the BSS that receives illegal packets. |
Temporary block time |
Temporary block time in seconds. |
Temporary service stop time |
Temporary service stop time in seconds. |
Fail VLAN ID |
ID of the VLAN to which clients are added if they cannot pass the authentication when the authentication server can be reached. This field displays Not configured if the fail VLAN ID is not configured. |
Critical VLAN ID |
ID of the VLAN to which clients are added if they cannot pass the authentication because the authentication server cannot be reached. This field displays Not configured if the critical VLAN ID is not configured. |
802.1X handshake |
Whether 802.1X handshake is enabled: · Enabled. · Disabled. |
802.1X handshake secure |
Whether secure 802.1X handshake is enabled: · Enabled. · Disabled. |
802.1X domain |
802.1X authentication domain. This field displays Not configured if the domain is not configured. |
MAC-auth domain |
MAC authentication domain. This field displays Not configured if the domain is not configured. |
Max 802.1X users per BSS |
Maximum number of supported 802.1X users in a BSS. |
Max MAC-auth users per BSS |
Maximum number of supported users that pass the MAC authentication in a BSS. |
802.1X re-authenticate |
Whether 802.1X reauthentication is enabled: · Enabled. · Disabled. |
Authorization fail mode |
Authorization fail mode: · Offline—Clients are logged off when authorization fails. · Online—Clients are not logged off when authorization fails. |
Accounting fail mode |
Accounting fail mode: · Offline—Clients are logged off when accounting fails. · Online—Clients are not logged off when accounting fails. |
Authorization |
Authorization information: · Permitted—Applies the authorization information issued by the RADIUS server or the local device. · Ignored—Ignores the authorization information issued by the RADIUS server or the local device. |
Key derivation |
Key derivation type: · SHA1—Uses the HMAC-SHA1 hash algorithm. · SHA256—Uses the HMAC-SHA256 hash algorithm. · SHA1-AND-SHA256—Uses the HMAC SHA1 and SHA256 hash algorithm. |
PMF status |
PMF status: · Disabled—Management frame protection is disabled. · Optional—Management frame protection in optional mode is enabled. · Mandatory—Management frame protection in mandatory mode is enabled. |
Hotspot policy number |
Hotspot 2.0 policy number. |
Forwarding policy status |
WLAN forwarding policy status: · Disabled. · Enabled. |
Forward policy name |
WLAN forwarding policy name: · Not configured—No WLAN forwarding policy is configured. · policy-name. |
Forwarder |
Client traffic forwarder: · AC—AC in a non-AC hierarchical network and local AC in an AC hierarchical network. · AP. · Central AC. |
FT status |
FT status: · Disabled. · Enabled. |
FT method |
FT method: · over-the-air. · over-the-ds. |
FT reassociation deadline |
FT reassociation timeout timer in seconds. |
QoS trust |
QoS priority trust mode: · Port—Port priority trust mode. · Dot11e—802.11e priority trust mode. |
QoS priority |
Port priority in the range of 0 to 7. |
BTM status |
BSS Transition Management (BTM) status: · Disabled. · Enabled. |
display wlan statistics ap radio
Use display wlan statistics ap radio to display radio statistics.
Syntax
display wlan statistics ap { all | name ap-name } radio
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all APs.
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters.
Examples
# Display radio statistics for AP ap1.
<Sysname> display wlan statistics ap name ap1 radio
Radio Statistics
--------------------------------------------------------------------------------
AP name: ap1 Radio ID: 1
--------------------------------------------------------------------------------
Transmitted frame statistics:
Total frames : 836532
Total frame bytes : 214040681
Unicast frames : 4
Unicast frame bytes : 900
Broadcast/Multicast frames : 836528
Broadcast/Multicast frame bytes : 214039781
Other frames : 0
Other frame bytes : 0
Discarded frames : 0
Failed RTS frames : 0
Retransmissions : 6
Successful RTS frames : 0
Retransmitted frames : 3
No-ACK frames : 1555
Authentication frames : 1
Association frames : 1
Packet statistics by size:
Smaller than or equal to 128 : 747
Between 128 and 512 (inclusive) : 85983
Between 512 and 1024 (inclusive) : 0
Larger than 1024 : 0
Packet statistics by rate:
1 Mbps : 0 2 Mbps : 0
5.5 Mbps : 0 6 Mbps : 0
9 Mbps : 0 11 Mbps : 0
12 Mbps : 0 18 Mbps : 0
24 Mbps : 880 36 Mbps : 0
48 Mbps : 0 54 Mbps : 0
Packet statistics by 802.11n rate:
6.5 Mbps : 0 7.2 Mbps : 0
13 Mbps : 0 13.5 Mbps : 0
14.4 Mbps : 0 15 Mbps : 0
19.5 Mbps : 0 21.7 Mbps : 0
26 Mbps : 0 27 Mbps : 0
28.9 Mbps : 0 29.3 Mbps : 0
30 Mbps : 0 32.5 Mbps : 0
39 Mbps : 0 40.5 Mbps : 0
43.3 Mbps : 0 45 Mbps : 0
52 Mbps : 0 54 Mbps : 0
57.8 Mbps : 0 58.5 Mbps : 0
60 Mbps : 0 65 Mbps : 0
72.2 Mbps : 0 78 Mbps : 1
81 Mbps : 0 86.7 Mbps : 0
87.8 Mbps : 0 90 Mbps : 0
97.5 Mbps : 0 104 Mbps : 3
108 Mbps : 0 115.6 Mbps : 0
117 Mbps : 0 120 Mbps : 0
121.5 Mbps : 0 130 Mbps : 0
135 Mbps : 0 144.4 Mbps : 0
150 Mbps : 0 156 Mbps : 0
162 Mbps : 0 173.3 Mbps : 0
175.5 Mbps : 0 180 Mbps : 0
195 Mbps : 0 200 Mbps : 0
216 Mbps : 0 216.7 Mbps : 0
234 Mbps : 0 240 Mbps : 0
243 Mbps : 0 260 Mbps : 0
263.3 Mbps : 0 270 Mbps : 0
288.9 Mbps : 0 292.5 Mbps : 0
300 Mbps : 0 324 Mbps : 0
325 Mbps : 0 351 Mbps : 0
360 Mbps : 0 364.5 Mbps : 0
390 Mbps : 0 400 Mbps : 0
405 Mbps : 0 433.3 Mbps : 0
450 Mbps : 0 468 Mbps : 0
486 Mbps : 0 520 Mbps : 0
526.5 Mbps : 0 540 Mbps : 0
585 Mbps : 0 600 Mbps : 0
650 Mbps : 0 702 Mbps : 0
780 Mbps : 0 866.7 Mbps : 0
877.5 Mbps : 0 975 Mbps : 0
1053 Mbps : 0 1170 Mbps : 0
1300 Mbps : 0
--------------------------------------------------------------------------------
Received frame statistics:
Total frames : 420815
Total frame bytes : 24112652
Unicast frames : 585
Unicast frame bytes : 15357
Broadcast/Multicast frames : 420230
Broadcast/Multicast frame bytes : 24097295
Fragmented frames : 0
Duplicate frames : 0
FCS failures : 474471639
Decryption errors : 0
Authentication frames : 1
Association frames : 1
Packet statistics by size:
Smaller than or equal to 128 : 420759
Between 128 and 512 (inclusive) : 54
Between 512 and 1024 (inclusive) : 0
Larger than 1024 : 0
Packet statistics by rate:
6 Mbps : 420115 9 Mbps : 0
12 Mbps : 0 18 Mbps : 0
24 Mbps : 0 36 Mbps : 1
48 Mbps : 0 54 Mbps : 2
Packet statistics by 802.11n rate:
6.5 Mbps : 0 7.2 Mbps : 0
13 Mbps : 0 13.5 Mbps : 0
14.4 Mbps : 0 15 Mbps : 0
19.5 Mbps : 0 21.7 Mbps : 0
26 Mbps : 0 27 Mbps : 0
28.9 Mbps : 0 29.3 Mbps : 0
30 Mbps : 0 32.5 Mbps : 0
39 Mbps : 0 40.5 Mbps : 0
43.3 Mbps : 0 45 Mbps : 0
52 Mbps : 1 54 Mbps : 2
57.8 Mbps : 0 58.5 Mbps : 17
60 Mbps : 0 65 Mbps : 10
72.2 Mbps : 0 78 Mbps : 48
81 Mbps : 0 86.7 Mbps : 70
87.8 Mbps : 0 90 Mbps : 0
97.5 Mbps : 0 104 Mbps : 87
108 Mbps : 0 115.6 Mbps : 170
117 Mbps : 130 120 Mbps : 0
121.5 Mbps : 0 130 Mbps : 140
135 Mbps : 0 144.4 Mbps : 22
150 Mbps : 0 156 Mbps : 0
162 Mbps : 0 173.3 Mbps : 0
175.5 Mbps : 0 180 Mbps : 0
195 Mbps : 0 200 Mbps : 0
216 Mbps : 0 216.7 Mbps : 0
234 Mbps : 0 240 Mbps : 0
243 Mbps : 0 260 Mbps : 0
263.3 Mbps : 0 270 Mbps : 0
288.9 Mbps : 0 292.5 Mbps : 0
300 Mbps : 0 324 Mbps : 0
325 Mbps : 0 351 Mbps : 0
360 Mbps : 0 364.5 Mbps : 0
390 Mbps : 0 400 Mbps : 0
405 Mbps : 0 433.3 Mbps : 0
450 Mbps : 0 468 Mbps : 0
486 Mbps : 0 520 Mbps : 0
526.5 Mbps : 0 540 Mbps : 0
585 Mbps : 0 600 Mbps : 0
650 Mbps : 0 702 Mbps : 0
780 Mbps : 0 866.7 Mbps : 0
877.5 Mbps : 0 975 Mbps : 0
1053 Mbps : 0 1170 Mbps : 0
1300 Mbps : 0
--------------------------------------------------------------------------------
Radio Statistics
--------------------------------------------------------------------------------
AP name: ap1 Radio ID: 2
--------------------------------------------------------------------------------
Transmitted frame statistics:
Total frames : 13134
Total frame bytes : 3259997
Unicast frames : 11
Unicast frame bytes : 3518
Broadcast/Multicast frames : 13123
Broadcast/Multicast frame bytes : 3256479
Other frames : 0
Other frame bytes : 0
Discarded frames : 0
Failed RTS frames : 0
Retransmissions : 58
Successful RTS frames : 0
Retransmitted frames : 11
No-ACK frames : 7541
Authentication frames : 14
Association frames : 8
Packet statistics by size:
Smaller than or equal to 128 : 1020
Between 128 and 512 (inclusive) : 11386
Between 512 and 1024 (inclusive) : 0
Larger than 1024 : 0
Packet statistics by rate:
1 Mbps : 0 2 Mbps : 0
5.5 Mbps : 0 6 Mbps : 0
9 Mbps : 0 11 Mbps : 1121
12 Mbps : 0 18 Mbps : 0
24 Mbps : 0 36 Mbps : 0
48 Mbps : 0 54 Mbps : 0
Packet statistics by 802.11n rate:
6.5 Mbps : 3 7.2 Mbps : 0
13 Mbps : 1 13.5 Mbps : 0
14.4 Mbps : 0 15 Mbps : 0
19.5 Mbps : 4 21.7 Mbps : 0
26 Mbps : 0 27 Mbps : 0
28.9 Mbps : 0 29.3 Mbps : 0
30 Mbps : 0 32.5 Mbps : 0
39 Mbps : 1 40.5 Mbps : 0
43.3 Mbps : 0 45 Mbps : 0
52 Mbps : 0 54 Mbps : 0
57.8 Mbps : 0 58.5 Mbps : 0
60 Mbps : 0 65 Mbps : 0
72.2 Mbps : 0 78 Mbps : 0
81 Mbps : 0 86.7 Mbps : 0
87.8 Mbps : 0 90 Mbps : 0
97.5 Mbps : 0 104 Mbps : 1
108 Mbps : 0 115.6 Mbps : 0
117 Mbps : 1 120 Mbps : 0
121.5 Mbps : 0 130 Mbps : 0
135 Mbps : 0 144.4 Mbps : 0
150 Mbps : 0 156 Mbps : 0
162 Mbps : 0 173.3 Mbps : 0
175.5 Mbps : 0 180 Mbps : 0
195 Mbps : 0 200 Mbps : 0
216 Mbps : 0 216.7 Mbps : 0
234 Mbps : 0 240 Mbps : 0
243 Mbps : 0 260 Mbps : 0
263.3 Mbps : 0 270 Mbps : 0
288.9 Mbps : 0 292.5 Mbps : 0
300 Mbps : 0 324 Mbps : 0
325 Mbps : 0 351 Mbps : 0
360 Mbps : 0 364.5 Mbps : 0
390 Mbps : 0 400 Mbps : 0
405 Mbps : 0 433.3 Mbps : 0
450 Mbps : 0 468 Mbps : 0
486 Mbps : 0 520 Mbps : 0
526.5 Mbps : 0 540 Mbps : 0
585 Mbps : 0 600 Mbps : 0
650 Mbps : 0 702 Mbps : 0
780 Mbps : 0 866.7 Mbps : 0
877.5 Mbps : 0 975 Mbps : 0
1053 Mbps : 0 1170 Mbps : 0
1300 Mbps : 0
--------------------------------------------------------------------------------
Received frame statistics:
Total frames : 32156
Total frame bytes : 3076192
Unicast frames : 1613
Unicast frame bytes : 102957
Broadcast/Multicast frames : 30543
Broadcast/Multicast frame bytes : 2973235
Fragmented frames : 0
Duplicate frames : 2
FCS failures : 9978084
Decryption errors : 0
Authentication frames : 14
Association frames : 8
Packet statistics by size:
Smaller than or equal to 128 : 25327
Between 128 and 512 (inclusive) : 6097
Between 512 and 1024 (inclusive) : 0
Larger than 1024 : 0
Packet statistics by rate:
1 Mbps : 28718 2 Mbps : 1895
5.5 Mbps : 284 6 Mbps : 29
9 Mbps : 12 11 Mbps : 0
12 Mbps : 10 18 Mbps : 24
24 Mbps : 11 36 Mbps : 5
48 Mbps : 4 54 Mbps : 0
Packet statistics by 802.11n rate:
6.5 Mbps : 45 7.2 Mbps : 0
13 Mbps : 53 13.5 Mbps : 0
14.4 Mbps : 0 15 Mbps : 0
19.5 Mbps : 120 21.7 Mbps : 0
26 Mbps : 136 27 Mbps : 0
28.9 Mbps : 0 29.3 Mbps : 0
30 Mbps : 0 32.5 Mbps : 0
39 Mbps : 59 40.5 Mbps : 0
43.3 Mbps : 0 45 Mbps : 0
52 Mbps : 17 54 Mbps : 0
57.8 Mbps : 0 58.5 Mbps : 20
60 Mbps : 0 65 Mbps : 4
72.2 Mbps : 0 78 Mbps : 0
81 Mbps : 0 86.7 Mbps : 0
87.8 Mbps : 0 90 Mbps : 0
97.5 Mbps : 0 104 Mbps : 0
108 Mbps : 0 115.6 Mbps : 0
117 Mbps : 0 120 Mbps : 0
121.5 Mbps : 0 130 Mbps : 0
135 Mbps : 0 144.4 Mbps : 0
150 Mbps : 0 156 Mbps : 0
162 Mbps : 0 173.3 Mbps : 0
175.5 Mbps : 0 180 Mbps : 0
195 Mbps : 0 200 Mbps : 0
216 Mbps : 0 216.7 Mbps : 0
234 Mbps : 0 240 Mbps : 0
243 Mbps : 0 260 Mbps : 0
263.3 Mbps : 0 270 Mbps : 0
288.9 Mbps : 0 292.5 Mbps : 0
300 Mbps : 0 324 Mbps : 0
325 Mbps : 0 351 Mbps : 0
360 Mbps : 0 364.5 Mbps : 0
390 Mbps : 0 400 Mbps : 0
405 Mbps : 0 433.3 Mbps : 0
450 Mbps : 0 468 Mbps : 0
486 Mbps : 0 520 Mbps : 0
526.5 Mbps : 0 540 Mbps : 0
585 Mbps : 0 600 Mbps : 0
650 Mbps : 0 702 Mbps : 0
780 Mbps : 0 866.7 Mbps : 0
877.5 Mbps : 0 975 Mbps : 0
1053 Mbps : 0 1170 Mbps : 0
1300 Mbps : 0
---------------------------------------------------------------------------------
Table 41 Command output
Field |
Description |
Transmitted frame statistics |
|
Total frames |
Total number of transmitted frames, including probe responses and beacon frames. |
Total frame bytes |
Total bytes of transmitted frames, including probe responses and beacon frames. |
Unicast frames |
Total number of transmitted unicast frames, excluding probe responses. |
Unicast frame bytes |
Total bytes of transmitted unicast frames, excluding probe responses. |
Broadcast/Multicast frames |
Total number of transmitted broadcast and multicast frames, excluding beacon frames. |
Broadcast/Multicast frame bytes |
Total bytes of transmitted broadcast and multicast frames, excluding beacon frames. |
Others frames |
Total number of other transmitted frames. |
Others frame bytes |
Total bytes of other transmitted frames. |
Packet statistics by rate |
Total number of packets classified by 802.11a/b/g rates. |
Packet statistics based on data rate |
Total number of packets classified by 802.11n rates. This field is not available if the device does not support 802.11n. |
Received frame statistics |
|
Total frames |
Total number of received frames. |
Total frame bytes |
Total bytes of received frames. |
Unicast frames |
Total number of received unicast frames. |
Unicast frame bytes |
Total bytes of received unicast frames. |
Broadcast/Multicast frames |
Total number of received broadcast and multicast frames. |
Broadcast/Multicast frame bytes |
Total bytes of received broadcast and multicast frames. |
Total number of received fragmented frames. |
|
FCS failures |
Total number of received packets with FCS failures. |
Decryption errors |
Total number of received packets with decryption errors. |
display wlan statistics client
Use display wlan statistics client to display client statistics.
Syntax
display wlan statistics client [ mac-address mac-address ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
mac-address mac-address: Specifies a client by its MAC address. If you do not specify this option, the command displays statistics for all clients.
Examples
# Display statistics for all clients.
<Sysname> display wlan statistics client
MAC address : 0014-6c8a-43ff
AP name : ap1
Radio ID : 1
SSID : office
BSSID : 000f-e2ff-7700
RSSI : 31
Sent frames:
Back ground : 0/0 (frames/bytes)
Best effort : 9/1230 (frames/bytes)
Video : 0/0 (frames/bytes)
Voice : 2/76 (frames/bytes)
Received frames:
Back ground : 0/0 (frames/bytes)
Best effort : 18/2437 (frames/bytes)
Video : 0/0 (frames/bytes)
Voice : 7/468 (frames/bytes)
Discarded frames:
Back ground : 0/0 (frames/bytes)
Best effort : 0/0 (frames/bytes)
Video : 0/0 (frames/bytes)
Voice : 5/389 (frames/bytes)
Table 42 Command output
Field |
Description |
SSID |
SSID of the service template. |
MAC address |
Client MAC address. |
Back ground |
AC-BK queue. |
Best effort |
AC-BE queue. |
Video |
AC-VI queue. |
Voice |
AC-VO queue. |
display wlan statistics connect-history
Use display wlan statistics connect-history to display client connection history.
Syntax
On ACs:
display wlan statistics connect-history { ap { all | name ap-name } | service-template service-template-name }
On fat APs:
display wlan statistics connect-history service-template service-template-name
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
ap: Specifies APs. (On ACs)
all: Specifies all APs. (On ACs)
name ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).(On ACs)
service-template service-template-name: Specifies a service template by its name.
Examples
# Display the connection history for service template 1.
<Sysname> display wlan statistics connect-history service-template 1
AP name : ap1
Radio ID : 1
Associations : 132
Association failures : 3
Reassociations : 30
Rejections : 12
Abnormal disassociations : 2
Current associations : 57
# Display the connection history for AP ap1.
<Sysname> display wlan statistics connect-history ap name ap1
AP name : ap1
Associations : 1
Reassociations : 0
Failures : 0
Rejections : 0
Abnormal disassociations : 0
Current associations : 1
Current 2G sta : 0
11b sta : 0
11g sta : 0
11gn sta : 0
11gac sta : 0
11gax sta : 0
Current 5G sta : 0
11a sta : 0
11an sta : 0
11ac sta : 2
11ax sta : 0
Received bytes :1000
Sent bytes : 2000
display wlan statistics service template
Use display wlan statistics service-template to display service template statistics.
Syntax
display wlan statistics service-template service-template-name
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
service-template-name: Specifies a service template by its name.
Examples
# Display statistics for service template 1.
<Sysname> display wlan statistics service-template 1
AP name : ap1
Radio ID : 1
Received:
Frame count : 1713
Frame bytes : 487061
Data frame count : 1683
Data frame bytes : 485761
Association request count : 2
Sent:
Frame count : 62113
Frame bytes : 25142076
Data frame count : 55978
Data frame bytes : 22626600
Association response count : 2
display wlan whitelist
Use display wlan whitelist to display whitelist entries.
Syntax
display wlan whitelist
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display whitelist entries.
<Sysname> display wlan whitelist
Total number of clients: 3
MAC addresses:
000e-35b2-000e
0019-5b8e-b709
001c-f0bf-9c92
display wlan wt
Use display wlan wt to display wireless terminator (WT) information and information about the wireless terminator units (WTUs) connected to it.
Syntax
display wlan wt { all | name wt-name }
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Specifies all WTs.
name wt-name: Specifies a WT by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Examples
# Display information about all WTs.
<Sysname> display wlan wt all
WT name : wt1
Model : WT1020
Serial ID : 219801A0SS9156G00072
MAC address : 0000-f3ea-0a3e
WTU number : 2
Wireless Terminator Unit:
---------------------------------------------------------
WTU name Port Model Serial ID
---------------------------------------------------------
wtu1 1 WTU430 219801A0SS9156G00185
wtu2 2 WTU430 219801A0SS9156G00133
WT name : wt2
Model : WT1020
Serial ID : 219801A0SS9156G00068
MAC address : 0000-f3ea-0a3a
WTU number : 2
Wireless Terminator Unit:
---------------------------------------------------------
WTU name Port Model Serial ID
---------------------------------------------------------
wtu3 3 WTU430 219801A0SS9156G00054
Wtu4 4 WTU430 219801A0SS9156G00167
Table 43 Command output
Fields |
Description |
WTU number |
Number of WTUs that are connected to the WT. |
Wireless Terminator Unit |
WTU information. |
Port |
Port that connects the WT to a WTU. |
wlan ap-execute exec-console enable
Use wlan ap-execute exec-console enable to enable the execution console for an online AP.
Use wlan ap-execute exec-console disable to disable the execution console for an online AP.
Syntax
wlan ap-execute ap-name exec-console { disable | enable }
Default
When an AP comes online, the execution console is automatically disabled. When the AP goes offline, the execution console is automatically enabled.
Views
Probe view
Predefined user roles
network-admin
Parameters
ap-name: Specifies an AP by its name, a case-sensitive string of 1 to 64 characters. The string can contain letters, digits, underscores (_), dots (.), left brackets ([), right brackets (]), forward slashes (/), and hyphens (-).
Usage guidelines
When the execution console of an AP is disabled, users cannot log in to the AP through the console port or through Telnet. This command does not affect logged-in users.
wlan ap-link-test
Use wlan ap-link-test to test the CAPWAP tunnel performance.
Syntax
wlan ap-link-test { ipv4-address | ipv6-address } [ destination port-number | source port-number | packet-length value | { burst | continuous } rate rate time time ] *
Views
Probe view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies an AP by its IPv4 address.
ipv6-address: Specifies an AP by its IPv6 address.
destination port-number: Specifies the destination UDP port in the range of 1 to 65535. The default destination UDP port is 5246.
source port-number: Specifies the source UDP port in the range of 1 to 65535. The default source UDP port is 5246.
packet-length value: Specifies the tested packet length in bytes. The value range for the value argument is 66 to 2048. The default value is 128.
burst: Enables burst packet-sending mode. Fragmented packets are sent at a one-time attempt every 1 second.
continuous: Enables continuous packet sending mode. Fragmented packets are sent every 10 milliseconds within a second. If all fragmented packets are sent within a second, the device does not send packets until the next second starts.
rate rate: Specifies the packet transmit rate in packets per second. The value range for the rate argument is 1 to 10000.
time time: Specifies the test duration in seconds. The value range for the time argument is 1 to 100.