ArubaOS 8.x AP Console Protection

Recent versions of ArubaOS 8.x  have introduced the concept of AP console protection.

 

This includes default enablement of:

  • AP console protection (a password is required to access the CLI)
  • a randomized password (is automatically applied to protect your console)

To see that randomized password:

  • find your AP's Controller

    • on your Mobility Conductor (formerly known as Mobility Master)
      • #cd /mm
      • #show ap database
        • find the AP your interested in, notice it's Group and switch IP
(MM-1) [mm] #show ap database
           
AP Database
-----------
Name  Group    AP Type  IP Address   Status    Flags  Switch IP    Standby IP
----  -----    -------  ----------   ------    -----  ---------    ----------
AP1   default  335      10.1.13.150  Up 9m:0s  2      10.1.13.100  0.0.0.0
      • #logon "your switch IP"
        • notice you just performed a SSO logon to your gateway/controller
    • on your Mobility Controller
      • #show ap-group <your ap-group> | include "AP system profile"
        • notice the profile-name in the output
        • replace" Group" with the group name in the show ap database output
(MC1) [MDC] #show ap-group default | include "system profile"
AP system profile                        default  
      • #encrypt disable
        • allow your passwords to be displayed on your show output
        • "encrypt enable" should automatically be applied after a few minutes
      • #show ap system-profile "profile-name" | include Password
        • notice you AP Console Password in the output
(MC1) [MDC] #show ap system-profile default | include Password
AP Console Password                        4636a15d+|H!~.

Change the AP Console randomized password to "aruba123":

    • on your Mobility Conductor
        • #cd /md
        • #configure terminal
        • #ap system-profile default
        • #ap console-password aruba123
        • write memory
    (MM-1) [mm] #cd /md
    (MM-1) [md] #configure terminal
    Enter Configuration commands, one per line. End with CNTL/Z

    (MM-1) [md] (config) #ap system-profile default
    (MM-1) ^[md] (AP system profile "default") #ap-console-password aruba123
    (MM-1) ^[md] (AP system profile "default") #write memory 

    Disable the AP Console password

          • #cd /md
          • #configure terminal
          • #ap system-profile default
          • #no ap console-protection
          • write memory
      (MM-1) [mm] #cd /md
      (MM-1) [md] #configure terminal
      Enter Configuration commands, one per line. End with CNTL/Z

      (MM-1) [md] (config) #ap system-profile default
      (MM-1) ^[md] (AP system profile "default") #no ap-console-protection
      (MM-1) ^[md] (AP system profile "default") #write memory 

      Comments

      Post a Comment

      Popular posts from this blog

      NET::ERR_CERT_INVALID Issues Using AirWave or NetEDIT with Chrome

      Image
      Using Chrome to login to Aruba Airwave or NetEdit with Unsupported Certificate.   Lately Chrome, Opera, Safari, etc... all but Firefox won't allow connection to ArubaNetworks Airwave with it's self-signed cert installed.  I has this issue with Airwave 8.2.11.  This also works with for similar errors on NetEdit 2.04. There is a workaround for Chrome...  while you are stuck with this issue:   NET::ERR_CERT_INVALID Click anywhere on the rendered page with the error, and simply type: thisisunsafe no need to press enter, just type it in, and you can proceed without probems!!! Credit to Hai Zheng of Twitter for this tip !!! If you think I should add or remove any information from this list, please let me know your thoughts.
      Read more

      PowerPoint VBA Series - How to loop through each PPTX's Slide Master(s) and it's related Layouts

      Image
      Looping through Slide Master Layouts Summary: what is demonstrated in this example? determine how many, then loop through how many Slide Masters you have determine how many, then loop through each custom layout of each Slide Master determine if any shape is out of bounds of the Slide Master height if the shape meets certain required conditions set the activewindow so the user can see the slide being examined select the shape with your matching conditions, making it visible to the use later call a subroutine/function to act on your shape pass variables to a subroutine use a case statement that evaluates your shape.type use a msgbox to ask to user what do do with the matching shape If you need to use VBA to update your Slide Master and it's Layouts First, there may be more than one Slide Master, and each SM will likely have multiple layouts. modify the SM, then loop through each of it's layouts to modify them as well repeat for each SM, if more than one exists In the following ex
      Read more