Compare Products
Hide
VS
Please rate this document.
Please leave your suggestions here.
200 characters leftIf Ruijie may contact you for more details, please leave your contact information here.
* I understand and agree to Terms of Use and acknowledge Ruijie's Privacy Policy.
Thank you for your feedback!
Default Settings
AC:No default IP address.
AP:Default IP address is 192.168.110.1(or 192.168.1.1), and both console & telnet password are "admin", default enable password is "apdebug"
Following wall AP have different default settings
AP120-W
In Fit mode, IP address of both LAN port and Uplink port IP are 192.168.110.1/24
In Fat mode, IP address of LAN port is 192.168.111.1/24; IP address of Uplink port is 192.168.110.1/24
AP110-W
IP address of Rear panel is 192.168.110.1/24
IP address of Front panel is 192.168.111.1/24
Connect cables as below diagram
Cables
console cable, USB to RS232 cable
Putty
Open software Putty, set baud rate to 9600
I. Network Topology
II. Configuration Steps
Configuring Telnet& enable password on AC
Ruijie>enable
Ruijie#configure terminal
Ruijie(config)#interface vlan 1
Ruijie(config-if-vlan 1)#ip address 192.168.1.1 255.255.255.0
Ruijie(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.2
Ruijie(config)#line vty 0 4
Ruijie(config-line)#password ruijie
Ruijie(config-line)#login
Ruijie(config)#enable password ruijie
Configuring Telnet & Enable password on AP
Console connect to device and set passwords, default ap-mode is fit.
User Access Verification
Password: default password is "ruijie"
Ruijie>
Ruijie>enable
Password: default password is "apdebug"
Ruijie#configure terminal
Ruijie(config)#interface bvi 1
Ruijie(config-if-bvi 1)#ip address 192.168.1.1 255.255.255.0
Ruijie(config-if-bvi 1)#interface gigabitEthernet 0/1
Ruijie(config-if-GigabitEthernet 0/1)#encapsulation dot1Q 1
%Warning: Remove all IP address.
Ruijie(config-if-GigabitEthernet 0/1)#exit
Ruijie(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.2
Ruijie(config)#line vty 0 4
Ruijie(config-line)#password ruijie
Ruijie(config-line)#login
Ruijie(config)#enable password ruijie
Note: when ap-mode change from fit to fat, the default password changes as follow:
User Access Verification
Password: default password is "admin"
Ruijie>
Ruijie>enable
Password: no default password
Ruijie#configure terminal
III. Verification
Save configuration
Ruijie(config)#end
Ruijie#write
Note:
windows7&8 telent client function is not enabled by default, you need to enable the telnet functionality.
Taking Windows 7 as an example:
Control panel - procedures and functions - to open or close the windows function - check the telnet client - select "to determine"
I. Network Topology
II. Configuration Steps
Configuring SSH on AC
Ruijie>enable
Password:
Ruijie#configure terminal
Ruijie(config)#enable service ssh-server
Ruijie(config)#crypto key generate dsa
Choose the size of the key modulus in the range of 360 to 2048 for your
Signature Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]:
% Generating 512 bit DSA keys. ..[ok]
Ruijie(config)#interface vlan 1
Ruijie(config-if-VLAN 1)#ip address 192.168.1.1 255.255.255.0
Ruijie(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.2
Ruijie(config)#enable password ruijie
Method 1:Login with password
Ruijie(config)#line vty 0 4
Ruijie(config-line)#password ruijie
Ruijie(config-line)#login
Ruijie(config-line)#end
Ruijie#write
Building configuration...
[OK]
Ruijie#
Method 2:Login with username & password
Ruijie(config)#line vty 0 4
Ruijie(config-line)#login local
Ruijie(config-line)#exit
Ruijie(config)#username admin password ruijie
Ruijie(config)#end
Ruijie#write
Building configuration...
[OK]
Ruijie#
III. Verification
Open Putty, choose Connection type "SSH", input IP address.
To display SSH service status, execute following commands
I. Network Topology
II. Configuration Steps
Configuring WEB GUI on AC
Ruijie#configure terminal
Ruijie(config)#enable service web-server
Ruijie(config)#vlan 1
Ruijie(config-vlan)#interface vlan 1
Ruijie(config-if-VLAN 1)#ip address 192.168.1.1 255.255.255.0
Ruijie(config-if-VLAN 1)#exit
Ruijie(config)#webmaster level ?
<0-2> Web auth privilege level (0 is the highest level)
Ruijie(config)#webmaster level 0 username ruijie password ruijie
Ruijie(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.254
Note:
1. AM5528 does not support web management.
1. Only user “admin” and “ruijie” could be created on cli page, for other account, If you have the web management requirements, please create it on web interface, relative err prompt are shown as follow:
III. Verification
Visit web GUI at http://192.168.1.1, it is recommended that access WEB GUI with IE 8.0 and above version in compatible mode.
If administrator forgot IP address of Wall-AP, and do not want to recover factory setting, follow below steps:
1. Power on AP, and connect AP as below diagram:
1. Open packet capture tool, here take Wireshark as example:
1. Check ARP packets, and 192.168.51.54 is correct IP
1. Try to telnet AP
1. If above method doesn't work, suggest to restore factory default.
I. Network Topology
II. Requirements
1. Visit official website at www.ruijienetworks.com to request firmware.
1. Run TFTP Server, and put AP&AC firmware in the same folder. Here take Ruijie TFTPServer as example.
TFTP Server should be able to communicate with AC.
1. AC has built CAPWAP tunnel with APs
1. Read Release Note carefully, pay attention to the "upgrade file"
1. DO NOT restart or POWER OFF AC&AP during upgrades.
1. Login AC CLI via console, telnet or SSH.
III. Configuration Steps
Upgrading AC
Attention:In hot-backup scenario, please remove all networks cables on ACs in case of synchronization issue caused by inconsistent firmware.
1. Display current firmware version and backup relative configuration files.
Ruijie# copy flash:config.text tftp://192.168.1.100/config.text --->backup the configuration files of AC to TFTP Server.
Ruijie# copy flash:ap-config.text tftp://192.168.1.100/ap-config.text ---> backup the configuration of AP to TFTP Server.
Ruijie#show version detail
System description : Ruijie 10G Wireless Switch(WS6008) By Ruijie Networks.
System uptime : 0:02:15:24
System hardware version: 1.0
System software version: AC_RGOS 11.1(5)B80P3, Release(04131820)
System patch number : NA
System software number : M20361001182017
System serial number : 1234942570002
System boot version : 2.0.19.97cfa98(161210)
System core version : 2.6.32.355270930a6bde
System cpu partition : 4-11
1. Transfer new firmware to AC, execute below commands:
Ruijie#upgrade download tftp://192.168.1.100/rgos.bin
III. Verification
After reloading, execute command "show version" to verify firmware version.
Ruijie#show version detail
System description : Ruijie 10G Wireless Switch(WS6008) By Ruijie Networks.
System uptime : 0:02:15:24
System hardware version: 1.0
System software version: AC_RGOS 11.1(5)B80P3, Release(04131820)
System patch number : NA
System software number : M20361001182017
System serial number : 1234942570002
System boot version : 2.0.19.97cfa98(161210)
System core version : 2.6.32.355270930a6bde
System cpu partition : 4-11
Upgrading Fit APs
Attention:Generally, the fit ap and ac can work normally only when the versions of them are consistent
1. Display current ap firmware version on AC, execute commands "show version all"
Ruijie#show version detail
System description : Ruijie Indoor AP330-I (802.11a/n and 802.11b/g/n) By Ruijie Networks.
System start time : 1969-12-31 23:59:59
System uptime: 0:00:01:09
System hardware version: 1.10 ------>hardware version
System software version: AP_RGOS 11.1(5)B3, Release(02160403)------>software version
System patch number : NA
System software number : M03112104042015
System serial number: G1GDB16019485
System boot version : 1.1.1.6822c2a(140920)
System core version : 2.6.32.ab930e7d22374b
1. To transfer AP new firmware to AC, execute below commands:
Ruijie#copy tftp://192.168.1.100/330.bin flash:330.bin
Press Ctrl+C to quit
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Copy success
1. To configure ap-serial, execute below commands:
Ruijie(config)#ac-controller
Ruijie(config-ac)#active-bin-file flash:330.bin
Ruijie(config-ac)#ap-image auto upgrade
1. After AP reloading, APs will establish CAPWAP tunnel with AC.
III. Verification
1. Display AP upgrading progress, execute commands "show ap-config updating-list"
Ruijie#show ap-config updating-list
AP NAME AP PID File Tx Time AP Reset Ready
---------------------- --------------- -------- ------------ -----------
AP330-I AP330-I 20 % 00:00:06 N
1. Display current ap firmware version on AC, execute commands "show version all"
Ruijie>show version
System description : Ruijie Indoor AP330-I (802.11a/n and 802.11b/g/n) By Ruijie Networks.
System start time : 1970-01-01 00:00:01
System uptime: 0:00:01:52
System hardware version: 1.10
System software version: AP_RGOS 11.1(5)B5, Release(02182520)
System patch number : NA
System serial number: G1GDB16019485
System boot version : 1.1.1
I. Network Topology
II. Requirements
1. Visit official website at www.ruijienetworks.com to request firmware.
1. Run TFTP Server, and put AP firmware in the same folder. Here take Ruijie TFTPServer as example.
TFTP Server should be able to communicate with AP.
1. Read Release Note carefully, pay attention to the "upgrade file"
1. DO NOT restart or POWER OFF AP during upgrades.
1. Login AP CLI via console, telnet or SSH.
Attention: Wall APs, like AP130 (W2) & AP130L, do not have console port. See Device Management -->Conventions to learn the default IP address.
III. Configuration Steps
Upgrading FAT APs
1. Backup configuration files to TFTP Server, and display current firmware version
Ruijie#copy flash:config.text tftp://192.168.1.100/config.text --->backup configuration files of AP to TFTP Server
Ruijie#show version detail ---> check version
System description : Ruijie Indoor AP330-I (802.11a/n and 802.11b/g/n) By Ruijie Networks.
System start time : 1969-12-31 23:59:59
System uptime: 0:00:01:09
System hardware version: 1.10
System software version: AP_RGOS 11.1(5)B3, Release(02160403)
System patch number : NA
System software number : M03112104042015
System serial number : G1GDB16019485
System boot version : 1.1.1.6822c2a(140920)
System core version : 2.6.32.ab930e7d22374b
1. Display current ap mode
AP320#show ap-mode
current mode: fat
AP320#
1. Transfer new firmware to AP, execute below commands:
Ruijie#upgrade download tftp://192.168.1.100/330-b5.bin
Upgrade the device must be auto-reset after finish, are you sure upgrading now?[Y/n]y
Running this command may take some time, please wait.
Please wait for a moment......
Press Ctrl+C to quit
!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!.!!!
Begin to upgrade the install package 330-b5.bin... --->reload automatically
*Jan 1 00:03:52: %7: Upgrade processing is 10%
Uncompress file 330-b5.bin. .......
IV. Verification
After reloading, execute command "show version" to verify firmware version.
Ruijie#show version detail
System description : Ruijie Indoor AP330-I (802.11a/n and 802.11b/g/n) By Ruijie Networks.
System start time : 1970-01-01 00:00:01
System uptime: 0:00:01:09
System hardware version: 1.10
System software version: AP_RGOS 11.1(5)B5, Release(02182520)
System patch number : NA
System software number : M20085306252015
System serial number : G1GDB16019485
System boot version : 1.1.1.6822c2a(140920)
System core version : 2.6.32.720c78d1a03d63
I. Network Topology
II. Requirements
1. Visit official website at www.ruijienetworks.com to request firmware..
1. Run TFTP Server, and put AP&AC firmware in the same folder. Here take Ruijie TFTPServer as example.
TFTP Server should be able to communicate with AC.
1. AC has built CAPWAP tunnel with APs
1. Read Release Note carefully, pay attention to the "upgrade file"
1. DO NOT restart or POWER OFF AC&AP during upgrades.
1. Login AC CLI via console, telnet or SSH.
III. Configuration Steps
Upgrading AC
Attention:In hot-backup scenario, please remove all networks cables on ACs in case of synchronization issue caused by inconsistent firmware.
1. Display current firmware version and backup relative configuration files.
Ruijie#copy flash:config.text tftp://172.18.158.204/config.text --->backup the configuration files of AC to TFTP Server.
Ruijie#copy flash:ap-config.text tftp://172.18.158.204/ap-config.text ---> backup the configuration of AP to TFTP Server.
1. Transfer new firmware to AC, execute below commands:
Ruijie#copy tftp://172.18.158.204/AC_RGOS10.x_TO_11.x(Mid)_G1C5-01_02172111.bin flash:rgos.bin
After reloading, execute command "show version" to verify firmware
1. Because the configuration files will lost when upgrade to mid version, need to import the config.text, and test the connection between AC and terminal, then Downgrade AC to target version 11.x
Ruijie#upgrade download tftp://192.168.1.100/AC_RGOS11.1(5)B8_G1C5-01_03151003_install.bin
IV. Verification
After reloading, execute command "show version" to verify firmware version
Upgrading Fit APs
1. Transfer 11.x and mid version of AP to AC, execute below commands:
Ruijie#copy tftp://172.18.158.204/AP_RGOS10.x_TO_11.x(Mid)_S2C3-01_02201910.bin flash:ap530-mid.bin
Ruijie#copy tftp://172.18.158.204/AP_RGOS11.1(5)B8_S2C3-01_03151007_install.bin flash:ap530.bin
1. To configure ap-serial, execute below commands:
Ruijie(config)#ac-controller
Ruijie(config-ac)#active-bin-file ap530-mid.bin rgos10
Ruijie(config-ac)#active-bin-file ap530.bin
Ruijie(config-ac)#ap-serial ap530 AP530-I hw-ver 1.x
Ruijie(config-ac)#ap-image ap530-mid.bin ap530
Ruijie(config-ac)#ap-image ap530.bin ap530
IV. Verification
1. After reloading, execute command "show version" to verify firmware version
1. After AP reloading, APs will build CAPWAP tunnel with AC.
I. Network Topology
II. Requirements
1. Visit official website at www.ruijienetworks.com to request firmware.
1. Run TFTP Server, and put AP firmware in the same folder. Here take Ruijie TFTPServer as example.
TFTP Server should be able to communicate with AP.
1. Read Release Note carefully, pay attention to the "upgrade file"
1. DO NOT restart or POWER OFF AP during upgrades.
1. Login AP CLI via console, telnet or SSH.
Attention: Upgrade from 10.X to 11.X, configuration will lost, backup the configuration before downgrading; need to downgrade to mid version first.
III. Configuration Steps
Upgrading FAT APs
1. Backup configuration files to TFTP Server, and display current firmware version
Ruijie#copy flash:config.text tftp://192.168.111.2/config.text --->backup configuration files of AP to TFTP Server
1. Display current ap mode
Ruijie#show ap-mode
current mode: fat
1. Transfer new firmware to AP, execute below commands:
Ruijie#copy tftp://192.168.111.2/AP_RGOS10.x_TO_11.x(Mid)_S2C3-01_02201910.bin flash:rgos.bin
Upgrade the device must be auto-reset after finish, are you sure upgrading now?[Y/n]y
Running this command may take some time, please wait.
Please wait for a moment......
Press Ctrl+C to quit
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Verification
1. downgrade to target version 11.x
Ruijie# upgrade download tftp://192.168.111.2/AP_RGOS11.1(5)B8_S2C3-01_03151007_install.bin
1. reload and verification
I. Network Topology
II. Requirements
1. Visit official website at www.ruijienetworks.com to request firmware.
1. Run TFTP Server, and put AP firmware in the same folder. Here take Ruijie TFTPServer as example.
TFTP Server should be able to communicate with AP.
1. Read Release Note carefully, pay attention to the "upgrade file"
1. DO NOT restart or POWER OFF AP during upgrades.
1. Login AP CLI via console, telnet or SSH.
Attention: Downgrade from 11.X to 10.X, configuration will lost, backup the configuration before downgrading; need to downgrade to mid version first.
III. Configuration Tips
Downgrading FIT APs
1. Backup configuration files on ac
1. Transfer mid version of AP to AC
TFTP Server should be able to communicate with AC.
1. Active version of AP
1. Read Release Note carefully, pay attention to the "downgrade file"
1. DO NOT restart or POWER OFF AC&AP during upgrades.
1. Login AC CLI via console, telnet or SSH.
IV. Configuration Steps
Downgrading AC
Attention:In hot-backup scenario, please remove all networks cables on ACs in case of synchronization issue caused by inconsistent firmware.
1. Display current firmware version
Downgrading Fit APs
1. To transfer AP new firmware to AC, execute below commands:
Ruijie#copy tftp://192.168.1.100/AP_RGOS11.1(2)B1_AP320_v2.0_degrade.bin flash:320-mid.bin
2 To configure ap-serial, execute below commands:
Ruijie#config terminal
Ruijie(config)#ac-controller
Ruijie(config-ac)#active-bin-file 320-mid.bin
Ruijie(config-ac)#ap-serial ap320 AP320-I hw-ver 1.x
Ruijie(config-ac)#ap-image ap320-mid.bin ap320
Ruijie(config-ac)#end
Ruijie#wr
1. telnet APs and verify the current version
Ruijie#show version
System description : Ruijie Indoor AP320-I (802.11a/n and 802.11b/g/n) By Ruijie Networks.
System start time : 1970-01-01 0:0:0
System uptime: 0:0:0:44
System hardware version: 1.10
System software version: RGOS 10.4(1b19)p2, Release(175879)
System boot version : 10.4.155446(Master), 10.4.155446(Slave) -àmid version of AP
System serial number : G1GDC13025434
1. Downgrade AC from 11.X to 11.X_to_10.X(Mid), execute below commands:
Ruijie#upgrade download tftp://172.18.158.204/AC_RGOS11.x_TO_10.x(Mid)_G1C5-02_02172016.bin force
Verification
After reloading, execute command "show version" to verify firmware
1. Because the configuration files will lost when downgrade to mid version, need to import the config.text, and test the connection between AC and terminal, then Downgrade AC to target version 10.x
Ruijie#copy tftp://172.18.158.205/WLAN-AC-50XX_10.4(1b19)p2_R179742.bin flash:rgos.bin
Ruijie#reload
Verification
1. After downgrading the AC, the configuration will loss, need to import the ac configuration.
Ruijie#copy tftp://192.168.1.100/config.text flash:config.text
Ruijie#copy tftp://192.168.1.100/ap-config.text flash:ap-config.text
Ruijie#reload
1. Downgrade AP to target version 10.x
Ruijie#copy tftp://192.168.1.100/AP320_10.4(1b19)p2_R179742.bin flash 320I.bin
Ruijie#configure terminal
Ruijie(config)#ac-controller
Ruijie(config-ac)#active-bin-file 320I.bin
Ruijie(config-ac)#ap-serial ap320 AP320-I hw-ver 1.x
Ruijie(config-ac)#ap-image 320I.bin ap320
Ruijie(config-ac)#end
Ruijie#wr
V. Verification
Ruijie#show version
System description : Ruijie Indoor AP320-I (802.11a/n and 802.11b/g/n) By Ruijie Networks.
System start time : 2015-01-05 12:37:41
System uptime: 4:0:24:8
System hardware version: 1.10
System software version: RGOS 10.4(1b19)p2, Release(179742)
System boot version : 10.4.155446(Master), 10.4.155446(Slave)
System serial number : G1GD91300419A
I. Network Topology
II. Requirements
1. Visit official website at www.ruijienetworks.com to request firmware.
1. Run TFTP Server, and put AP firmware in the same folder. Here take Ruijie TFTPServer as example.
TFTP Server should be able to communicate with AP.
1. Read Release Note carefully, pay attention to the "upgrade file"
1. DO NOT restart or POWER OFF AP during upgrades.
1. Login AP CLI via console, telnet or SSH.
Attention: Downgrade from 11.X to 10.X, configuration will lost, backup the configuration before downgrading; need to downgrade to mid version first.
III. Configuration Steps
Downgrading FAT APs
1. Backup configuration files to TFTP Server, and display current firmware version
Ruijie#copy flash:config.text tftp://192.168.111.2/config.text --->backup configuration files of AP to TFTP Server
1. Display current ap mode
Ruijie#show ap-mode
current mode: fat
1. Transfer new firmware to AP, execute below commands:
Ruijie#upgrade download tftp://192.168.111.2/AP_RGOS11.x_TO_10.x(Mid)_S2C3-01_02180712.bin
Upgrade the device must be auto-reset after finish, are you sure upgrading now?[Y/n]y
Running this command may take some time, please wait.
Please wait for a moment......
Press Ctrl+C to quit
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*Jan 1 00:04:27: %7:
*Jan 1 00:04:27: %7: Begin to upgrade the install package AP_RGOS11.x_TO_10.x(Mid)_S2C3-01_02180712.bin...
*Jan 1 00:04:27: %7: Upgrade processing is 10%
RG-UPGRADE:package.c:621]Old md5 value(/rootfs.ubi):
[RG-UPGRADE:rpm_opt.c:374]:e2d4e747428247db1ca518ade88d0bb1
Verification
1. downgrade to target version 10.x
Ruijie#copy tftp://192.168.111.2/AP530-PPC_10.4(1b19)p2_R179742.bin flash:rgos.bin
1. reload and verification
I. Network Topology
II. Requirements
1. Generally, we recover firmware under BOOT mode if we deletes firmware on Main Mode by mistake, firmware broken or any other unknown reasons that devices cannot boot up and enter Main Mode.
1. Finish reading Device Management --> System Management --> Firmware Upgrade, have knowledge of how to transfer firmware with TFTP server.
1. It's applicable for both AC and APs with console port. Not applicable for Wall APs without console port.
Note: remember to turn off Windows Defender protection and system firewall.
III. Configuration Steps
1. Restart devices, press "CTRL + C" when system prompts, enter BOOT Mode, Input 0
1. Input 1, then upgrade firmware with the following steps.
1. Input "yes"
1. Press "CTRL+Z" return to upper level, then choose "2" to run main
IV. Verification
Devices succeed to enter Main mode, execute command "show version", check the firmware version.
Ruijie#show version
I. Network Topology
II. Requirements
1. Generally, we recover firmware under BOOT mode if we deletes firmware on Main Mode by mistake, firmware broken or any other unknown reasons that devices cannot boot up and enter Main Mode.
1. Finish reading Device Management --> System Management & --> Firmware Upgrade, have knowledge of how to transfer firmware with TFTP server.
III. Configuration Steps
1. Open Wireshark, load a packet capture process as below. AP 192.168.64.163 lost firmware and is requesting 192.168.64.1 for firmware.
1. Assign IP address 192.168.64.1 to laptop, enable TFTP Server and also prepare the firmware.
1. Edit a notepad name as "FileList.txt", put it in the same folder as shown above, the content is the firmware name you're going to transfer
1. AP will begin downloading firmware soon, verify by viewing TFTP Server connection status.
1. AP will reload when finish recovering firmware
IV. Verification
Login AP via telnet and AP is recovered.
I. Network Topology
II. Requirements
1. Finish reading System Management --> Console Management.
1. Login AC CLI via Console.
III. Configuration Steps
Recovering AC password (configuration file remains)
1. Power off AC, then power up.
1. Press CTRL + C, enter CTRL mode.
1. Input CTRL+Q, enter uboot mode. And then input "main_config_password_clear"
1. Device will reload automatically.
1. When finish reloading, enter CLI without input password.
Note: The default timeout period is 10min. Please change your password before time out.
1. Change password, and then use the command “wr” to save your configuration.
1. save configuration
Re-login AC, execute commands "show runing-config" to check configurations.
I. Requirements
1. Finish reading Device Management --> System Management
1. Login CLI via console, telnet or SSH
II. Configuration Steps
Execute command "dir" to check file system
Ruijie#dir
Mode Link Size MTime Name
-------- ---- --------- ------------------- ------------------
1 1600 1970-01-02 01:31:10 config.text
1 11729 2015-06-18 02:03:26 cw_teardown_info.txt
<DIR> 1 0 1970-01-01 00:00:00 dev/
1 33 2015-06-03 00:04:25 dhcp_bind.dat
<DIR> 4 0 1970-01-01 00:00:18 pkistore/
<DIR> 5 0 1970-01-01 00:00:11 portal/
<DIR> 0 0 1970-01-01 00:00:00 proc/
<DIR> 1 0 1970-01-01 00:00:01 ram/
1 1529 2015-03-09 16:31:28 reset.txt
1 8359680 2015-03-09 16:31:26 rgos.bin
<DIR> 2 0 1970-01-01 00:00:08 tmp/
1 150740 1970-01-01 00:00:12 ucs_big5.db
1 239708 1970-01-01 00:00:12 ucs_gb.db
<DIR> 4 0 1970-01-01 00:00:12 web/
1 2766752 1970-01-01 00:00:10 web_management_pack.upd
--------------------------------------------------------------
12 Files (Total size 12243866 Bytes), 7 Directories.
Total 132120576 bytes (126MB) in this device, 115515392 bytes (110MB) available.
"config.text" is configuration file, execute commands "del config.text" to set factory default
Ruijie#del config.text
Are you sure you want to delete "config.text"?[Yes/No]y
Ruijie#reload
Processed with reload? [no]y
After reloading, execute commands "show running-config" to check configuration.
I. Requirements
1. Finish reading Device Management --> System Management
1. Login CLI via console, telnet or SSH
II. Configuration Steps
Restore Factory Default
AC#conf t
AC(config)#ac-controller
AC(config-ac)#reset ?
all Reset the all APs in this AC.
single Reset the single ap.
Then the fit ap will restart automatically.
III. Verification
After reloading, execute commands "show running-config" to check configuration.
Especially, for Wall AP including AP110W, AP120W, AP130W
Long press "reset" button more than 8 seconds to set factory default.
I. Requirements
1. Finish reading System Management
1. Login device CLI via Console, telnet or SSH.
II. Configuration Steps
Execute command "dir" to check file system
WS6008#dir
Directory of flash:/
Number Properties Size Time Name
------ ---------- ------ ------------------------ --------------------
1 drwx 160B Mon Oct 10 19:27:37 2016 dev
2 drwx 160B Mon Mar 21 17:32:15 2016 rep
3 drwx 224B Mon Mar 21 17:32:16 2016 var
4 drwx 160B Mon Oct 10 19:27:40 2016 addr
5 -r-- 4.1k Wed Nov 2 16:27:00 2016 tmp_env.txt
6 -rwx 5.0k Mon Mar 21 17:32:36 2016 hwd.db
7 -rw- 2.9k Tue Oct 11 12:39:39 2016 virtual_switch.text
8 drwx 304B Mon Mar 21 17:32:42 2016 security
9 -rwx 180B Fri Nov 4 16:48:45 2016 config_vac.dat
10 -rw- 14.8k Fri Nov 4 16:48:46 2016 config.text
11 -rwx 384B Thu Sep 29 10:21:54 2016 LIC-WLAN-AP-3200000003956646.lic
12 -rwx 18B Mon Sep 26 17:35:26 2016 test.txt
13 -rw- 718B Tue Oct 11 09:14:18 2016 ap-standalone.text
14 -rwx 696B Mon Mar 21 17:32:30 2016 httpd_cert.crt
15 -rwx 21B Fri Nov 4 16:48:45 2016 syslog_rfc5424_flag.txt
16 drwx 424B Tue Mar 29 16:50:43 2016 portal
17 -rwx 44.4M Mon Oct 31 18:20:17 2016 AM_RGOS11.1(5)B9_G1B5-01_03211300_install.bin
18 -rwx 620B Tue Oct 11 12:39:27 2016 rsa_private.bin
19 -rwx 336B Sun Oct 30 15:32:36 2016 dsa_private.bin
20 -rw- 5.8k Thu Jun 30 14:35:03 2016 text.bak
21 -rwx 384B Wed Oct 12 17:17:05 2016 LIC-WLAN-AP-3200000003466646.lic
22 drwx 296B Thu Oct 13 13:45:02 2016 upgrade
23 drwx 160B Fri Nov 4 09:36:26 2016 tech_vsd0
24 drwx 448B Thu Sep 29 11:24:06 2016 rg_licns
25 drwx 312B Mon Oct 10 19:57:36 2016 syslog
26 -rw- 147B Tue Oct 11 12:39:39 2016 ap-virtual_switch.text
27 -rw- 723B Fri Nov 4 16:48:46 2016 ap-config.text
28 -rwx 187.1k Fri Nov 4 18:27:03 2016 log-13-may-5.txt
29 -rwx 77.8M Mon Oct 31 20:23:11 2016 AC_RGOS11.1(5)B9_G2C6-01_03201812_install.bin.up.tmp
30 -rwx 887B Mon Mar 21 17:32:30 2016 httpd_key.pem
31 -rw- 8.9k Tue Oct 11 09:14:18 2016 standalone.text
21 files, 10 directories
281,903,104 bytes data total (155,267,072 bytes free)
536,870,912 bytes flash total (155,267,072 bytes free)
"config.text" is configuration file, execute commands "copy flash:config.text flash:config.bak" to backup configuration file
"ap-config.text" is ap configuration file, execute commands "copy flash:ap-config.text flash:ap-config.bak" to backup ap configuration file
Ruijie#
Ruijie#copy flash:config.text flash:config.bak
Ruijie#copy flash:ap-config.text flash:ap-config.bak
III. Verification
To view backup file, execute command "dir" to display filesystem. The file size should match.
WS6008#dir
Directory of flash:/
Number Properties Size Time Name
------ ---------- ------ ------------------------ --------------------
1 drwx 160B Mon Oct 10 19:27:37 2016 dev
2 drwx 160B Mon Mar 21 17:32:15 2016 rep
3 drwx 224B Mon Mar 21 17:32:16 2016 var
4 drwx 160B Mon Oct 10 19:27:40 2016 addr
5 -r-- 4.1k Wed Nov 2 16:27:00 2016 tmp_env.txt
6 -rwx 5.0k Mon Mar 21 17:32:36 2016 hwd.db
7 -rw- 2.9k Tue Oct 11 12:39:39 2016 virtual_switch.text
8 drwx 304B Mon Mar 21 17:32:42 2016 security
9 -rwx 180B Fri Nov 4 16:48:45 2016 config_vac.dat
10 -rw- 14.8k Fri Nov 4 16:48:46 2016 config.text
11 -rwx 384B Thu Sep 29 10:21:54 2016 LIC-WLAN-AP-3200000003956646.lic
12 -rwx 18B Mon Sep 26 17:35:26 2016 test.txt
13 -rw- 718B Tue Oct 11 09:14:18 2016 ap-standalone.text
14 -rwx 696B Mon Mar 21 17:32:30 2016 httpd_cert.crt
15 -rwx 21B Fri Nov 4 16:48:45 2016 syslog_rfc5424_flag.txt
16 drwx 424B Tue Mar 29 16:50:43 2016 portal
17 -rwx 44.4M Mon Oct 31 18:20:17 2016 AM_RGOS11.1(5)B9_G1B5-01_03211300_install.bin
18 -rwx 620B Tue Oct 11 12:39:27 2016 rsa_private.bin
19 -rwx 336B Sun Oct 30 15:32:36 2016 dsa_private.bin
20 -rw- 14.8k Fri Nov 4 19:08:10 2016 config.bak
21 -rw- 5.8k Thu Jun 30 14:35:03 2016 text.bak
22 -rwx 384B Wed Oct 12 17:17:05 2016 LIC-WLAN-AP-3200000003466646.lic
23 drwx 296B Thu Oct 13 13:45:02 2016 upgrade
24 drwx 160B Fri Nov 4 09:36:26 2016 tech_vsd0
25 drwx 448B Thu Sep 29 11:24:06 2016 rg_licns
26 -rw- 723B Fri Nov 4 19:08:21 2016 ap-config.bak
27 drwx 312B Mon Oct 10 19:57:36 2016 syslog
28 -rw- 147B Tue Oct 11 12:39:39 2016 ap-virtual_switch.text
29 -rw- 723B Fri Nov 4 16:48:46 2016 ap-config.text
30 -rwx 187.1k Fri Nov 4 18:27:03 2016 log-13-may-5.txt
31 -rwx 77.8M Mon Oct 31 20:23:11 2016 AC_RGOS11.1(5)B9_G2C6-01_03201812_install.bin.up.tmp
32 -rwx 887B Mon Mar 21 17:32:30 2016 httpd_key.pem
33 -rw- 8.9k Tue Oct 11 09:14:18 2016 standalone.text
23 files, 10 directories
281,903,104 bytes data total (155,394,048 bytes free)
536,870,912 bytes flash total (155,394,048 bytes free)
Tips: To read text file in CLI, exeute command "more config.bak"
WS6008#more config.bak
version AC_RGOS 11.1(5)B9, Release(03201812)
hostname WS6008
!
wlan-config 1 cmcp
ssid-code utf-8
!
wlan-config 2 Eweb_BA832
ssid-code utf-8
band-select enable
schedule session 2
!
wlan-config 3 Eweb_BA833
ssid-code utf-8
!
wlan-config 4 oversea123
ssid-code utf-8
!
wlan-config 5 Eweb_BA835
ssid-code utf-8
!
wlan-config 13 test-for-sec
!
wlan-config 55 AM5528
band-select enable
I. Network Topology
II. Requirements
1. Finish reading System Management
1. Login device CLI via Console, telnet or SSH.
1. Run TFTP software in the PCs
1. TFTP Server is able to communicate with device
III. Configuration Steps
To copy files in flash to TFTP Server, execute commands "copy flash:config.text tftp:"
Ruijie#copy flash:config.text tftp://192.168.1.100/config.text
IV. Verification
The backup configuration file will be copied to TFTP Server.
Problem: Wireless license import failed.
Solution:
1. Confirm whether the SN is correct via the official website.
After login successfully, input authorization code, and then click “search” to check whether the relative device SN is consistent with the practical SN.
1. If the root case is the incorrect SN, unbind the License first
Step1:
Visit official website (http://www.ruijienetworks.com/service/License.aspx ), unbind License files.
Click "Service" ->”Support” ->"Product Licensing" ->choose "WLAN" for wireless license unbinding. Choose “Unbind License”-> choose “Wireless”-> click “Unbind License”, then click ”Complete” after filling in product info.
Note: Before unbinding the license files, you should register first if you do not have an account for login.
Then in the pop-up dialog box, click “finish” to submit an application.
Step2: After completing the application, submitted it to TAC for application via e-mail account: service_rj@ruijienetworks.com. And then waiting for approval.
Click "Service" ->”Support” ->"Product Licensing" ->choose "WLAN" for wireless license unbinding. Choose “Unbind License”-> choose “Wireless”-> Check the approval status, if approved, customer can apply for a new license with the original S/N.
Warm prompt:
After unbind the license successfully, if you have the requirement of Wireless License Registration, please follow the following steps to apply for new license.
Step1: Obtain the license register number.
Open the attachment in the Authorization Letter to obtain the Authentication Code..
Or obtain the authentication code from the CD. There is a pdf file in the CD which is shown as follow:
Step2: Visit the official website, bind License files.
Click "Service" ->”Support” ->"Product Licensing" ->choose "WLAN" for wireless license binding, after filling in the information, click “Complete”, it will jump to the download page of. lic file.
Step3: Install the authorization document
Note: If the license obtained by user is a. lic file, install the license with the following way
i) Upload the local license file to the wlc.
Configuration Example:
Ruijie#copy tftp://192.168.64.2/LIC-WLAN-AP-800000015692434.lic flash:/LIC-WLAN-AP- 800000015692434.lic
Press Ctrl+C to quit
!
Copy success.
ii) Install license file
Configuration Example:
Ruijie# license install flash:LIC-WLAN-AP-800000015692434.lic
Are you sure to install this license[y/n]:y
Success to install license file, service name: LIC-WLAN-AP-8.
Step3: Install the authorization document
Note: If the license obtained by user is a license key, install the license with the following way
i) The following shows the similar format of the license obtained by the user
XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XXXX
Record the generated license key, connect to the wlan-ac device, and use the set license license command. If it prompts it is correct, the register application is successful. If it prompts the error, contact the Ruijie Customer Service center for the related consultation.
ii) Configure the License Basic Features
Configuration Example:
Ruijie# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Ruijie(config)# set license AAAA-BBBB-CCCC-DDDD-EEEE-FFFF-GGGG-HHHH
Verification
Showing the License Configuration, you could find you have add new license successfully.
Ruijie# show license
Interaction between the AC and the RADIUS server is generally based on the RADIUS protocol and SNMP. The ports to be opened are:
RADIUS port: Based on UDP. The default authentication port is 1812 and the default accounting port is 1813, which are both on the RADIUS server.
SNMP port: Based on UDP. The port is 161, which is on the AC.
Check the user's MAC address:
WS#show ac-con client by-ap-name
Total Sta Num : 4
Cnt STA MACAP NAMEWlan Id Radio Id Vlan Id Valid
------ --------------- -------------------- --------- --------- --------- ---------
1.6a99.6c5aBF2_AP_031122091
2701a.04a9.a1b2BF2_AP_062123091
3 0026.c690.0a06 BF7_AP_011122091
4001f.3b3b.b435BF7_AP_011122091
Kick the user offline:
WS(config)#ac-controller
WS(config-ac)#client-kick H.H.H----->H.H.H is the user's MAC address.
Because the client will be automatically reconnected, when the show ac-con client by-ap-name command is run after the user is forced offline, the offline STA is still displayed.
It’s saved in the ap-config.text file in AC flash.
A VLAN-Group contains multiple VLANs. By associating with a VLAN-Group, a WLAN can map to multiple VLANs and VLANs can be flexibly allocated to STAs connected to the WLAN. The VLANs are allocated mainly in the following two modes:
After the STA passes the 802.1x authentication, the authentication server assigns a VLAN for the STA. The STA must be deployed in the 802.1x authentication mode and the authentication mode must be supported by the authentication server.
The server assigns the VLAN for the STA according to the idle status of the address pool.
Enable ip dhcp snooping and run the following command on AC:
ruijie#sh terminal-identify user
User entry list: 3
mac-address aging-time terminal-type
-----------------------------------------
68df.ddc7.de5a --:-- XIAOMI Phone Android 4.2
3859.f98b.658b --:-- PC Windows 7
a844.8130.c304 --:-- Nokia Phone Windows 8
Note: Due to terminal restrictions, the terminal may not be identified completely correct. When the terminal is connected to the wireless network, a DHCP packet is sent. The device reads the option 60 field in the packet. The field carries the terminal type information. However, not the DHCP packet of all the terminals carries the field, and thus the read success rate is not 100%.
The AP configuration under ap-config name takes effect first. If the AP under ap-config name is not configured, the ap-config all configuration takes effect.
Supplement the configuration AC(config)#ip name-server 8.8.8.8, which is used to set the DNS domain name for the device. You can modify the configuration based on the actual environment. Ensure that the AC normally communicates with the extranet.
Perform the following operation:
Ruijie(config)#no ap-config ap-name1
Ruijie(config)#no ap-config all ----Delete the ap-config of all the offline APs.
Only configurations of offline APs can be deleted.
Refer to the following configuration:
Ruijie(config)#ap-config 001a.a9bf.ffdc
Ruijie(config-ap)#location meeting room
Ruijie(config)#ac-controller
Ruijie(config-ac)#capwap ctrl-ip 2.2.2.2
Go to the WLAN configuration mode:
Ruijie(config)#wlan-config 1 ( “1” is the wlan sequence)
Ruijie(config-wlan)#ssid yy (yy is the new SSID)
Refer to the command: (when this parameter is modified, a tunnel is re-created.)
(1) Log on to the AP through the Console or Telnet port, and enter the global mode (the password is apdebug) to configure the static AP IP address, default route, and AC IP address:
Ruijie(config)#acip ipv4 1.1.1.1 // Configure the IP address for the AC.
Ruijie(config)#apip ipv4 172.16.1.34 255.255.255.0 172.16.1.109
(2) After the tunnel between the AP and the AC is created, log on to the AC to configure a static IP address for the AP:
Ruijie(config)#ap-config 220e
Ruijie(config-ap)#acip ipv4 1.1.1.1 ---->Configure the IP address of the AC.
Ruijie(config-ap)#ip address 172.16.1.34 255.255.255.0 172.16.1.109 ---->Configure the IP address, mask, and gateway for the AP. After configuration, the capwap tunnel will be re-created.
The configurations retain even the AP is restarted.
In fat mode, directly go to this radio and shut it down.
Ruijie(config)#interface dot11radio 1/0
Ruijie(config-if-dot11radio 1/0)#shutdown
In fit mode:
Ruijie(config)#ap-config ap-name ---->Go to the AP configuration mode
Ruijie(config-ap)#no enable-radio 1 ---->Disable the radio 1.
Ruijie(config)#advanced 802.11a channel global off
Ruijie(config)#advanced 802.11b channel global off
You can cancel AAA authentication for AC logon by modifying the configurations.
Ruijie(config)#aaa new-model
Ruijie(config)#aaa authentication login no-login none ---->Create an AAA logon authentication list named "no-login" and set the configuration to none (no authentication).
Ruijie(config)#line con 0
Ruijie(config-line)#login authentication no-login ---->Apply the no-login to the console line, which indicates that the AAA authentication is not used.
Ruijie(config-line)#line vty 0 35
Ruijie(config-line)#login authentication no-login ---->No password is needed for logon through the Telnet port.
1. On AP:
Ruijie(config)#interface gigabitEthernet0/1
Ruijie(config-if-GigabitEthernet 0/1)# media-type baset ---->Enable the electrical interface.
Ruijie(config-if-GigabitEthernet 0/1)#media-type basex ---->Enable the optical interface.
1. On AC:
Ruijie(config)#interface gigabitEthernet 0/1
Ruijie(config-if-GigabitEthernet 0/1)#medium-type copper
Ruijie(config-if-GigabitEthernet 0/1)#medium-type fiber
Ruijie(config-if-GigabitEthernet 0/1)#end
Ruijie#write
Ruijie(config)# ap-config AP0001 //Enter the specified AP configuration mode.
Ruijie(config-ap)# timestamp /Configure AP0001 to synchronize the time of the local AC to the AP.
To prevent that the network connection is affected by too large load caused by long-time running of the AP, the daily timed restart can be set for the AP to ensure the network connection quality.
Configure Ruijie-AP1 to restart the AP at 1:00:00 each day on AC:
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#reload at 1:00:00
(1) Define a schedule session.
AC(config)#schedule session 1
AC(config)#schedule session 1 time-range 1 period Sun to Sat time 00:00 to 23:59
(2) Apply the schedule session on the AP
AC(config)#ap-config ap-name
AC(config-ap)#quiet-mode session 1
ruijie#sh ac-config
AC Configuration info:
max_wtp:32
sta_limit:1024
license wtp max:32
license sta max:1024
serial auth :Disable
password auth :Disable
certificate auth :Disable
Bind AP MAC :Disable
AP Priority :Disable
supp_psk_cer :Disable
ac_name:end
ac location :Ruijie_COM
WS6108#sh ac-config
AC State info:
sta_num :0
act_wtp :6
localIpAddr :1.1.1.1
localIpAddr6 :::
used wtp :6.0(6 normal 0 half 0 zero)
remain wtp :42 normal 84 half 634 zero
HW Ver :1.01
SW Ver :AC_RGOS 11.1(5)B7, Release(02231014)
Mac address :5869.6c20.726a
Product ID :WS6108
NET ID :9876543210012345
NAS ID :5869.6c20.726a
For VAC:
WS6108#show member
System description : WS6108
System Mac Address : 58:69:6C:20:72:6A
The administrator forgets the management address of WALL-AP but does not want to modify the device configurations or the factory settings of the device cannot be restored. This method is also applicable for devices with a Console port but cannot be logged onto through the Console port.
1. Configuration Tips
1. Execute the packet capture software on a PC to capture packets from the interface of the wired network.
1. Connect the WALL-AP cable to the PC and power on the AP.
1. Configuration Steps
1. Execute the packet capture software (using Wireshark for an example) to capture packets from the wired interface.
(1) Select the interface.
(2) Select the wired interface of the AP and click Start to capture the packets.
(3) Connect the wired interface of the PC to the AP Ethernet port that is not powered on.
(4) Power on the AP to view packets output by the packet capture software on the PC. Pay attention to the ARP packets.
Because the PC is directly connected to the AP, all the ARP packets except those sent by the PC are ARP packets sent by the AP.
(5) After getting the AP IP address from the ARP packets, try to log on to the AP through the Telnet port.
(6) The AP may not send the ARP resolution packets. In this case, you can use the LLDP packets to obtain the AP management address. The Management Address in the LLDP packets is the management address of the AP.
(7) If you still cannot log on to the AP, restore the factory settings of WALL-AP, which results in loss of all configurations. You can try to log on to APs with the Console port from a serial port.
It is found that during actual packet capture, the AP often does not send the ARP resolution packets. In this case, you can use the LLDP packets to obtain the AP management address.
1. The following is a packet capture screenshot:
1. Click to open the LLDP packet. The part in the red frame below is the management address of the AP:
1. Symptom
According to the AP320-I users, in case of logon through the Console port, there is information prompted, but no response is returned after Enter is pressed. Besides, no command can be entered.
1. Network Environment
The AP is new and just installed. It is logged onto through CRT.
1. Troubleshooting Steps
(1) Check whether the CRT or the HyperTerminal is used. If CRT is used, uncheck CTS/RTS.
(2) If an additional cable is used, confirm whether the driver is installed correctly.
(3) Change the baud rate. The baud rate for the version 1T8 is 115200 bps.
(4) Change the console cable and the PC.
1. Solution
Uncheck CTS/RTS.
1. Summary and Precautions
Summary: Other faults caused by the CRT traffic control function.
(1) You cannot use CRT to log on to the console.
(2) After CRT-based logon, the operation window is blank, the system outputs no information but the cursor flashes. The system has no response after you press Enter.
(3) After CRT-based logon, the operation window is blank, the system outputs no information but the cursor flashes. After you press Enter, the cursor moves but the system still outputs no information.
(4) After CRT-based logon, the system outputs information, but has no response after your press Enter and does not allow you to perform any operation.
(5) After HyperTerminal-based logon, the Data Traffic Control in COM attribute settings must be set to None.
A WALL-AP occupies only 0.5 license. "<=4000" means up to4,000 WALL-APs are supported.
Run the show ac-c command in AC to display license occupation information. The meaning of four, normal, half, and zero is described below.
four: The AP occupies four licenses. Currently, only APs of the model AM5528 and AM5528(ES) occupy four licenses each. APs of the model AM5514 only occupy two licenses each.
normal: An ordinary AP occupies only one license, including AP220-E, AP320-I, and AP520.
half: A WALL-AP occupies only 0.5 license.
zero: The AP occupies no license. The AP is AP(MAP552(SR)) and APD-M.
AC#show ap-config product
Product ID Hardware Version Count Used Wtp
-------------------- ---------------- -------- --------
AM5528 1.00 245 980.0
AP520 1.00 906 906.0
AP630(IDA) 1.50 33 33.0
AP630(IODA) 1.00 83 83.0
(1) Upgrade the device version to RGOS 11.1(5)B9 or a later version.
For authentication code:
Run the AC(config)#no set license activation-key command to unbind the authorized code. (The activation-key is a 32-bit activation code.)
For authentication file:
Run the AC#license unbind authorized file name command to unbind the authorized file to get the verification code.
You can run the show license unbind-code or show apmg debug unbind command to display the verification code.
Note: after activation code of the unbound license is deleted, the license cannot be installed on the device again.
(2) Submit the device serial number, the license activation code, and verification code on Ruijie authentication system(http://pa.ruijie.com.cn:8001/main_wireless.jsf) to unbind the license on the authorization system. Contact Ruijie TAC to approve the unbinding.
(3) To bind the license again, submit the serial number of the new device and authorization code to register the license. A new activation code is obtained.
(4) Install the new activation code to the new AC.
For More details, please refer to WLAN License Activation Guide:
You can apply for a temporary license for an AC three times. The application is automatically reviewed and approved. Only one temporary license of the same specifications can be imported into an AC. The second license overwrites the first. Multiple temporary licenses of different specifications can coexist in one AC. For example, when two temporary licenses can manage 32 APs are applied for the same AC, only one license can be imported to the AC. When a license can manage 32 APs and a license can management 128 APs are applied for the same AC, both licenses can be imported to the AC.
(1) When VAC deployment is not finished yet, the procedure is same to that of normal AC
(2) When VAC deployment is finished, the procedure is basically the same. Bind the corresponding license authorization code to the device according to its serial number.
For authentication code, use set license command to bind the authentication code on main AC.
For authentication files, all the authorization files must be imported to the main AC and operated by running the following commands.
AC#license auto-install flash: LIC-WLAN-AP-51200000001765223.lic
The authorization files can be automatically uploaded.
If the authorization file is operated on the standby AC, the message "% Can’t execute this command in redundancy slave" is prompted.
(3) AC#license install means that the authorization file is only installed in this host.
No. The AP will not go offline unless it goes offline actively or the AC is restarted. As long as the current AP does not actively go offline and the AC is not restarted, the AP will always be online.
No. APs will not be kicked offline due to deletion of temporary or formal authorization. The system judges whether the licenses are sufficient only when the AP is getting online. APs that go offline after authorization expire cannot go online again.
Summarize
With the development of wireless LAN, WLAN technology has been widely used in various fields such as family, enterprise and public places etc. The transmission of wireless frame between access point and wireless terminations in the form of electromagnetic wave instead of wired medium, which makes the wireless terminals movable freely. WLAN technology is the integration of Ethernet and wireless technology and makes wireless terminals easy to access to the wireless local area network. Access point is the middle-transfer-device between wireless terminals and Access Controller in WLAN. When there are plenty of access points in WLAN, how to manage these Aps is key problem in operation.
FAT AP Architecture
In the traditional network architecture, the WTPs completely implement and terminate the 802.11 function so that frames on the wired LAN are 802.3 frames. Each WTP can be independently managed as a separate network entity on the network. The access point in such a network is often called a “Fat AP”.
FIT AP Architecture
The thin AP architecture is a hierarchical architecture that involves a WLAN controller that is responsible for configuration, control, and management of several WTPs. The WLAN controller is also known as the Access Controller (AC). The 802.11 function is split between the WTP and the AC. Because the WTPs in this model have a reduced function as compared to the fat AP architecture, they are called “Fit APs.”
Fit AP Architecture Advantages
Centralized management
Automatic software upgrade
High security and low interference
Since the distinct advantages of fit AP architecture, it’s generally adopted especially in large networks with many APs. The CAPWAP framework is used to define the interface and protocol between an AC and its controlled APs.
Currently, each manufacturer adopts their own private tunnel protocols to exchange messages between AC and AP and this leads to the problem that the AC and AP from different manufacturers cannot communicate with each other.
To solve this problem, IETFCAPWAP working group is set up in 2005 to standardize the tunnel protocols between AC and AP (RFC5415).
2 Terms Explanation
CAPWAP Control and Provisioning of Wireless Access Points
Local MAC Local Medium Access Control
Split MAC Split Medium Access Control
DTLS Datagram Transport Layer Security
WTP Wireless Terminal Point
AC Access Control
AP Access Point
3 CAPWAP Overview
CAPWAP (Control and Provisioning of Wireless Access Points) is a generic protocol that enables a controller to manage a collection of Wireless Terminal Point (WTP). The CAPWAP protocol is described in RFC 5415 which does not include specific wireless technologies; instead, it relies on a binding specification to extend the technology to a particular wireless technology. The binding specifications for the IEEE 802.11 wireless protocol are defined in RFC5416.
CAPWAP is an application layer protocol over UDP. It uses the Datagram Transport Layer Security (DTLS) encryption mechanism which is standard IETF protocol based on TLS.
CAPWAP Main Functions
To centralize the authentication and policy enforcement functions for a wireless network. The AC may also provide centralized bridging, forwarding and encryption of user traffic.
To enable shifting of the higher-level protocol processing from the WTP. This leaves the time-critical applications of wireless control and access in the WTPs, which are subject to severe cost pressure.
To provide an extensible protocol that is not bound to a specific wireless technology.
The CAPWAP tunnel is divided into:
Control tunnel: to transport the CAPWAP control messages
Data tunnel: to transport the CAPWAP data messages
See the figure below for CAPWAP tunnel:
2.1 Local MAC and Split MAC
In the split MAC mode, all the layer 2 wireless data and management frames will be encapsulated by CAPWAP protocol and exchanged between AC and WTP.
As shown in figure 1, the wireless frames received from the station will be directly encapsulated and forwarded to AC.
In the local MAC mode, the data frames can be forwarded through local bridge or 802.3 frames as shown in figure 2. In this mode, layer 2 management frames is encapsulated to802.3 frames on WTP and then forwarded to AC.
The functionassignment of Local MAC and Split MAC in CAPWAP protocol is listed in the table below:
2.2 CAPWAP Working Process
Once one WTP is connected to the network, it will enter the state of AC discovery. WTP sends “discovery request” by means of broadcast, multicast or unicast. When unicast is used, WTP needs to obtain the IP address table of AC through DHCP or DNS. The ACs that receive “discovery request” will send “discovery response” to WTP.WTP will then select one among all responding ACs to establish DTLS connection. After DTLS is established successfully, WTP will send “john request” and AC will reply “john response” to confirm. If the firmware’s version on the WTP is overdue, the firmware update process is started and the WTP will download the latest firmware from AC. After firmware updating successfully, the WTP will restart and enter the discovery process again. If the firmware is the latest, the WTP will download the configuration parameters from AC and then enter the “run” process.
The whole process is illustrated in the figure below:
2.3 CAPWAP Session Establishment Process
The ladder diagram below illustrates the CAPWAP session establishment and message exchanges process between a WTP and AC.
2. WTP sends “discovery request” by means of broadcast, multicast or unicast to discover the available ACs in the network.
2. After receiving the “discovery request” from WTP, AC responds a “Discovery Response” message to WTP to tell the supported service.
2. When the DTLS connection is established, WTP sends the “Join Request” to the AC to request service.
2. AC responds “Join Response” message to inform the WTP that AC can provide service to it.
2. WTP sends “Image data request” message to AC.
2. AC responds “Image data response” message to WTP and WTP can download firmware from AC.
2. WTP sends the current configuration information in “Configuration Status Request” message to AC.
2. AC provides the configuration parameters by responding “Configuration Status Response” message to WTP and WTP request configuration is covered.
2. WTP informs AC that WTP radio state is changed by sending “Change State Event Request” message to AC.
2. AC responds “Change State Event Response” message to WTP.
2. WTP sends “Echo Request” to keep the connection alive when other messages are not exchanged.
2. AC responds “Echo Response” to WTP.
2.4 FIT AP Network Topology
In this topology, SKG1000 (AC) is responsible to manage a number of ACs and the communication between AC and AP is realized through CAPWAP tunnels.
As a powerful and high performance AC developed by SKSpurce, SKG1000 can support up to 20000APs and 220K users.
Scenario
With fit APs, a network consists of a wired switch, access controllers (ACs) and fit APs. APs are simple wireless access points without management and control functions. The AC manages all APs and sends control policies, which are not configured on each AP, to specified APs, as shown in the following figure. The AC is connected with multiple APs via the wired network, and users only need to configure and manage associated APs with the AC.
I. Requirements
a. AC distribute the configuration to all APs, and manage all Aps
b. All APs emit radio signals and connect STA
II. Network Topology
III. Configuration Tips
1) Make sure that AC and AP's firmware should be consistent, using command in CLI "Ruijie>show version"
2) Make sure AP is working on fit mode, using command in CLI "Ruijie>show ap-mode " to check. If it shows fat mode, please modify as follow step:
Ruijie>enable ------>enter the previlege mode
Ruijie#configure terminal ------>enter the config mode
Ruijie(config)#ap-mode fit ------>modify to fit-mode
Ruijie(config)#end ------>exit the config mode
Ruijie#write ------>save the config
IV. Configuration Steps
1) Configure AC
Step1: config Vlan, include user vlan and interconnect vlan,
Ruijie>enable
Ruijie#configure terminal
Ruijie(config)#vlan 20 ------>user vlan
Ruijie(config-vlan)#name sta
Ruijie(config-vlan)#exit
Ruijie(config)#vlan 30 ------>user vlan
Ruijie(config-vlan)#name sta
Ruijie(config-vlan)#exit
Ruijie(config)#vlan 40 ------>interconnect vlan for ac and sw1
Ruijie(config-vlan)#exit
Ruijie(config)#interface vlan 20 ------>user interface vlan(must config)
Ruijie(config-int-vlan)#ip add 192.168.20.2 255.255.255.0 ----->(optional config), in this case, user gateway is configured on sw1, so ip address for this
interface can be configured or not.
Ruijie(config)#interface vlan 30 ------>user interface vlan(must config)
Ruijie(config-int-vlan)#ip add 192.168.30.2 255.255.255.0 ----->(optional config), in this case, user gateway is configured on sw1, so ip address for this
interface can be configured or not.
Ruijie(config-int-vlan)#exit
Step2:Config ssid (multi ssid)
Ruijie(config)#wlan-config 1 Ruijie1
Ruijie(config-wlan)#enable-broad-ssid ------->enable broadcast ssid
Ruijie(config-wlan)#exit
Ruijie(config)#wlan-config 2 Ruijie2
Ruijie(config-wlan)#enable-broad-ssid ------->enable broadcast ssid
Ruijie(config-wlan)#exit
Step3:Config ag-group
Ruijie(config)#ap-group default
Ruijie(config-ap-group)#interface-mapping 1 20 ------->associate wlan-config 1 with user vlan 30
Ruijie(config-ap-group)#interface-mapping 2 30 ------->associate wlan-config 2 with user vlan 30
Ruijie(config-ap-group)#exit
Note:If config ag-goup default, then all AP will asscociate to " ap-group default" group
Step4:Config svi and routing
Ruijie(config)#ip route 0.0.0.0 0.0.0.0 192.168.40.1 ------->default routing to sw1
Ruijie(config)#interface vlan 40 ------->interconnect vlan with sw1
Ruijie(config-int-vlan)#ip address 192.168.40.2 255.255.255.0
Ruijie(config-int-vlan)#exit
Ruijie(config)#interface loopback 0
Ruijie(config-int-loopback)#ip address 1.1.1.1 255.255.255.0 ------->AC initialize CAPWAP tunnel setup from loopback 0 interface
Ruijie(config-int-loopback)#exit
Ruijie(config)#interface GigabitEthernet 0/1
Ruijie(config-int-GigabitEthernet 0/1)#switchport mode trunk ------->connect to sw1, trunk port, allow user vlan、AP vlan、AC-to-SW1 vlan
Step5:Save config
Ruijie(config-int-GigabitEthernet 0/1)#end
Ruijie#write
2) Configure core switch(SW1)
Step1:Vlan config, config user vlan, ap vlan and interconnect vlan
Ruijie>enable
Ruijie#configure terminal
Ruijie(config)#vlan 10 ------>ap vlan
Ruijie(config-vlan)#exit
Ruijie(config)#vlan 20 ------>user vlan
Ruijie(config-vlan)#exit
Ruijie(config)#vlan 30 ------>user vlan
Ruijie(config-vlan)#exit
Ruijie(config)#vlan 40 ------>interconnect vlan with AC
Ruijie(config-vlan)#exit
Step2:Config interface and svi
Ruijie(config)# interface GigabitEthernet 0/1
Ruijie(config-int-GigabitEthernet 0/1)#switchport mode trunk ------->uplink port, connect to AC, trunk port,allow user vlan、AP vlan、AC-to-SW1 vlan
Ruijie(config-int-GigabitEthernet 0/1)#exit
Ruijie(config)#interface GigabitEthernet 0/2
Ruijie(config-int-GigabitEthernet 0/2)#switchport mode trunk ------->downlink port, connect to SW2,trunk port,allow user vlan、AP vlan
Ruijie(config-int-GigabitEthernet 0/2)#exit
Ruijie(config)#interface vlan 10 ------>ap gateway
Ruijie(config-int-vlan)#ip address 192.168.10.1 255.255.255.0
Ruijie(config-int-vlan)#interface vlan 20 ------->sta gateway
Ruijie(config-int-vlan)#ip address 192.168.20.1 255.255.255.0
Ruijie(config-int-vlan)#interface vlan 30 ------->sta gateway
Ruijie(config-int-vlan)#ip address 192.168.30.1 255.255.255.0
Ruijie(config-int-vlan)#interface vlan 40 ------->interconnect with ac
Ruijie(config-int-vlan)#ip address 192.168.40.1 255.255.255.0
Ruijie(config-int-vlan)#exit
Step3:Conifg ip dhcp server
Ruijie(config)#service dhcp
Ruijie(config)#ip dhcp pool ap_ruijie ------->create dhcp pool for ap,pool name is ap_ruijie
Ruijie(config-dhcp)#option 138 ip 1.1.1.1 ------->config option 138, assign ac loopaback 0 ip address
Ruijie(config-dhcp)#network 192.168.10.0 255.255.255.0 ------->assign these address to ap
Ruijie(config-dhcp)#default-route 192.168.10.1 ------->assign the gateway to ap
Ruijie(config-dhcp)#exit
Ruijie(config)#ip dhcp pool user_ruijie1 ------->create dhcp pool for sta,pool name is user_ruijie
Ruijie(config-dhcp)#network 192.168.20.0 255.255.255.0 ------->assign these address to sta
Ruijie(config-dhcp)#default-route 192.168.20.1 ------->assign the gateway to sta
Ruijie(config-dhcp)#dns-server 8.8.8.8 ------->assign the dns to sta
Ruijie(config-dhcp)#exit
Ruijie(config)#ip dhcp pool user_ruijie2 ------->create dhcp pool for sta,pool name is user_ruijie
Ruijie(config-dhcp)#network 192.168.30.0 255.255.255.0 ------->assign these address to sta
Ruijie(config-dhcp)#default-route 192.168.30.1 ------->assign the gateway to sta
Ruijie(config-dhcp)#dns-server 8.8.8.8 ------->assign the dns to sta
Ruijie(config-dhcp)#exit
//Note: when there is no dhcp pool for AP, You could also excute command to assign acip and apip for ap. configuration example is as follow:
Ruijie(config)#acip ipv4 x.x.x.x
Ruijie(config)#apip ipv4 x.x.x.x
Step4:Config static routing
Ruijie(config)#ip route 1.1.1.1 255.255.255.255 192.168.40.2 ------->config static route, route to AC loopback0
Step5:Save configuration
Ruijie(config)#exit
Ruijie#write
3) Configure access switch (SW2)
Step1:Config vlan, create ap vlan
Ruijie>enable
Ruijie#configure terminal
Ruijie(config)#vlan 10
Ruijie(config-vlan)#exit
Step2:Config interface
Ruijie(config)#interface GigabitEthernet 0/1
Ruijie(config-int-GigabitEthernet 0/1)#switchport access vlan 10 ------->connect to AC, access port, allow ap vlan
Ruijie(config-int-GigabitEthernet 0/1)#exit
Ruijie(config)#interface GigabitEthernet 0/2
Ruijie(config-int-GigabitEthernet 0/2)#switchport mode trunk ------->connect to SW1, trunk port
Step3:Save configuration
Ruijie(config-int-GigabitEthernet 0/2)#end
Ruijie#write
V. Verification
1) STA connect to the ssid
2) Check ap config on AC
Ruijie#show ap-config summary
========= show ap status =========
Radio: E = enabled, D = disabled, N = Not exist
Current Sta number
Channel: * = Global
Power Level = Percent
Online AP number: 1
Offline AP number: 0
AP Name IP Address Mac Address Radio 1 Radio 2 Up/Off time State
---------------------------------------- --------------- -------------- ------------------- ------------------- ------------- -----
1414.4b13.c248 192.168.10.2 1414.4b13.c248 E 1 6* 100 E 0 153* 100 0:09:04:28 Run
3) Check sta information on AC
Ruijie#show ac-config client by-ap-name
========= show sta status =========
AP : ap name/radio id
Status: Speed/Power Save/Work Mode, E = enable power save, D = disable power save
Total Sta Num: 1
STA MAC IPV4 Address AP Wlan Vlan Status Asso Auth Net Auth Up time
-------------- --------------- ---------------------------------------- ---- ---- -------------- --------- --------- -------------
2.27b0.169f 192.168.20.2 1414.4b13.c248/1 1 20 58.0M/D/bn WPA2_PSK 0:00:11:21
8ca9.829a.b1ea 192.168.30.2 1414.4b13.c248/1 2 30 58.0M/D/bn WPA2_PSK 0:03:22:31
What if it don’t work?
Use the following steps while aps cannot go online:
1) Confirm whether the versions of AC and AP are consistent, if not, recommend to upgrade first, the latest firmware could be download from our official website: http://www.ruijienetworks.com/service/download.aspx
2) Confirm whether the AP obtain ip address and ACIP successfully or not with command below:
AP# Show ip int br
AP#show capwap client sta
3) Confirm the connectivity between AP and ACIP, if disconnected, check the ip routes on AP:
AP# show ip route
If there is not ip route pointing to ACIP, add an ip route,examples are as follows
AP(config)# ip route 1.1.1.1 255.255.255.0 192.168.1.2
4) Confirm whether the license is not enough.
Examples are as follows:
WS5302#sh ac-config
AC Configuration info:
max_wtp :32 // configure wtp limit on ac-con mode to limit the AP number.
sta_limit :1024
license wtp max :32 //ap numbers can be supported on ac.
license sta max :1024
serial auth :Disable
password auth :Disable
certificate auth:Disable
supp_psk_cer :Disable
r_mac :Enable
da_dtls :Disable
ac_name :Ac_001aa917151c
udp_lite :UDP
ECN_Sup :Disable
mtu :1500
ap_sw_ver :
ac location :Ac_COM
ac_ipv4_num :0
ac_namewp_num :0
AC State info:
sta_num :0
act_wtp :1
WS5302#show license //check the license
Serial Number : 9071FH4280024
No. Activation Key AP Number
-------------------------------------------------------
-------------------------------------------------------
Total 32 access points are supported.
WS5302#show ap-config summary
========= show ap status =========
Radio: E = enabled, D = disabled, N = Not exist
Current Sta number
Channel: * = Global
Power Level = Percent
Online AP number: 1 //online AP number
Offline AP number: 0
AP Name IP Address Mac Address Radio 1 Radio 2 Up/Off time State
---------------------------------------- --------------- -------------- ------------------- ------------------- ------------- -----
001a.a94e.d529 192.168.100.3 001a.a94e.d529 E 0 11* 100 E 0 157* 100 0:03:09:17 Run
5) If the AP still could not go online successfully after checking the infomation above, collect the info with the following command list and submit a case to our case portal http://case.ruijienetworks.com/login_page.php for further checking:
1) collect info on AC:
show version
show running
show ac-config
show license
show ap-config summary
show capwap sta
show cpu
show memory
show ip route
show ip interface brief
2)Collect info on AP:
show version
show ap-mode
show capwap sta
show ip route
show log
show ap-statistic aclist (confirm whether ap obtains option 138 address)
show capwap client state (11.x)
I. Requirements
1) AC connect to AP directly
2) This scene is usually used in the lab in usual.
II. Network Topology
III. Configuration Tips
1) Make sure that AC and AP's firmware should be consistent, using command in CLI "Ruijie>show version"
2) Make sure AP is working on fit mode, using command in CLI "Ruijie>show ap-mode " to check. If it shows fat mode, please modify as follow step:
Ruijie>enable ------>enter the previlege mode
Ruijie#configure terminal ------>enter the config mode
Ruijie(config)#ap-mode fit ------>modify to fit-mode
Ruijie(config)#end ------>exit the config mode
Ruijie#write ------>save the config
IV. Configuration Steps
Step1: config vlan, create user vlan and ap vlan
Ruijie>enable
Ruijie#configure terminal
Ruijie(config)#vlan 1
Ruijie(config-vlan)#exit
Ruijie(config)#vlan 2
Ruijie(config-vlan)#exit
Step2: config AP, STA gateway and loopback 0
Ruijie(config)#interface vlan 1 ------>ap gateway
Ruijie(config-int-vlan)#ip address 172.16.1.1 255.255.255.0
Ruijie(config-int-vlan)#exit
Ruijie(config)#interface vlan 2 ------>sta gateway
Ruijie(config-int-vlan)#ip address 172.16.2.1 255.255.255.0
Ruijie(config-int-vlan)#exit
Ruijie(config)#interface loopback 0
Ruijie(config-int-loopback)#ip address 1.1.1.1 255.255.255.0
Ruijie(config-int-loopback)#exit
Step3: config SSID
config Wlan-config
Ruijie(config)#wlan-config 1 Ruijie-test ------->config ssid named Ruijie-test
Ruijie(config-wlan)#enable-broad-ssid ------->enable brocast ssid
Ruijie(config-wlan)#exit
config ap-group
Ruijie(config)#ap-group default
Ruijie(config-ap-group)#interface-mapping 1 2 ------->associate with wlan-config 1 and vlan2
Ruijie(config-ap-group)#exit
Step4: config AC interface
Ruijie(config-int-loopback)#interface GigabitEthernet 0/1
Ruijie(config-int-GigabitEthernet 0/1)#switchport access vlan 1 ------->connect to ap, allow ap vlan
Step5: config ip dhcp server for AP
Ruijie(config)#service dhcp
Ruijie(config)#ip dhcp pool ap_ruijie