Controller Based WLANs

How to telnet Aruba Remote AP?

Aruba Employee

Introduction :

 

Product and Software: This article applies to all Aruba controllers and ArubaOS versions.

How to telnet Aruba Remote AP?

NOTE: Aruba OS allows to telnet to AP however Telnet is disable for APs by default and usually there is no need to enable it. Enable Telnet only if instructed to do so by engineering or to do advanced troubleshooting.  Make sure to disable Telnet after the required troubleshooting is complete.

There are three steps to successfully enable telnet for Remote APs.

1. Enable "telnet" under ap system-profile.
2. Allow "telnet" under ap-role
3. Remote AP inner IP address should be routable from telnet source (laptop/desktop).

 

Network Topology :

 

User-added image

 

 

Configuration Steps :

 

Step: 1 We have to allow telnet under ap system-profile.

Below from CLI
User-added image

Below from WebUI

Click "Configuration" | Click "All Profile" | Expand"AP" | Expand "AP system" | Select ap system-profile | Enable "Telnet" | Click "Apply" | Click "Save Configuration

User-added image

Step 2: We have to Allow "telnet" under ap-role

Below from CLI

User-added image

Below from WebUI

Click "Configuration" | Click "Access Control" | Click "Policies" | Edit "ap-acl" | Click "Add" | From drop down select "any any service svc-telnet (tcp 23) permit" | Click "Add" | Click "Apply" | Click "Save Configuration"

User-added image
User-added image
User-added image

Step 3: We have to make sure Remote AP inner tunnel address is part of routable subnet instead any un-routable address example 1.1.1.1

User-added image

As above we see this RAP has two IP address
1. 10.13.32.12 (IPsec Inner address)
2. 122.174.101.80 (RAP public address)

We can only telnet to the first address which is IPsec inner address and if that is not routable then we cannot do telnet to the RAP.

If inner address is routable then you should be able to see below prompt after telnet.

 

User-added image

 

 

Verification :

 

Show commands to verify:

show ap system-profile <profile-name> | include Telnet
show rights ap-role

 

Troubleshooting :

 

Verify below points:

1. Enable "telnet" under ap system-profile.
2. Allow "telnet" under ap-role
3. Remote AP inner IP address should be routable from telnet source (laptop/desktop).

If you still unable to do telnet.
1. Do ping or traceroute test from laptop.
If you can ping or successfully traceroute then routing is correct.

2. Make sure between laptop and AP tcp port 23 (telnet) is allowed.

Version history
Revision #:
1 of 1
Last update:
‎07-04-2014 01:14 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.