Product and Software: This article applies to all Aruba controllers and ArubaOS versions.How to telnet Aruba Remote AP?NOTE: Aruba OS allows to telnet to AP however Telnet is disable for APs by default and usually there is no need to enable it. Enable Telnet only if instructed to do so by engineering or to do advanced troubleshooting. Make sure to disable Telnet after the required troubleshooting is complete.There are three steps to successfully enable telnet for Remote APs.1. Enable "telnet" under ap system-profile.2. Allow "telnet" under ap-role3. Remote AP inner IP address should be routable from telnet source (laptop/desktop).
Network Topology :
Configuration Steps :
Step: 1 We have to allow telnet under ap system-profile.Below from CLIBelow from WebUIClick "Configuration" | Click "All Profile" | Expand"AP" | Expand "AP system" | Select ap system-profile | Enable "Telnet" | Click "Apply" | Click "Save ConfigurationStep 2: We have to Allow "telnet" under ap-roleBelow from CLIBelow from WebUIClick "Configuration" | Click "Access Control" | Click "Policies" | Edit "ap-acl" | Click "Add" | From drop down select "any any service svc-telnet (tcp 23) permit" | Click "Add" | Click "Apply" | Click "Save Configuration"Step 3: We have to make sure Remote AP inner tunnel address is part of routable subnet instead any un-routable address example 18.104.22.168As above we see this RAP has two IP address1. 10.13.32.12 (IPsec Inner address)2. 22.214.171.124 (RAP public address)We can only telnet to the first address which is IPsec inner address and if that is not routable then we cannot do telnet to the RAP.If inner address is routable then you should be able to see below prompt after telnet.
Show commands to verify:show ap system-profile <profile-name> | include Telnetshow rights ap-role
Verify below points:1. Enable "telnet" under ap system-profile.2. Allow "telnet" under ap-role3. Remote AP inner IP address should be routable from telnet source (laptop/desktop).If you still unable to do telnet.1. Do ping or traceroute test from laptop.If you can ping or successfully traceroute then routing is correct.2. Make sure between laptop and AP tcp port 23 (telnet) is allowed.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.