file-sync
Syncs trustpoint and/or EAP-TLS X.509 (PKCS#12) certificate
between the staging-controller and its adopted devices.
When enabling file syncing, consider the following points:
- The X.509
certificate needs synchronization only if the adopted
devices are configured to use EAP-TLS
authentication.
- Execute
the command on the controller adopting the devices.
- Ensure
that the X.509 certificate file is installed on the
controller.
Syncing of trustpoint/wireless-bridge certificate can be
automated. To automate file syncing, in the controller‘s
device/profile configuration mode, execute the following
command:
file-sync [auto|count <1-20>]
.
Note
This command
and its syntax is common to both the
User
Executable and
Privilege
Executable configuration modes.
Supported in the following platforms:
- Access Points — AP310i/e, AP410i/e, AP460i/e, AP560i/h,
AP510i/e, AP505i, AP7522, AP7532, AP7562, AP7612, AP7632, AP7662, AP8432, AP8533
- Service Platforms
— NX5500, NX7500, NX9500, NX9600, VX9000
Syntax
file-sync [cancel|load-file|trustpoint|wireless-bridge]
file-sync cancel [trustpoint|wireless-bridge]
file-sync cancel [trustpoint <TRUSTPOINT-NAME>|wireless-bridge] [<DEVICE-NAME>|all|rf-domain [<DOMAIN-NAME>|all]]
file-sync load-file [trustpoint|wireless-bridge]]
file-sync load-file [trustpoint <TRUSTPOINT-NAME>|wireless-bridge] <URL>
file-sync [trustpoint <TRUSTPOINT-NAME>|wireless-bridge] [<DEVICE-NAME>|all|rf-domain [<DOMAIN-NAME>|all] {from-controller}] {reset-radio|upload-time <TIME>}
Parameters
file-sync cancel [trustpoint <TRUSTPOINT-NAME>|wireless-bridge] [<DEVICE-NAME>|all|rf-domain [<DOMAIN-NAME>|all]]
file-sync cancel [trustpoint
<TRUSTPOINT-NAME>| wireless-bridge]
[<DEVICE-NAME>| all|rf-domain
[<DOMAIN-NAME>| all]] |
Cancels scheduled file synchronization
- trustpoint – Cancels scheduled
trustpoint synchronization on a
specified device, all devices, or
devices within a specified RF Domain
- <TRUSTPOINT-NAME> - Specify the
trustpoint name.
- wireless-bridge – Cancels scheduled
wireless-bridge certificate
synchronization on a specified device,
all devices, or devices within a
specified RF Domain
- <DEVICE-NAME> – Cancels scheduled
trustpoint/certificate synchronization
on a specified device. Specify the
device‘s hostname or MAC address.
- all – Cancels scheduled
trustpoint/certificate synchronization
on all devices
- rf-domain [<DOMAIN-NAME>|all] –
Cancels scheduled trustpoint/certificate
synchronization on all devices in a
specified RF Domain or in all RF
Domains
- <DOMAIN-NAME> – Cancels scheduled
trustpoint/certificate synchronization
within a specified RF Domain. Specify
the RF Domain‘s name.
- all – Cancels scheduled
trustpoint/certificate synchronization
on all RF Domains
|
file-sync load-file [trustpoint|wireless-bridge] <URL>
file-sync load-file [trustpoint|
wireless-bridge] <URL> |
Loads the following files on to the staging
controller:
- trustpoint – Loads the trustpoint,
including CA certificate, server
certificate and private key
- wireless-bridge – Loads the
wireless-bridge certificate to the
staging controller Use this command to
load the certificate to the controller
before scheduling or initiating a
certificate synchronization.
- <URL> – Provide the
trustpoint/certificate location using
one of the following formats:
tftp://<hostname|IP>[:port]/path/file
ftp://<user>:<passwd>@<hostname|IP>[:port]/path/file
sftp://<user>:<passwd>@<hostname|IP>[:port]>/path/file
http://<hostname|IP>[:port]/path/file
Note: Both IPv4 and IPv6 address types are
supported.
cf:/path/file
usb<n>:/path/file
|
file-sync [trustpoint <TRUSTPOINT-NAME>|wireless-bridge] [<DEVICE-NAME>|all|rf-domain [<DOMAIN-NAME>|all] {from-controller}] {reset-radio|upload-time <TIME>}
file-sync trustpoint <TRUSTPOINT-NAME>
[<DEVICE-NAME>| all|rf-domain
[<DOMAIN-NAME> |all]
from-controller] |
Configures file-syncing parameters
- trustpoint <TRUSTPOINT-NAME> –
Syncs a specified trustpoint between
controller and its adopted devices
- <TRUSTPOINT-NAME> – Specify the
trustpoint name.
Note: Trustpoint are synced all the way down
the hierarchical structure. If you issue
the command on the NOC controller, the
specified trustpoint will be synced all
the way down the site controllers and
their adopted APs.
- wireless-bridge – Syncs wireless-bridge
certificate between controller and its
adopted devices
After specifying the
file that is to be synced, configure
following file-sync parameters:
- <DEVICE-NAME> – Syncs
trustpoint/certificate with a specified
AP. Specify the device‘s hostname or MAC
address.
- all – Syncs trustpoint/certificate with
all devices
- rf-domain [<DOMAIN-NAME>|all]
from-controller – Syncs
trustpoint/certificate with all devices
in a specified RF Domain or in all RF
Domains
|
reset-radio |
This keyword is recursive and applicable to
all of the above parameters. Optional. Resets
the radio after file synchronization. Reset
the radio in case the certificate is renewed
along with no changes made to the ‘bridge
EAP username‘ and ‘bridge EAP
password‘.
|
upload-time <TIME> |
This keyword is recursive and applicable to
all of the above parameters.
- upload-time – Optional. Schedules
certificate upload at a specified
time
- <TIME> – Specify the time in the
MM/DD/YYYY-HH:MM or HH:MM format. If no
time is configured, the process is
initiated as soon as the command is
executed.
|
Examples
<CONTROLLER>#file-sync wireless-bridge ap510-133B3B upload-time 06/01/2019-12:30
--------------------------------------------------------------------------------
CONTROLLER STATUS MESSAGE
--------------------------------------------------------------------------------
B4-C7-99-6D-B5-D4 Success Queued 1 APs to upload
--------------------------------------------------------------------------------
<CONTROLLER>#