Preface
- Text Conventions
- Providing Feedback to Us
- Getting Help
- Related Publications
About This Guide
- Who Should Use This Guide
- How to Use This Guide
Introduction to the CLI
- CLI Wizard
- CLI Structure
- Account Types
Common Commands
- apply
- end
- exit
- help
- logout
- no
- show
root Commands
- audit
- availability
  - pair
  - pairip
  - pairrole
  - fast_failover
  - link_timeout
  - sync-config
  - sync-mu
- backup
- no backup
- copy
- host-attributes
  - hostname
  - domain
  - dns
    - dns
    - move
- export
- no export
- flash
- no flash
- healthpoll
- import
- key
  - activate
  - ecap
- lanset
- loglevel
- ping
- radtest
- radtest_mba
- reset
- restart
- restore
- secureconnection
  - secret
  - weak-ciphers
- show
  - show ac version
  - show active-user
  - show ap (AP Configuration)
  - show ap_certificate
  - show ap_certreq
  - show ap_inventory
  - show app (Application Group)
  - show apup
  - show audits
  - show availability
  - show backup
  - show cdrs
  - show clients apserial
  - show clients vns
  - show run-config
  - show dns
  - show export
  - show flash
  - show healthpoll
  - show import
  - show import_status
  - show key
  - show l2ports
  - show lanset
  - show log
  - show loglevel
  - show ospf
  - show policy
  - show report channel_inspector
  - show role
  - show report
  - show restore
  - show routes
  - show schedule_ backup
  - show schedule_upgrade
  - show snmp
  - show stats
  - show syslog
  - show system_state
  - show tech_support
  - show time
  - show time-config
  - show topology
  - show traffic_capture
  - show upgrade
  - show upgrade_backup_dest
  - show upgrade_history
  - show upgrade_image_src
  - show users
  - show vnsmode
  - show vnsmode radius
  - show web
  - show wlans
- shutdown
- tech_support
- traceroute
- upgrade ac
- upgrade apup
- upgrade_backup_dest
- upgrade_image_src
ap Commands
- ap Context
  - access
  - blacklist
  - defaults
    - ap37xx
    - ap38xx
    - ap3801
    - 3912FCC and 3912ROW
    - 3935FCC
    - 3935ROW
    - 3965FCC
    - 3965ROW
    - assign
      - wlans-list
      - wlan-foreign-ap
    - learnac
    - move
  - load-groups
  - lpm-override
  - maintenance
    - upgrd
  - registration
  - remove
  - search
  - serial
  - <serial>
    - 802_1x
      - eap
      - gen_certreq
      - peap
    - aclist
    - ap_env
    - apip
    - balanced-power
    - bcast_disassoc
    - bgway
    - client_session
    - country
    - desc
    - ipmcast-assembly
    - lacp
    - lbs-status
    - led-mode
    - lldp
    - location
    - move
    - name
    - persistent
    - poll_timeout
    - port-setting
    - professional_antenna
      - leftantenna-radio1
      - leftantenna-radio2
      - middleantenna-radio1
      - middleantenna-radio2
      - rightantenna-radio1
      - rightantenna-radio2
      - 3935e ports
      - show- antennas
    - radio1
    - radio2
    - real_capture
    - secure-tunnel
    - secure-tunnel-lifetime
    - show
    - ssh
    - tunnel-mtu
    - usedhcp
    - vlanid
    - wlan
    - zone
- Radio Commands
  - admin-mode
  - antsel
  - atpc
  - att
  - beaconp
  - ch
  - dcs
  - domain
  - dtim
  - force-disassociate
  - frag
  - ldpc
  - max-distance
  - mcast-adaptable
  - mcast2ucast
  - minbrate
  - mode
  - n_addba_support
  - n_aggr_mpdu
  - n_aggr_mpdu_max
  - n_aggr_mpdu_max_subframes
  - n_aggr_msdu
  - n_chlwidth
  - n_guardinterval
  - n_pbthreshold
  - n_pmode
  - n_ptype
  - nonUnicastQuota
  - optimized-mcast
  - pmode
  - prate
  - preamble
  - probe-suppression
  - ptype
  - radio-actions
  - rss-threshold
  - rts
  - stbc
  - tx_adjust_power
  - txbf
  - tx_max_power
  - tx_min_power
- DCS Commands
- logs Context
- maintain_cycle Context
  - duration
  - platform
  - freq
l2ports Commands
- esaN
- jumbo-frames
- portN
  - port
- show
- <named-LAG-port>
  - lag-member
  - port
ip Commands
- route
- ospf
login Commands
- apply
- auth
  - server
  - primary
  - authset
  - move
  - radtest_login
- auth-order
- move
- show
Radar Commands
- mitigator Context
  - analysis
  - scprof
  - gsprof
  - maintenance
- Common Scan/Profile Commands
  - adhoc
  - aplist
  - blacklist-timer
  - channels
  - classification
  - concurrent-number
  - dosa
  - drop-faf
  - external-friendly
  - external-honeypot
  - internal-honeypot
  - name
  - port
  - rogue
  - rogue-prevent
  - security-scan
  - spoofed-ap
  - show
mobility Commands
- backupmanagerip
- mrole
- mport
- mheartbeat
- slpreg
- agent
- secmode
- mdismethod
- mmanagerip
schedule_backup Commands
- destination
- dir
- freq
- password
- protocol
- server
- starttime
- type
- user
schedule_upgrade Commands
- schld_upgrd
- upgrade_backup
snmp Commands
- contact
- context
- enable
- engine-id
- location
- port
- publish-ap
- rcommunity
- rwcommunity
- severity
- show
- trap-manager-v1v2
- trap-manager-v3
- user
syslog Commands
- audmsg
- facility
- stationevents
- svcmsg
- syslogip
time Commands
- clock
- date
- ntp
- ntpip
- show-continents
- show-regions
- tz
traffic_capture Commands
- file_name
- size
- interface
- delete
- list
- start
- stop
- show
- show interfaces
users Commands
- id
- pwd
VNS Commands (vnsmode)
- adminctr
- create
- custom-app
  - custom-app-list
- das
  - port
  - replay_interval
- default-role
  - show
  - sync
  - topology-name
  - acfilters
  - apfilters
- delete
- nac
  - create
  - delete
  - show
- netflow-mirror
- radius
- rateprofile
  - create
  - delete
  - show
- redirection-url-list
- <named-VNS>
  - auth
  - non-auth
  - name
  - status
  - sync
  - wlans-name
  - show
- Common Filter Configuration Commands
  - create
  - config
  - delete
  - move
wlans Commands
- clients
  - client
  - descr
  - enable
  - endofday
  - export_clients
  - import_clients
  - startofday
- create
- delete
- remote-ssid
- show
- <WLAN-service-name>
- hotspot
role Commands
- role Context
- create
- delete
- show
- <named-role>
  - access-control
  - default-cos
  - egress-vlans
  - name
  - filter-status
  - sync
  - ulfilterap
  - apcustom
  - acfilters
  - apfilters
  - show
  - traffic-mirror
  - redirection-url
- Common Filter Configuration Commands
  - create
  - config
  - delete
  - move
topology Commands
- create
- delete
- internal-vlanid
- multicast-support
- show
- <named-topology>
  - 3rd-party
  - l2
    - arp-proxy
    - multicast
      - config
      - create
      - delete
      - filter
      - move
      - show
    - port
    - show
    - tagged
    - vlanid
  - l3
    - ap-register
    - cert
    - copy-csr
    - dhcp
      - dhcp-servers
      - dls
      - dls-address
      - dns
      - domain
      - exclude
      - foreign-gateway
      - foreign-range
      - gateway
      - lease-default
      - lease-max
      - mode
      - range
      - show
      - wins
    - exceptions
      - config
      - create
      - delete
      - move
      - show
    - foreign-ip
    - gateway
    - gateway-ipv6
    - gen-certreq
    - ip
    - ipv6
    - mgmt
    - mtu
    - netmask
    - nexthop
    - ospf-advert
    - ospf-cost
    - show
  - l3presence
  - mode
  - name
  - show
  - strict-subnet
  - sync
- topology-group
  - create
  - delete
  - show
  - <topology-group-name>
    - members
    - name
    - show
    - vlanid
Location-Based-Service (lbs) Commands
- multicast
- port
- service
- server-ip
- show
- Related commands
  - lbs-status
  - show
web Commands
- guestportal-admin-timeout
- timeout
- showvns
- show
cos Commands
- create
- delete
- show
- <named-cos>
  - show
  - name
  - sync
  - use-wlan-marking
  - priority
  - tos-dscp-mask
  - rateprf-in
  - rateprf-out
  - transmit-queue
site Commands
- create
- delete
- show site
- <named-site>
RF Location Commands
- location-engine
- default-height
- auto-tracking
- default-env-mode
- floor-plan
  - export
  - import
  - delete
- on-demand
- publish
- show
- area-tracking
Publish Commands
- push
- interval
- unit
- push-list
- push-client-reporting

external-honeypot

Use the external-honeypot command to enable or disable prevention of authorized stations from roaming to external honeypot APs. The external-honeypot command is accessible from the mitigator:scprof:<named scan profile> context and the mitigator:gsprof:<named guardian scan profile> context of the CLI.

After you run the external-honeypot command, run the apply command to implement the change.

external-honeypot (enable | disable)

Parameters

enable	Enables prevention of authorized stations from roaming to external honeypot APs.
disable	Disables prevention of roaming to external honeypot APs.

Example

The following example enables prevention of roaming to external honeypot APs:

EWC.extremenetworks.com:mitigator:scprof:scp_name# external-honeypot enable
EWC.extremenetworks.com:mitigator:scprof:scp_name# apply

Published December 2016prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback