Data Encapsulation
TCP data is encapsulated in an IP datagram.
Imagination + Faith = Creation
In this guide, I'll walk you through how to connect to the Extreme Cloud AP using a micro-USB cable, including the essential step of downloading the necessary driver.
To console into an AP305C/CX, AP4xxC AP, AP5xxx, AP4xxx, AP3xxx, you need to use a micro-USB console cable because these models don’t have the RJ-45 Ethernet-type console port. The console port (5) is a micro-USB type, as shown below.
A standard micro-USB cable will not work. The cable must be a special console micro-USB cable. You can order this part/SKU #: ACC-WIFI-MICRO-USB.
Note: Micro-USB Console Cable
The best practice is to use the Extreme Networks micro USB cable (part number ACC-WIFI-MICRO-USB). When you connect to the device using the micro USB Console port, the management station from which you connect to the device must have a VT100 emulation program, such as TeraTerm Pro (a free terminal emulator) or Hilgraeve HyperTerminal.
Before you start, ensure you have the following:
To communicate with the Extreme Cloud AP via the micro-USB port, your computer needs the correct driver installed. Here’s how to download the driver from the FTDI Chip website:
Navigate to the USB Drivers section and look for the appropriate driver for your operating system (Windows, macOS, Linux, etc.).
※ The Windows Device Manager will identify the device as FTDI FT232R USB UART.
Click on the download link for the VCP (Virtual COM Port) drivers.
After connecting the cable and powering on the AP, you’ll need to access the console through a terminal program such as PuTTY (for Windows) or Terminal (for macOS and Linux).
Note: Console baud rate
The AP5010 and AP5050 models support 115200 baud rate when using the console port to access the command line interface in IQ Engine (IQE).
All previous Cloud AP models supported 9600 baud.
If the AP is in a factory default state the username/password combination will be one of these two options:
admin/aerohive or admin/Aerohive1
Now that you have access to the AP’s console, you can proceed with its configuration. Follow the on-screen prompts or enter the commands for your specific setup requirements. This process may involve setting up basic network settings, updating the firmware, or configuring the AP for integration into your existing network.
Connecting to your Extreme Cloud AP using a micro-USB cable is a straightforward process that enables direct access for configuration and troubleshooting. Remember, the key to a successful connection lies in having the correct driver installed on your computer. By following these steps, you can ensure a smooth setup experience for your Extreme Cloud AP.
For more detailed information, troubleshooting tips, and advanced configuration options, refer to the Extreme Networks documentation and support resources.
How To: XIQ - How to console into an Extreme Cloud (XIQ) AP using a micro USB console cable | Extreme Portal
Q A: Where can I get a console cable for a universal access point? | Extreme Portal
ExtremeWireless Indoor Access Point - Quick Reference - AP5010.pdf
In today’s interconnected world, securing your network infrastructure is paramount. One of the foundational steps towards securing network access is enabling Secure Shell (SSH) on your network devices. SSH provides a secure channel over an unsecured network in a client-server architecture, offering secure remote login from one computer to another. This blog article will guide you through the steps to enable SSH on a Cisco device running the Internetwork Operating System (IOS).
Before you begin, ensure you have the following:
First, access your Cisco device through the console or a Telnet/SSH session. Once you’re in, enter the Global Configuration mode by typing:
configure terminal
You’ll see the prompt change, indicating you’re in configuration mode (e.g., R1(config)#).
For SSH to function properly, your device needs a unique hostname and domain name. If you haven’t set these already, you can do so with the following commands:
R1(config)#ip domain-name lab.analysisman.com
This command sets the domain name to lab.analysisman.com. Adjust the domain name according to your network’s naming conventions.
SSH uses RSA keys for encryption. Generate a key pair with:
R1(config)#crypto key generate rsa
You’ll be prompted to choose the size of the key modulus. While you can select a range between 360 and 2048, a 2048-bit key is recommended for better security:
How many bits in the modulus [512]: 2048
Wait for the key generation process to complete. You’ll see a confirmation message once the keys are generated.
After generating the RSA keys, enable SSH and set its version to 2 for enhanced security features:
R1(config)#ip ssh version 2
Now, configure the Virtual Terminal (VTY) lines to only accept SSH connections:
R1(config)#line vty 0 4
R1(config-line)#transport input ssh
This configuration restricts access to the console lines to SSH only, enhancing security by blocking Telnet and other insecure protocols.
Ensure that users logging in through SSH are authenticated locally:
R1(config-line)#login local
Then, exit the VTY configuration mode:
R1(config-line)#exit
7. Create a Local User
For the login local command to work, you need at least one user account:
R1(config)#username cisco password cisco
Replace cisco with your desired username and password. It’s strongly recommended to use a stronger, unique password for security purposes.
It’s also a good practice to secure the enable mode with a secret password:
R1(config)#enable secret cisco
Again, choose a strong, unique password instead of cisco.
Finally, save your configuration to ensure it persists across reboots:
R1#write memory
Or you can use:
R1#copy running-config startup-config
R1#configure t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip domain-name lab.analysisman.com
R1(config)#crypto key generate rsa
The name for the keys will be: R1.lab.analysisman.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 2048
% Generating 2048 bit RSA keys, keys will be non-exportable...[OK]
R1(config)#
*Mar 1 00:41:42.199: %SSH-5-ENABLED: SSH 1.99 has been enabled
R1(config)#ip ssh version 2
R1(config)#
R1(config)#line vty 0 4
R1(config-line)#transport input ssh
R1(config-line)#login local
R1(config-line)#exit
R1(config)#
R1(config)#username cisco password cisco
R1(config)#enable secret cisco
R1(config)#end
R1#
*Mar 1 00:43:21.107: %SYS-5-CONFIG_I: Configured from console by console
R1#wr me
Building configuration...
[OK]
You’ve successfully enabled SSH on your Cisco IOS device, significantly improving the security of your device management. Remember, security is an ongoing process, not a one-time setup. Regularly update your device configurations, passwords, and firmware to protect against new vulnerabilities and threats.
For further reading, Cisco provides comprehensive documentation on IOS commands and configuration guides that can delve deeper into advanced security features and best practices.
Configure SSH on Routers and Switches - Cisco