EWC clonning WLAN, Role etc configurations.


Userlevel 3
Hi,

I need to create more than 10 auth and non auth roles and about 6 more WLAN services. They will be exacly same with one of the existing role and WLAN. I only need to change the topology settings (for different vlans). Unfortunately there is no option for clonning existing configs.

So can I dump the configurations via CLI then copy-edit-paste them for creating the needed roles and WLAN services? If it is possible can you share some code as I never used EWC CLI?

Thanks,

Rahman

9 replies

Userlevel 4
Hello Rahman,

It it's possible to copy, edit and paste by CLI commands.
You can check current configuration of EWC by "show run-config"
Below is a role part of the result for the command.

role
create "Guest" snmpid 4 1
"Guest"
filter-status enable
ulfilterap enable
apcustom disable
name "Guest"
default-cos no-change
access-control allow
traffic-mirror enable
acfilters

You can edit it as your own purpose and paste it to the CLI prompt.

Please read carefully the link below since misconfiguration could affect your network seriously.

http://documentation.extremenetworks.com/wireless/CLI/downloads/Wireless_CLI_Reference_Guide.pdf

Thank you
Userlevel 4
Here is an example for you.

EWC.lab.extremenetworks.com# role
create "Test"
EWC.lab.extremenetworks.com:role# create "Test"
EWC.lab.extremenetworks.com:role# "Test"
filter-status enable
EWC.lab.extremenetworks.com:role:Test# filter-status enable
EWC.lab.extremenetworks.com:role:Test# ulfilterap enable
EWC.lab.extremenetworks.com:role:Test# apcustom disable
EWC.lab.extremenetworks.com:role:Test# name "Test"
EWC.lab.extremenetworks.com:role:Test# default-cos no-change
EWC.lab.extremenetworks.com:role:Test# access-control allow
EWC.lab.extremenetworks.com:role:Test# traffic-mirror enable
EWC.lab.extremenetworks.com:role:Test# acfilters
EWC.lab.extremenetworks.com:role:Test:acfilters#
apply delete help set-filter-topology
config end logout set-snmpruletype
create exit move show
EWC.lab.extremenetworks.com:role:Test:acfilters# exit
EWC.lab.extremenetworks.com:role:Test# exit
EWC.lab.extremenetworks.com:role# create "Test1"
"Test1"
EWC.lab.extremenetworks.com:role# "Test1"
filter-status enable
EWC.lab.extremenetworks.com:role:Test1# filter-status enable
EWC.lab.extremenetworks.com:role:Test1# ulfilterap enable
EWC.lab.extremenetworks.com:role:Test1# apcustom disable
EWC.lab.extremenetworks.com:role:Test1# name "Test1"
EWC.lab.extremenetworks.com:role:Test1# default-cos no-change
EWC.lab.extremenetworks.com:role:Test1# access-control allow
EWC.lab.extremenetworks.com:role:Test1# traffic-mirror enable
EWC.lab.extremenetworks.com:role:Test1# acfilters
EWC.lab.extremenetworks.com:role:Test1:acfilters# exit
EWC.lab.extremenetworks.com:role:Test1# exit

EWC.lab.extremenetworks.com:role#
EWC.lab.extremenetworks.com:role# show

Role name Topology Class of Service Mode Filter defined

Lab Demo no-change no-change no-change Yes
Unregistered no-change no-change no-change Yes
Enterprise User no-change no-change no-change Yes
Guest no-change no-change no-change Yes
Lab Demo Turbo no-change no-change no-change Yes
GLB_ROLES no-change no-change no-change Yes
Failsafe no-change no-change no-change Yes
Administrator no-change no-change no-change Yes
Deny Access no-change no-change no-change Yes
Guest Access no-change no-change no-change Yes
Quarantine no-change no-change no-change Yes
Notification no-change no-change no-change Yes
Assessing no-change no-change no-change Yes
Test no-change no-change no-change Yes
Test1 no-change no-change no-change Yes

EWC.lab.extremenetworks.com:role#

Please notice - Type in "exit" to go back to upper level.

Thanks
Userlevel 3
Hello Roy,

Thank you for the example. I will try it. I will also create a feature request about clonning btw.

Regards,

Rahman
Userlevel 6
You can also use Policy manager in ExtremeControl to copy and paste roles/rules/services.
Userlevel 3
Unfortunately this does not work. I can create role via CLI but can not assign topology just after creating it. "Error: unrecognized command "topology-name"."

this is what I paste to CLI

role
create "acu-sehir-unauth"
"acu-sehir-unauth"
topology-name "B@EWC(vlan62)"
filter-status enable
ulfilterap enable
apcustom disable
name "acu-sehir-unauth"
default-cos no-change
access-control contain2vlan
traffic-mirror none

acfilters
create 1 proto any eth 800 mac any interface-ip in dst out src allow priority none tos-dscp none cos none traffic-mirror none
create 2 proto udp eth 800 mac any 0.0.0.0/0 port 68 in dst out src allow priority none tos-dscp none cos none traffic-mirror none
create 3 proto udp eth 800 mac any 0.0.0.0/0 port 53 in dst out src allow priority none tos-dscp none cos none traffic-mirror none
create 4 proto udp eth 800 mac any 0.0.0.0/0 port 67 in dst out src allow priority none tos-dscp none cos none traffic-mirror none

Any idea why it does not work?

Thanks,

Rahman
Userlevel 3
Ok, I got it working. The trick was to set topology-name at the end and use "Apply" command. Here is the working codes:

rolecreate "acu-savsat-unauth"
"acu-savsat-unauth"
filter-status enable
ulfilterap enable
apcustom disable
name "acu-savsat-unauth"
default-cos no-change
access-control contain2vlan
traffic-mirror none
topology-name "B@EWC(vlan67)"
apply

acfilters
create 1 proto any eth 800 mac any interface-ip in dst out src allow priority none tos-dscp none cos none traffic-mirror none
create 2 proto udp eth 800 mac any 0.0.0.0/0 port 68 in dst out src allow priority none tos-dscp none cos none traffic-mirror none
create 3 proto udp eth 800 mac any 0.0.0.0/0 port 53 in dst out src allow priority none tos-dscp none cos none traffic-mirror none
create 4 proto udp eth 800 mac any 0.0.0.0/0 port 67 in dst out src allow priority none tos-dscp none cos none traffic-mirror none
apply

Thanks,

Rahman
A "Duplicate Role and Rename" feature would be useful. I will second that! Several times I find myself wanting to do this.. I had the capability when I was using Policy Manager for Wireless, but I haven't used PM for wireless in a while. Maybe I should revisit that.
Userlevel 4
I would do it over WebGui.
You never know what you maybe miss if doing it over CLI and I don't think it will be faster?!

Yes..C4 for cloning feature.
Userlevel 3
Umut Aydin wrote:

I would do it over WebGui.
You never know what you maybe miss if doing it over CLI and I don't think it will be faster?!

Yes..C4 for cloning feature.

Well, it was actually a lot faster. Problem is not creating the roles via GUI. Problem is writing maybe 10-15 filter rule per role which are all the same for all roles. This is way faster with cloning or in this situation copy-edit-paste via CLI.

Reply