- Written by Dhruba Jyoti Pokhrel
- Posted on July 16, 2024
- Updated on July 16, 2024
- 1240 Views
Local Authentication (also known as authentication survivability) is the ability of access points (AP) to authenticate and onboard clients to the network using root CA certificates through the integrated EAP server of the AP. Use Local Authentication when the RADIUS servers are not reachable to authenticate the clients. It is typically a temporary authentication mechanism; avoid using it as a primary authentication. If there are certificate chains, you must upload the root CA certificate along with the certificate chain.
- Written by Dhruba Jyoti Pokhrel
- Posted on July 16, 2024
- Updated on July 16, 2024
- 1248 Views
Multiple VLAN Registration Protocol (MVRP) is a Layer 2 protocol. The protocol allows access points to propagate the VLAN created on CV-CUE to the connected Switches. The real-time propagation of configuration allows you the flexibility of configuring your wired and wireless network in one interface and distributing it to other active interfaces. You do not have to worry about managing and maintaining the configurations in all interfaces.
- Written by Dhruba Jyoti Pokhrel
- Posted on July 16, 2024
- Updated on July 16, 2024
- 1224 Views
Organizations may have multiple access points (APs) of different models operating with various firmware versions. As an organization, you may want to designate a specific version as a compliant firmware version for a certain model. Assigning a compliant firmware version helps network administrators identify non-compliant AP models by generating notification alerts.
- Written by Dhruba Jyoti Pokhrel
- Posted on April 1, 2024
- Updated on April 1, 2024
- 2311 Views
This feature lets you freeze the channel and transmit power in the Auto mode to operate a specific radio at a specific channel number and transmit power. To switch to other channels, unfreeze the settings and select a custom channel and power, or enable the Auto mode to select the optimum channel and transmit power. Freeze and unfreeze Auto Channel Selection (ACS) and Transmit Power Control (TPC) configurations are configured for each radio. You can select multiple radios and freeze the ACS and TPC settings.
- Written by Dhruba Jyoti Pokhrel
- Posted on April 1, 2024
- Updated on April 1, 2024
- 2541 Views
With the 16.0.1 release, clients connecting to the 6 GHz band can seamlessly connect to OWE-enabled SSIDs having Transition Mode. Arista APs support the Enhanced Open security protocol with Transition Mode built for open networks. Enhanced Open is based on Opportunistic Wireless Encryption (OWE). It is supported only in WiFi 6 and higher AP models. A few examples are C-360, C-260, C-250, C-230, O-235, etc.
- Written by Dhruba Jyoti Pokhrel
- Posted on January 17, 2024
- Updated on January 17, 2024
- 3113 Views
With the 16.0 release, network administrators do not have to define the VLANs received from the RADIUS server or CoA servers. The RADIUS server can dynamically generate VLANS for clients and send the VLAN to the access point (AP) when the client connects. This eliminates the need to manually configure all the dynamic VLANS in the SSID and Device settings. When Dynamic VLAN is enabled, network administrators do not have to configure the VLANs in SSID Settings; they are created dynamically on the AP.
- Written by Dhruba Jyoti Pokhrel
- Posted on January 17, 2024
- Updated on January 17, 2024
- 3119 Views
With the 16.0 release, you can authenticate edge devices from a centrally managed network access control server using the 802.1X authentication. As a network administrator, you want to authenticate the access points (APs), before the APs connect to the network. To enable the authentication, you need to first configure the uplink port on the AP using CV-CUE.
- Written by Dhruba Jyoti Pokhrel
- Posted on September 13, 2023
- Updated on September 13, 2023
- 4006 Views
VXLAN tunneling requires that the switch where the tunnel terminates is configured with a VTEP that matches the configuration on the AP. CV-CUE now provides an easier way to match configurations on both AP and the switch. By having the same VXLAN configuration for access points (APs) and switches, you can aggregate all wireless traffic from the same VXLAN to a single wired destination for better traffic management and visibility.
- Written by Dhruba Jyoti Pokhrel
- Posted on July 7, 2023
- Updated on July 7, 2023
- 4379 Views
With the 15.0 release, access points can authenticate themselves to the network using respective certificates. With access point (AP) VPN, AP uses the EAP-TLS protocol for authentication. Since EAP-TLS requires the client and network to authenticate themselves using respective certificates, the protocol is considered robust compared to exchanging shared secret and Xauth password.
- Written by Dhruba Jyoti Pokhrel
- Posted on July 7, 2023
- Updated on July 7, 2023
- 4257 Views
RadSec or RADIUS over TLS is a protocol for secure communication between a client and the RADIUS server. RadSec uses TCP and TLS protocols to form a secure tunnel between the client and the server.
- Written by Dhruba Jyoti Pokhrel
- Posted on July 7, 2023
- Updated on July 7, 2023
- 4129 Views
One of the reasons why Wi-Fi clients encounter RF issues is non-Wi-Fi interference. All Wi-Fi 6 and above APs can perform interference classification. CloudVision Cognitive Unified Edge (CV-CUE) classifies interference into four categories — Wi-Fi, Microwave Oven (MWO), Frequency Hopping Spread Spectrum (FHSS), and Continuous Wave (CW).
- Written by Dhruba Jyoti Pokhrel
- Posted on July 7, 2023
- Updated on July 7, 2023
- 4215 Views
You can import Ekahau floor plans to CloudVision Cognitive Unified Edge (CV-CUE) and then manage the access points (AP) from CV-CUE. Once you import the floor plan to CV-CUE, you can map the AP to CV-CUE and start managing the AP.
- Written by Dhruba Jyoti Pokhrel
- Posted on February 20, 2023
- Updated on February 20, 2023
- 4401 Views
With the 14.0 release, you can integrate OpenID Connect with a captive portal for authentication. The OpenID Connect integration functionality is available only for captive portals hosted on the Arista Cloud. It is not available if the captive portal is hosted on third-party servers or on the access point.
- Written by Dhruba Jyoti Pokhrel
- Posted on February 20, 2023
- Updated on February 20, 2023
- 4461 Views
With the 14.0 release, you can add device passwords and AP-Server Key passphrase as defined in the password policy. The passwords are based on the password policy and password settings that you configure in CV-CUE.
- Written by Dhruba Jyoti Pokhrel
- Posted on February 2, 2023
- Updated on February 2, 2023
- 4947 Views
With the 13.0.1 release, you can authenticate wired hosts connected to the LAN ports of access points (W-118 and W-318) using 802.1X or MAC-based authentication. You can configure the authentication parameters for each downlink port on the access point (AP) using a LAN Port profile in CV-CUE. The communication happens either through a bridged network or transferred using L2 Tunnels.
- Written by Dhruba Jyoti Pokhrel
- Posted on February 2, 2023
- Updated on February 20, 2023
- 4749 Views
With the 13.0.1 release, you can monitor wired hosts that are physically connected to access points (APs) through Ethernet cables. Currently, the W-118 AP and W-318 AP through their additional LAN ports support connecting hosts directly to the AP.
- Written by Dhruba Jyoti Pokhrel
- Posted on January 16, 2023
- Updated on January 16, 2023
- 4652 Views
With the 13.0 release, you can enable spatial reuse from CloudVision Cognitive Unified Edge (CV-CUE) to improve the spectral efficiency and optimally allocate resources to meet the Quality of Service (QoS). With spatial reuse, two or more Wi-Fi devices (AP or client) that support 802.11ax protocols can send transmissions simultaneously without any significant data loss.
- Written by Dhruba Jyoti Pokhrel
- Posted on January 16, 2023
- Updated on January 16, 2023
- 4629 Views
With the 13.0 release, CloudVision Cognitive Unified Edge (CV-CUE) can redirect onboarding clients to a dynamic URL defined by the RADIUS. If the RADIUS access-accept request has a role and a redirection URL for a client, access points (AP) can redirect such client’s HTTP or HTTPS requests.
- Written by Dhruba Jyoti Pokhrel
- Posted on January 16, 2023
- Updated on January 16, 2023
- 4555 Views
With the 13.0 release, you can schedule the Automatic Channel Selection (ACS) to run at a specific time of the day and minimize service disruption.
- Written by Dhruba Jyoti Pokhrel
- Posted on December 11, 2022
- Updated on December 12, 2022
- 4722 Views
With the 13.0 release, you can integrate SAML SSO with a captive portal for authentication. The SAML integration functionality is only available for captive portals hosted on the Arista Cloud. It is not available if the captive portal is hosted on third-party servers or on the access point.
- Written by Dhruba Jyoti Pokhrel
- Posted on December 11, 2022
- Updated on December 12, 2022
- 5018 Views
With the 13.0 release, you can now view switch-related data, which is managed by CVaaS, from CV-CUE. With this capability, CV-CUE provides you full visibility of the edge network from a single pane. You can monitor the network and make informed decisions – for example, when you want to troubleshoot any network issues and find out whether the root cause lies in the wired architecture or the wireless.