cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1303
Views
0
Helpful
12
Replies

How to access ssh on Cisco Business CBW150AX ?

EasyZone
Level 1
Level 1

Dear all 

I have a new cbw150ax-s unk access point. 
I have set a captive portal and test AAA authen with external radius. 
All work fine but there is no accounting send to my radius server. 
So I need to access ssh to use terminal and enable radius accounting. 
I enable SSHv2 on then I ssh to AP ip address.

cbw1.png


I got error : 

easyzone@easyzone-IdeaPad-5-15ITL05:~$ ssh 192.168.88.251 -l ssh
ssh@192.168.88.251: Permission denied (publickey,keyboard-interactive).

It seems cbw150ax needs a publickey instead of use normal username and password. 

But there is no option in web management to generate a ssh public key. 

I saw a serial port 
102041.jpg
 
 But which cable I can connect to this port. 

Please advice me. 

Thank you in advance 

Chuan chudabut 
https://www.cloud-hotspot.com


2 Accepted Solutions

Accepted Solutions

 

   - No , it's just means that SSH on the device is not available for customer use ,

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

EasyZone
Level 1
Level 1


I have found how to enable radius accounting for captive portal without access ssh.

Method is below 

1. Go to Advanced > Primary AP Tools > Configuration Management

2. Download config.txt from this menu 
3. edit config.txt (before edit the file you need to set a captive portal and test AAA authen with external radius first). 

Find lines 

config wlan radius_server acct interim-update disable 3600
config wlan radius_server acct disable 5

change them  to

config wlan radius_server acct interim-update enable 3600
config wlan radius_server acct enable 5

4. save and upload config.txt to ap with the same menu. 
5. wait for ap reboot them check it. 


 




View solution in original post

12 Replies 12

marce1000
VIP
VIP

 

  - Could you hoover or press on the little blue question mark  mark near sshv2 access ; you may get more info's as to how setup SSH  , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Thank you so much for your reply and I sorry for my late reply.

The picture below is message info on little blue question mark.
It is a message. It provides nothing about how to setup.
Please advice me .... 

Screenshot from 2024-04-30 08-52-43.png

 

          >...It provides nothing about how to setup.
       It does : SSH is for Engineering debug only , 

 M.
 



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

This message means normal user can not access on ssh because we don't have a public key and there is no option to create a public key for ssh. 
Is it right? 

 

   - No , it's just means that SSH on the device is not available for customer use ,

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Thank you so much.
So I need to looking for a console serial connection port.

 

 - Ref : https://www.cisco.com/c/en/us/support/docs/smb/wireless/CBW-AX/kmgmt3378-get-to-know-150ax-151axm.html
             >..      Console Port (For Tech Support Only)

                             Seems like a dead lock...

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

My goal is to enable radius accouting for captive portal.


I wonder why EAP 802.1x authentication with external radius. a radius accouting function is enable by default.
But captive portal with external radius, a radius accouting function is not enable by default.


I try to enable it. 
Do I need to submit on CBW feature request?

 
 

 

 - Note sure  if it can be done with captive portal  , check this document :
 https://www.cisco.com/c/en/us/td/docs/wireless/access_point/csbap/CBW_WiFi_6/Admin_Guide/b_cisco_business_wifi_6_admin_guide/m_4_wireless_settings.html

                  Look for Radius Accounting with Find in the browser ,

 M,

   



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Thank you.

But there is no radius accounting from captive portal sends to my radius server. 

 

 - To me it looks more  that you will have to use higher end models and or APs out of the Small Business oriented market(s) ; 
you may also ask Cisco through https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

EasyZone
Level 1
Level 1


I have found how to enable radius accounting for captive portal without access ssh.

Method is below 

1. Go to Advanced > Primary AP Tools > Configuration Management

2. Download config.txt from this menu 
3. edit config.txt (before edit the file you need to set a captive portal and test AAA authen with external radius first). 

Find lines 

config wlan radius_server acct interim-update disable 3600
config wlan radius_server acct disable 5

change them  to

config wlan radius_server acct interim-update enable 3600
config wlan radius_server acct enable 5

4. save and upload config.txt to ap with the same menu. 
5. wait for ap reboot them check it.