Feature Requests and Bugs

Products Enterprise Wi-Fi Networks
1

HW SW INFO:
-e410
-Software version 3.9-r3

Feature Requests:
1. in AP GUI/Logs
sort logs so recent first. currently recent in the last
2. cnMaestro/Association ACL sort by Description. currently only by MAC
3. cnMaestro/Configuration/WLANs and AP Groups/WLANs Name Edit
click Access Control/DNS ACL
it doesn't have feature temporary disable rule. only delete rule
4. cnMaestro/Configuration/WLANs and AP Groups/WLANs Name Edit
click Access Control/MAC Authentication
it doesn't have feature temporary disable an user MAC ACL. only delete MAC ACL
5. limit bandwidth per user
with the same SSID maybe employees only 100kbs but boss groups 1Mbps
currently can only limit bandwidth for all users or per SSID
I don't want so many SSID. I only want 1 SSID
6. rollback like Juniper or Cisco
I like to have feature that a new DNS ACL will be rollback to previous config if I didn't click Commit within 10 minutes

7. hope in cnMaestro 2.x Cloud can sync with on-premise and vice versa

8.Notification through Telegram like Mikrotik did here
https://www.youtube.com/watch?v=yo-X1lNUDiA

9. Private PSK like Ruckus DPSK, Aerohive RANS or Mikrotik Private PSK or Cisco

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-5/b_Identity_PSK_Feature_Deployment_Guide.html

10. adding IDR in Portal Plan Cost

My suggestions like these

-can be customized so that maybe only 3 currency listed

-if can't then, I can reorder the currency so that most used will be on top

11. user role that only have access to generate, print, delete voucher in the WIFI-Guest Voucher menu

12. L3GRE like Aruba does

L2GRE+IPSec

L3GRE+IPSec

https://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Content/ArubaFrameStyles/Network_Parameters/Configuring_GRE_Tunnels.htm

13. Rogue AP Detection

WLAN Spoofing (fake AP using the same SSID as legitimate AP)
WLAN MAC Spoofing (fake AP using the same MAC address as legitimate AP)


BUGS:
1. empty DNS ACL=last rules
I thought in the beginning empty DNS ACL rules equals ALLOW ANY TO ANY.
Its actually not but its last rules created
STEPS TO REPRODUCE
a. empty rule
RESULT: can open facebook
b. block facebook only
rule1 block *facebook.com
rule100 allow *
RESULT: can't open facebook
c. delete all rules
RESULT: can't go to facebook
d: add allow any2any rule
rule100 allow *
RESULT: can open facebook
e. delete all rules
RESULT: can open facebook
As you can see in steps c and e, empty rule equal last rules

2. DNS ACL created in cnMaestro didn't appears in AP show config
I thought DNS ACL created and pushed by cnMaestro should appear in AP show config, but it didn't
Status in cnMaestro already synced
I think it will be problem if not synced.
How to proof that DNS ACL created in cnMeastro shown in AP show config?

tq

2

i have some problem with you, when i try to adding a new mac address in Associate ACL it's failure. cnmaestro on premise with OVA version 1.6.1-r10 , Package 1.6.3-r10 and Firmware AP 3.9-R3

3

https://_________home-view/aps/list

Shows the Access Point's Local IP Address. And gives you a link to click on it. 

If you are not onsite, this doesn't help much.

Could there be an option to see what the device sees as the WAN IP? (Useful when dyndns or other service glitches.)