Call Us at 888-550-8728

Series 3: Where can I find a Command Line Interface (CLI) overview?

If you are unsure of the CradlePoint Series or Model Number, please click here.

This article was written based upon firmware version 5.0.0.
The CradlePoint router CLI is a captive text-based interface for configuring, managing, and debugging CradlePoint routers.
This document provides an overview of CradlePoint’s Command Line Interface (CLI) feature available in Series 3 CradlePoint routers. 


“Prompt” (or “Command Prompt”) 
The input field at the bottom of the CLI interface. This is where “commands” and “arguments” are entered into the system.

“command” is a single word instruction for the router to process.  It is sent to the router as the first word entered at the “Command Prompt.”

 An argument refers to the text that follows the command.  Most commands have optional arguments that control in influence the way the command will run.   Arguments for each command can typically be discovered by running the command with the “–help” argument or by running “help COMMAND.”

How to Enable the SSH Server to use the CLI:

The CradlePoint’s SSH server is disabled by default.  There are three ways to enable the SSH server. 
1.    Using the CradlePoint’s Web Admin Interface
a.    Log into the CradlePoint’s admin console (by default:
b.    Go to “System  Settings” -> “Administration”
c.    Click the “Local Management” tab
d.    Place a checkmark next to “Enable SSH Server” option
e.    Optionally, select the “Remote Management” tab and check “Allow Remote SSH Access.”
f.     Click “Apply” to save your changes
2.    Using WiPipe Central Remote Management
a.    Log into your WiPipe Central account.  If you do not have a WiPipe Central account, please contact your sales representative  for assistance
b.    Navigate to the group or device you’d like to enable the SSH server on.
c.    Go to “System Settings” -> “Administration”
d.    Click the “Local Management” tab
e.    Place a checkmark next to “Enable SSH Server” option
f.     Optionally, select the “Remote Management” tab and check “Allow Remote SSH Access.”
g.    Click “Apply” to save your changes
3.    (ADVANCED) Using the “curl” application
a.    From a computer with curl installed, run this command from a terminal or command line prompt, in the same directory as curl.exe (for example):
curl –digest -u username:password -X PUT -d data=true
b.    Optionally, to enable remote SSH access, also run this command:
curl –digest -u username:password -X PUT -d data=true
 (Your IP address may be different from

Connecting a Client Computer to the CradlePoint’sSSH Server:

CradlePoint Series 3 routers are designed to support standards-based SSH-2 clients.  Many modern operating systems (such as GNU/Linux or Apple OSX) include an SSH client that can be run directly from the computer’s terminal prompt. For these platforms simply locate and execute the Terminal software of your preference, then run the “ssh” command with the username and password of the router:

             ssh admin@

For Microsoft Windows computers, we recommend using the free and well-supported PuTTY SSH client, available from here:
See the PuTTY web page and application help for details on making SSH
connections.  The only details you should need to provide are the username,
password and IP address of the router.  The default username is always “admin.”
as shown above.

After Connecting to the SSH Server:
Once you successfully login you will see a command prompt similar to this:
[admin@MBR1400-301: /]$
This shows you your username (admin), the system ID (MBR1400-301 in this case) and the current working directory (/).  The working directory is important for many commands, as it represents the “ConfigStore” context for many commands, as shown below. 

Navigating Using the CLI:

An important part of a command line shell is the notion of a hierarchical file system which is usually backed by a tree structure of directories and files on a hard disk or SSD storage device. In the case of CradlePoint routers, this file system hierarchy is backed by the routers configuration, status and control system known as the “ConfigStore.”

The ConfigStore is like the central nervous system for the router and acts as a live interactive portal to the routers current state and configuration settings. We will expand on this thought as we move forward, but try to remember that the files and directories that we talk about are live elements of the router.  Any changes to those files and directories will result in immediate application and proliferation through the routers internal subsystems.  Likewise, when viewing the contents of files, you will always be presented with the most current data.
Basic navigation commands:
ls         List                              Lists the directories and files
cd        Change directory     Changes to the specified directory
get       Get                              Gets the values of the directories and files

When you first log in your current working directory will be the “root” directory (/). 
            [admin@MBR1400-301: /]$
The “ls” command lists the directories and files in your current working directory.  Running the “ls” command from the “root” directory returns the “control/, status/, and “config/” directories.

            [admin@MBR1400-301: /]$ ls 
            control/           status/            config/ 
You can change the working directory using the “cd” command, followed by the directory to change to.  Running “cd config” changes the current working directory to “config/”.  Notice that the prompt now shows that the current working configuration is now “config/”
            [admin@MBR1400-301: /]$ cd config
            [admin@MBR1400-301: /config]$
If you run the “ls” command from the config/ directory, you will see all the directories and files in the “config/” directory.
            [admin@MBR1400-301: /config]$ ls
            ethernet/  wan/       lan/       shell/     qos/       dns/      
            firewall/  failover/  alerts/    system/    hotspot/   wwan/     
            gre/       routing/   dhcpd/     webfilter/ wlan/      vpn/      
Like before, you may use the “cd” command to change the current working directory.  Typing “cd system” changes the current working directory to “config/system/.”     
[admin@MBR1400-301: /config]$ cd system

            [admin@MBR1400-301: /config/system]$ ls
            mac_monitor/          local_domain          timezone             
            at_passthrough_proxy/ serial/               upnp/                
            ui_activated          snmp/                 first_boot           
            dyndns/               system_id             email/               
            gps/                  users/                power/               
            ntp/                  pci_dss               wipc/                
            qxdmproxy/            logging/              admin/               
            watchdog/             disable_leds          reboot_schedule/     
The “get” command by itself may be used to return the values of all files in the current working directory.  The “get” command followed by a filename or directory will return only the values for that location.
The “config/system/dst_enabled” file represents whether daylight savings time has been enabled in the router.  Using the command “get dst_enabled” we can find whether daylight savings time is enabled.
            [admin@MBR1400-301: /config/system]$ get dst_enabled

To change to the parent directory use the special “..” path.  Each directory
path must be separated with “/” character.  To go up two levels, for example,
you would type “cd ../..”. 
For example:
            [admin@MBR1400-301: /config/system/logging/]$ cd ..
            [admin@MBR1400-301: /config/system/]$ cd ../..
            [admin@MBR1400-301: /]$
The command line interface supports “tab-completion” ( which can reduce the number of key strokes required to enter a command name or path name.  To use this feature simply type the first part of a command or path name and hit the tab key to complete the word.  If the word is not unique, you can hit the tab key twice to see a list of conflicts.


To see a complete list of commands type “help.”  To get detailed help about a specific command simply run “help COMMAND” such as “help ls.” Here is an incomplete list of some basic and important commands:

Show and configure wan devices.  Detailed information about a wan can be      obtained by providing the UID of the wan device as the first argument.

Show the current LAN configuration and status.

Show status of all Access Points on the router and connected wireless clients.
Get the value for config item(s)

Set the value to a config item

Delete an item from the config

Show the data type definitions for a config path.  This is useful for learning the requirements of a particular config resource.
Show and search through the system log.

Changes your password.

Reset the config to factory defaults.  Use with caution.

Reading and Writing Values:

The “get” and “set” commands are used to read and write values to the router’s ConfigStore.  The format for all these values is JSON (  Because the file system in the CLI is also the ConfigStore, you can run “get” on the entire ConfigStore if desired.  For example if you run “get” from the root directory you will see the complete contents of the routers ConfigStore.  The “get”, “set”, “append”, and “delete” commands all take the current working directory into consideration, so the argument that follows the command should be the path within or with reference to the current directory.  Use the “ls” command to view the contents of the current directory when in doubt.

Here are a few examples that illustrate the multiple ways in which you can view the contents of the system. 

We can run the get and ls command from any directory we want if we use an absolute path as the argument.  An absolute path is any path that begins with a “/” character; this indicates that the path begins at the root directory.

                        [admin@MBR1400-301: /]$ get /config/system/logging/level
                        [admin@MBR1400-301: /]$ ls /config/system/logging   
                        console        level          firewall       enabled       
                        max_logs       modem_debug    remoteLogging/
Alternatively, we can change our current working directory to the location of interest and run the commands from there.

                        [admin@MBR1400-301: /]$ cd /config/system/logging/
                        [admin@MBR1400-301: /config/system/logging]$ ls
                        console        level          firewall       enabled       
                        max_logs       modem_debug    remoteLogging/
                        [admin@MBR1400-301: /config/system/logging]$ get level

The .”” path name refers to the current working directory which can also be used as an argument to the get command.  You will notice the output is very similar to the ls commands output, but is formatted as JSON and includes the contents of the sub-directories too.

                        [admin@MBR1400-301: /config/system/logging]$ get .
                            “console”: false,
                            “enabled”: true,
                            “firewall”: false,
                            “level”: “info”,
                            “max_logs”: 1000,
                            “modem_debug”: false,
                            “remoteLogging”: {
                                “enabled”: false,
                                “system_id”: false,
                                “utf8_bom”: true

If we change to the parent directory, we can run the get command again but  this time we must provide the relative path to the item we would like to see.

                        [admin@MBR1400-301: /config/system/logging]$ cd ..
                        [admin@MBR1400-301: /config/system]$ get logging/level

From those examples, we can see that the log level is set to “info” which means only messages of informational priority or higher will be stored in the system log.  Let’s say that we want to change this value to something else.  We can use the “inspect” command to see what the valid values for this config setting are and then use the “set” command to update the value.

                        [admin@MBR1400-301: /]$ cd /config/system/logging/    

                        [admin@MBR1400-301: /config/system/logging]$ inspect level
                        Path: /config/system/logging/level
                        Name   Type     Current value   Default Value   Options
                        level  select   info            info            debug, info, warning, error, critical

We can now see that the default value is “info” and the available options include a “debug” value which we want to set the router to use. Just to verify that the current value is indeed set to “info” we run the get command prior to our change.

                        [admin@MBR1400-301: /config/system/logging]$ get level

Now we simply run the “set” command with the new value.  Remember this value MUST be valid JSON (, so in this case the string value will be encapsulated in double quotes.

                        [admin@MBR1400-301: /config/system/logging]$ set level “debug”

Running the “get” command again verifies that the change was indeed accepted.

                        [admin@MBR1400-301: /config/system/logging]$ get level

As a short example of the internal error handling, we can purposely enter invalid values to test the systems validation procedures.

                        [admin@MBR1400-301: /config/system/logging]$ set level 3.14
                        Error: invalid value (3.14) at: [‘config’, ‘system’, ‘logging’, ‘level’]
                        Reason: invalid option

                        [admin@MBR1400-301: /config/system/logging]$ set level __not_json__
                        Invalid value: No JSON object could be decoded

[admin@MBR1400-301: /config/system/logging]$ set level “not_an_option”
                        Error: invalid value (not_an_option) at: [‘config’, ‘system’, ‘logging’, ‘level’]

Category: Cradlepoint Series 3

← FAQs
Secured By miniOrange