background image

160

  |  Discovering, Adding, and Managing Devices

Dell PowerConnect W AirWave 7.1

  | User Guide

Figure 108  

APs/Devices > Manage

 Page Illustration

If any changes are scheduled for this AP they appear in a 

Scheduled Changes

 section at the top of the page 

above the other fields. The linked name of the job takes you to the 

System > Configuration Change Job 

Detail 

page for the job.

2. Locate the 

General

 section—this section provides general information about the APs current status. 

Table 87

 

describes the fields, information, and settings.

Summary of Contents for PowerConnect W Airwave 7.1

Page 1: ...Dell PowerConnect W AirWave Version 7 1 User Guide ...

Page 2: ...ducts include Open Source software code developed by third parties including software code subject to the GNU General Public License GPL GNU Lesser General Public License LGPL or other Open Source Licenses The Open Source code used can be found at this site http www arubanetworks com open_source Legal Notice The use of Aruba Networks Inc switching platforms and software by all individuals or corpo...

Page 3: ...Installations 18 Date and Time 18 Previous AWMS Installations 19 Step 2 Installing AWMS Software Including AWMS 19 Step 3 Checking the AWMS Installation 19 Step 4 Assigning an IP Address to the AWMS System 19 Step 5 Naming the AWMS Network Administration System 20 Step 6 Assigning a Host Name to the AWMS 20 Step 7 Changing the Default Root Password 21 Completing the Installation 21 Configuring and...

Page 4: ...nd Authorization 64 Integrating a RADIUS Accounting Server 65 What Next 65 Configuring Cisco WLSE and WLSE Rogue Scanning 66 Introduction to Cisco WLSE 66 Configuring WLSE Initially in AWMS 66 Adding an ACS Server for WLSE 67 Enabling Rogue Alerts for Cisco WLSE 67 Configuring WLSE to Communicate with APs 67 Discovering Devices 67 Managing Devices 67 Inventory Reporting 68 Defining Access 68 Group...

Page 5: ...1 Configuring Group PTMP WiMAX Settings 112 Configuring Proxim Mesh Radio Settings 116 Configuring Group MAC Access Control Lists 118 Specifying Minimum Firmware Versions for APs in a Group 119 Comparing Device Groups 120 Deleting a Group 121 Changing Multiple Group Configurations 121 Modifying Multiple Devices 122 Using Global Groups for Group Configuration 125 Chapter 5 Discovering Adding and Ma...

Page 6: ...sing Template Syntax 183 Using Directives to Eliminate Reporting of Configuration Mismatches 183 Ignore_and_do_not_push Command 183 Push_and_exclude Command 183 Using Conditional Variables in Templates 184 Using Substitution Variables in Templates 184 Using AP Specific Variables 185 Configuring Cisco IOS Templates 186 Applying Startup config Files 186 WDS Settings in Templates 186 SCP Required Set...

Page 7: ... 234 Evaluating User Status with the Users User Detail Page 234 Using the Deauthenticate User Feature 235 Evaluating User Status with the Users Diagnostics Page 235 Introduction and Overview of the Diagnostics Page 235 Supporting AWMS Stations with the Master Console 239 Adding a Managed AMP with the Master Console 239 Monitoring and Supporting AWMS with the Home Pages 241 Monitoring AWMS with the...

Page 8: ... Exporting Reports 292 Emailing Reports in General Email Applications 292 Emailing Reports to Smarthost 292 Exporting Reports to XML or CSV 293 Transferring Reports Using FTP 293 Chapter 10 Using the AWMS Helpdesk 295 AWMS Helpdesk Overview 295 Monitoring Incidents with Helpdesk 296 Creating a New Incident with Helpdesk 297 Creating New Snapshots or Incident Relationships 298 Using the Helpdesk Ta...

Page 9: ...Adding AWMS as RADIUS Accounting Server 317 Configuring Data in Accounting Packets 317 Appendix F HP Insight Install Instructions for AWMS Servers 319 Appendix G Installing AWMS on VMware ESX 3i v 3 5 321 Creating a New Virtual Machine to Run AWMS 321 Installing AWMS on the Virtual Machine 321 AWMS Post Installation Issues on VMware 322 Appendix H Third Party Copyright Information 323 Packages 323...

Page 10: ...10 Dell PowerConnect W AirWave 7 1 User Guide ...

Page 11: ...equently used optional configurations Chapter 4 Configuring and Using Device Groups in AWMS Describes configuration and deployment for group device profiles Chapter 5 Discovering Adding and Managing Devices Describes how to discover and manage devices on the network Chapter 6 Creating and Using Templates Describes and illustrates the use of templates in group and global device configuration Chapte...

Page 12: ...ervers Appendix G Installing AWMS on VMware ESX 3i v 3 5 Provides instructions for an alternative installation option on VMware ESX for AWMS Appendix H Third Party Copyright Information Presents multiple copyright statements from multiple equipment vendors that interoperate with AWMS Index Provides extensive citation of and links to document topics with emphasis on the AWMS GUI and tasks relating ...

Page 13: ...is simple or a large complex multi vendor installation AWMS manages it all The AirWave Wireless Management Suite supports hardware from leading wireless vendors including Dell Alcatel Lucent Aruba Networks Avaya Cisco Aironet and WLC Colubris Networks Enterasys Juniper Networks LANCOM Systems Meru Nomadix Nortel ProCurve by HP Proxim Symbol Trapeze Tropos and many others The components of the AirW...

Page 14: ...dditional pages in support of Dell PowerConnect W Configuration For additional information that includes a comprehensive inventory of all pages and settings that support Dell PowerConnect W Configuration refer to the Dell PowerConnect W AirWave Wireless Management Suite Configuration Guide VisualRF VisualRF is a powerful tool for monitoring and managing Radio Frequency RF dynamics within your wire...

Page 15: ...reless access points and WLAN controllers over the wired network In more complex deployments AWMS seamlessly integrates and communicates with authentication servers accounting servers TACACS servers routers switches network management servers wireless IDS solutions help systems indoor wireless access points mesh devices and WiMAX devices AWMS has the flexibility to manage devices on local networks...

Page 16: ...en read only access to monitoring data without being permitted to make configuration changes A U S based network engineer may be given read write access to manage device configurations in North America but not to control devices in the rest of the world A security auditor may be given read write access to configure security policies across the entire WLAN NOC personnel may be give read only access...

Page 17: ...ditional features are added to AWMS increased hardware resources become necessary For the most recent hardware requirements download the Dell PowerConnect W Airwave Hardware Sizing Guide from http support dell com manuals Installing Linux CentOS 5 Phase 1 Perform the following steps to install the Linux CentOS 5 operating system The Linux installation is a prerequisite to installing AWMS on the ne...

Page 18: ...cally reboots and ejects the installation CD 2 Remove the CD from the drive and store in a safe location Installing AWMS Software Phase 2 Getting Started After the reboot the GRUB screen appears 1 Press Enter or wait six seconds and the system automatically loads the smp kernel 2 When the kernel is loaded log into the server using the following credentials login root password admin 3 Start the AWM...

Page 19: ...en This step requires no user input but you have the option of monitoring progress in more detail should you wish to do so To view detailed output from the AWMS software installer press Alt F9 or Ctrl Alt F9 Pressing Alt F1 or Ctrl Alt F1 returns you to the main console Step 3 Checking the AWMS Installation After the AWMS software installation is complete the following message appears STEP 3 Check...

Page 20: ...he following message appears STEP 5 Naming AWMS AWMS name is currently set to New AWMS Please enter a name for your AWMS 1 At the prompt enter a name for your AWMS server and press Enter Step 6 Assigning a Host Name to the AWMS Upon completion of the previous step the following message appears on the screen STEP 6 Assigning AWMS s hostname Does AWMS have a valid DNS name on your network y n 1 If A...

Page 21: ...1 installation log file type cat root install log To view the Phase 2 installation log file type cat tmp AWMS install log To access the AWMS GUI enter the AWMS IP address in the address bar of any browser The AWMS GUI then prompts for your license key If you are entering a dedicated Master Console or AWMS Failover license refer to Supporting AWMS Stations with the Master Console on page 239 for ad...

Page 22: ... office 161 UDP SNMP Get and Set operations APs or controllers 162 UDP SNMP Traps from devices APs or controllers 162 UDP SNMP Traps from AWMS NMS 443 TCP HTTPS Web management Laptop or workstation 443 TCP HTTPS WLSE polling WLSE 443 TCP VTUN Support connection optional AirWave support home office 1701 TCP HTTPS AP and rogue discovery WLSE 1741 TCP HTTP WLSE polling WLSE 1813 UDP RADIUS Retrieve c...

Page 23: ...ill direct you to a page that displays a detailed list of all Down devices Mismatched The total number of Mismatched devices A device is considered mismatched when the desired configuration in AWMS does not match the actual device configuration read from the device Rogue The number of devices that have been classified by the RAPIDS rules engine above the threshold defined on the Home User Info pag...

Page 24: ...ear for all groups Focused sub menus are visible based on the device type field on the Groups Basic page This sub menu is the first page to appear when adding or editing groups NOTE When individual device configurations are specified device level settings override the Group level settings to which a device belongs List Focused Sub Menus Monitor Basic Templates Security SSIDs AAA Servers Radio Dell...

Page 25: ...ation relating to the configuration of AWMS itself and its connection to your network This page entails several processes configurations or tools in AWMS For additional information start with Chapter 3 Configuring AWMS on page 31 NOTE The AMP Setup pages may not be visible depending on the role and license set in AWMS General Network Users Roles Authentication WLSE ACS NMS RADIUS Accounting PCI Co...

Page 26: ...ows appear on one page of the list The next down arrow is used to jump to a specific page in the list Clicking it will bring up a drop down menu that allows you to select the exact page you would like to view as shown in Figure 2 Figure 2 Common List Settings Choose Columns Illustration The Choose Columns option allows you to configure the columns that are presented in the list and the order in wh...

Page 27: ...es a snapshot of an AWMS screen to a Helpdesk incident Audit Reads device configuration compare to desired and update status Bandwidth Displays current bandwidth for group Choose Chooses a new Helpdesk incident to be the Current Incident Create Creates a new Helpdesk incident Customize Ignores selected settings when calculating the configuration status Delete Deletes an object from AWMS database D...

Page 28: ...eplacement device Revert Returns all configurable data on the screen to its original status Rogue Indicates a rogue access point Run Runs a new user defined report Save Saves the information on the page in the AWMS database Save Apply Saves changes to AWMS database and apply all changes to devices Scan Scans for devices and rogues using selected networks Schedule Schedules a window for reports dev...

Page 29: ... Login Use your browser to navigate to the static IP address assigned to the internal page of the AWMS Once your session launches the Authentication Dialog Box appears as shown in Figure 3 Figure 3 Authentication Dialog Box Perform these steps to complete the initial login 1 Enter User name admin 2 Enter Password admin 3 Click OK After successful authentication your browser launches the AWMS Home ...

Page 30: ...30 Installing AWMS Dell PowerConnect W AirWave 7 1 User Guide ...

Page 31: ...MS with an Existing Network Management Solution NMS on page 73 Auditing PCI Compliance on the Network on page 74 Deploying WMS Offload on page 77 Before You Begin Complete the required configurations in this chapter prior to proceeding to ensuing chapters of this document Dell support remains available to you for any phase of AWMS installation Formatting the Top Header The AWMS interface centers a...

Page 32: ...tomized for individuals according to individual user roles from the Home User Info page by clicking the Yes radio button in the Top Header Stats pane There you can select which statistics are displayed for what device types and override choices made from the AMP Setup page All possible display options are shown in Figure 5 and these fields are described in detail in Monitoring and Supporting AWMS ...

Page 33: ... and so on Figure 6 Choose Columns Dropdown List For more information on the universal list elements see Common List Settings on page 26 You can also control which column heads appear for each user role by selecting the Yes radio button in the Customize Header Columns field as also appears in Figure 5 This exposes the Choose Columns for Roles dropdown menu in all tables shown in Figure 7 The right...

Page 34: ...s Per Page Drop Down Menu If for some reason you would like to reset all AMP list Records Per Page preferences you can select Reset in the Display Preferences pane of the Home User Info page The Display Preferences pane is shown in Figure 9 Figure 9 Display Preferences Pane Using the Pagination Widget The pagination widget is located at the top and bottom of every list table as shown in Figure 10 ...

Page 35: ...List with Export to CSV Selected AWMS also enables CSV exporting of all report types For more information see Using Custom Reports on page 265 Defining Graph Display Preferences Many of the graphs in AWMS are flash based which allows you change graph attributes as shown in Figure 12 Figure 12 Flash Graphs on the Home Overview Page This flash enabled GUI allows for custom settings and adjustments a...

Page 36: ...a popup window that shows historical data A non flash version of the AWMS user page is available if desired instead of flash it uses the RRD graphs that were used in AWMS through the 5 3 Version Contact Dell support for more information on activating this feature in the AWMS database Customizing the Overview Subtab Display You can rearrange or remove widgets appearing on the Home Overview dashboar...

Page 37: ... to appear on the Overview dashboard across to the gridlines and arrange them in the right pane within the gridlines A widget snaps back to the nearest available gridline if you drop it across two or more lines and turns red if you attempt to place it over gridlines already occupied by widgets as shown in Figure 15 Figure 15 Example of Improper Widget Placement Green widgets are those that are pro...

Page 38: ... Figure 16 Customized Search Preferences Setting Severe Alert Warning Behavior You can control the alert levels users can see on the Alerts statistics hyperlink from the Home User Info page These settings will apply unless and until other users change settings for themselves When a trigger is assigned a severity of Critical it generates a severe alert When a severe alert exists a new component app...

Page 39: ...Device Setup tab the Communication and Upload Files pages Once required and optional configurations in this chapter are complete continue to later chapters in this document to create and deploy device groups and device configuration and discovery on the network The first step in configuring AWMS is to specify the general settings for the AWMS server Figure 18 illustrates the AMP Setup General page...

Page 40: ...de Figure 18 AMP Setup General Page Illustration Perform the following steps to configure AWMS server settings globally across the product for all users 1 Browse to the AMP Setup General page locate the General area and enter the information described in Table 8 ...

Page 41: ...age 79 Device Configuration Audit Interval Daily If enabled this setting defines the interval of AWMS queries in which each device compares actual device settings to the Group configuration policies stored in the AWMS database If the settings do not match the AP is flagged as mismatched and AWMS sends an alert via email log or SNMP Aruba recommends enabling this feature with a frequency of Daily o...

Page 42: ...nu that determines which Group tabs and options are viewable by default in new groups and selects the device types that use fully qualified domain names This field has three options as follows All Device When selected AWMS displays all Group tabs and setting options Only Devices on this AMP When selected AWMS hides all options and tabs that do not apply to the APs and devices currently on AWMS Sel...

Page 43: ...hen enabled with Yes NOTE If this setting is enabled with Yes then all profiles are pushed to all controllers In this case you cannot have different configurations for different controllers Table 11 AMP Setup General External Syslog Section Fields and Default Values Setting Default Description Syslog Server N A Enter the IP address of the Syslog server Syslog Port N A Enter the port of the Syslog ...

Page 44: ...value to 0 disables this function and guest users will never expire or be deleted from the AWMS database Closed Helpdesk Incidents 0 550 days zero disables 30 Sets the number of days that AWMS is to retain records of closed Helpdesk incidents once closed Setting this value to 0 disables this function and Helpdesk information will never expire or be deleted from the AWMS database Inactive SSIDs 0 5...

Page 45: ...S Collector which is used to allow AOS controllers to send RTLS packets to VisualRF The RTLS server IP address must be configured on each controller This function is used for VisualRF to improve location accuracy and to locate chirping asset tags This function is supported only for Dell PowerConnect W and Aruba devices With selection of Yes the following additional fields appear RTLS Port Specify ...

Page 46: ...setting for your network depends on the resources available especially RAM Contact Dell support if you are considering increasing this setting for your network Verbose Logging of SNMP Configuration No Enables or disables logging detailed records of SNMP configuration information SNMP Rate Limiting for Monitored Devices No Enables or disables a maximum bandwidth consumption threshold for each port ...

Page 47: ...NTP servers creates an entry in the event log Table 17 describes the settings and default values in more detail Table 16 Primary and Secondary Network Interface Fields and Default Values Setting Default Description IP Address None Sets the IP address of the AWMS network interface This address must be static IP address Hostname None Sets the DNS name assigned to the AWMS server Subnet Mask None Set...

Page 48: ...d you define a Username Password and a Role You use the username and password when logging into AWMS It is helpful to use unique and meaningful user names as they are recorded in the log files when you or other users make changes in AWMS The user role defines the user type access level and the top folder for that user User roles are defined on the AMP Setup Roles page Refer to the next procedure i...

Page 49: ...t defines the Top viewable folder type and access level of the user specified in the previous field The admin user defines user roles on the AMP Setup Roles page and each user in the system is assigned to a role Password None Sets the password for the user being created or edited Enter an alphanumeric string without spaces and enter the password again in the Confirm Password field Because the defa...

Page 50: ...s such as help desk or IT staff who support a subset of accounts or sites within a single AWMS deployment In prior AWMS releases AWMS user roles could only be assigned to a single top folder such as West Coast or European Stores You can restrict user roles to multiple folders within the overall hierarchy even if they do not share the same top level folder Non admin users are only able to see data ...

Page 51: ...ed to that role Enabled Yes Disables or enables the role Disabling a role prevents all users of that role from logging in to AWMS Type AP Device Manager Defines the type of role AWMS supports the following role types AMP Administrator The AWMS Administrator has full access to AWMS and all of the devices The administrator can view and edit all settings and all APs in AWMS Only the AWMS Administrato...

Page 52: ...iew NOTE AWMS enables user roles to be created with access to folders within multiple branches of the overall hierarchy This feature assists non administrator users who support a subset of accounts or sites within a single AWMS deployment such as help desk or IT staff Prior to Version 6 3 AWMS user roles could be assigned only to a single top folder such as West Coast or European Stores for exampl...

Page 53: ...e Device Setup Upload Files Page Loading Firmware Files to AWMS Overview of the Device Setup Upload Files Page Loading Firmware Files to AWMS Using Web Auth Bundles in AWMS Configuring Communication Settings for Discovered Devices To configure AWMS to communicate with your devices to define the default shared secrets and to set SNMP polling information navigate to the Device Setup Communication pa...

Page 54: ...ration Perform the following steps to define the default credentials and SNMP settings for the wireless network 1 On the Device Setup Communication page locate the Default Credentials area Enter the credentials for each device model on your network The default credentials are assigned to all newly discovered APs ...

Page 55: ...and complete or adjust the default value for the field in this section Table 21 lists the setting and default value 5 On the Device Setup Communication page locate the HTTP Discovery Settings section Complete or revise the default values for the settings in this section Table 22 lists these settings and default values Note Community strings and shared secrets must have read write access for AWMS t...

Page 56: ...ings Fields and Default Values Setting Default Description Attempt to ping down devices Yes Enables a function that applies when an AP is unreachable over SNMP When Yes is selected this option has AWMS attempt to ping the AP device Select No if performance is affected in negative fashion by this function If a large number of APs are unreachable by ICMP likely to occur where there is in excess of 1...

Page 57: ...r account on the AP as defined in the Cisco VxWorks Username Password section in the Default Secrets area This user account must have all permissions set Create and Use Specified User N A Enables AWMS to create a new user account specified below on each AP with all permissions enabled Table 26 Device Setup Communications Fields and Default Values Setting Default Description Do Not Modify SNMP Sett...

Page 58: ...rough AWMS Use the AMP Setup page to configure AWMS wide default firmware options Figure 26 Device Setup Upload Files Page Illustration Table 27 below itemizes the contents settings and default values for the Upload Files page Table 27 Device Setup Upload Files Fields and Default Values Setting Default Description Type None Displays a drop down list of the primary AP makes and models that AWMS sup...

Page 59: ...e file was uploaded to AWMS without issue The checksum should match the checksum of the file before it was uploaded Firmware File Size None Displays the size of the firmware file in bytes HTML Filename None Supporting HTML displays the name of the file that was uploaded to AWMS and to be transferred to an AP when the file is used in an upgrade HTML Version None Supporting HTML displays the version...

Page 60: ...Server IP Address and the Firmware Filename Use an external firmware file server N A You can also choose to assign the external TFTP server on a per group basis If you select this option you must enter the IP address on the Groups Firmware page Complete the Firmware File Server IP Address field NOTE With selection of some Types you are prompted with the Server Protocol field that lets you select w...

Page 61: ...cription field This is the label by which you identify and track Web Auth bundles on the Device Setup Upload Files page once they are present in AWMS 4 Enter the path and filename of the Web Auth configuration file in the Web Auth Bundle field Click Browse to locate the file with the browsing method as required 5 Click Add to complete the Web Auth bundle creation or click Save if replacing a previ...

Page 62: ...re TACACS authentication 1 Navigate to the AMP Setup Authentication page This page displays current status of TACACS Figure 29 illustrates this page when neither TACACS nor RADIUS authentication is enabled in AWMS Figure 29 AMP Setup Authentication Page Illustration 2 Click No to disable or Yes to enable TACACS authentication If you click Yes several new fields appear Complete the fields described...

Page 63: ...page click Add Entry to add an AAA client Enter the IP address of AWMS as the AAA Client IP Address The secret should be the same value that was entered on the AMP Setup TACACS page 7 Select TACACS Cisco IOS in the Authenticate Using drop down menu and click submit restart What Next Navigate to additional tabs in the AMP Setup section to continue additional setup configurations Complete the requir...

Page 64: ...s several new fields appear Complete the fields described in Table 30 3 Click Save to retain these configurations and continue with additional steps in the next procedure Table 30 AMP Setup Authentication Fields and Default Values Field Default Description Primary Server Hostname IP Address N A Enter the IP address or the hostname of the primary RADIUS server Primary Server Port 49 Enter the TCP p...

Page 65: ...ated in Figure 32 and provide the information described in Table 31 2 Click Add What Next For additional information about configuring WLAN Gateways or WLAN controllers such as BlueSocket ReefEdge or ProCurve wireless gateways refer to Third Party Security Integration for AWMS on page 305 Note AWMS checks the local username and password store before checking with the RADIUS server If the user is f...

Page 66: ... to Cisco WLSE Cisco WLSE functions as an integral part of the Cisco Structured Wireless Aware Network SWAN architecture which includes IOS Access Points a Wireless Domain Service an Access Control Server and a WLSE In order for AWMS to obtain Rogue AP information from the WLSE all SWAN components must be properly configured Table 32 describes these components Configuring WLSE Initially in AWMS Us...

Page 67: ...over page 2 Configure SNMP Information 3 Configure HTTP Information 4 Configure Telnet SSH Credentials 5 Configure HTTP ports for IOS access points 6 Configure WLCCP credentials 7 Configure AAA information Discovering Devices There are three methods to discover access points within WLSE as follows Using Cisco Discovery Protocol CDP Importing from a file Importing from CiscoWorks Perform these step...

Page 68: ... to Administration User Admin 2 Configure Role and User Grouping It is much easier to generate reports or faults if APs are grouped in WLSE Use these pages to make such configurations 1 Navigate to Devices Group Management 2 Configure Role and User Configuring IOS APs for WDS Participation IOS APs 1100 1200 can function in three roles within SWAN Primary WDS Backup WDS WDS Member AMP monitors AP W...

Page 69: ...all New Certificate button or skip to the next step if the certificate was previously installed 4 Click the User Setup button in the left frame 5 Enter the Username that will be used to authenticate into the WDS and click Add Edit button 6 Enter the Password that will be used to authenticate into the WDS and click the Submit button 7 Navigate to the Network Configuration Add AAA Client page 8 Add ...

Page 70: ...he WLSE Port 1741 Defines the port AWMS uses to communicate with the WLSE server Username None Defines the username AWMS uses to communicate with the WLSE server The username and password must be configured the same way on the WLSE server and on AWMS The user needs permission to display faults to discover rogues and inventory API XML API to discover manageable APs As derived from a Cisco limitatio...

Page 71: ... server select that server and click Delete When clicking Add or edit the Details page appears as illustrated in Figure 35 Figure 35 AMP Setup ACS Add Edit Details Page Illustration 3 Complete the settings on the AMP Setup ACS Add Edit Details page Table 34 describes these fields Table 34 AMP Setup ACS Add Edit Details Fields and Default Values Field Default Description IP Hostname None Sets the D...

Page 72: ...s Log in to the ACS server select System Configuration then in the Select frame click the Logging link Under Enable Logging click the CSV Passed Authentications link The default logging options function and support AWMS These include the two columns AWMS requires User Name and Caller ID What Next Navigate to additional tabs in the AMP Setup section to continue additional setup configurations Compl...

Page 73: ...r SNMPv2 traps to the NMS AWMS can be used in conjunction with Hewlett Packard s ProCurve Manager The necessary files for either type of NMS interoperability are downloaded from the AMP Setup NMS page as follows For additional information contact Dell support Perform these steps to configure NMS support in AWMS 1 Navigate to the AMP Setup NMS page illustrated in Figure 36 Figure 36 AMP Setup NMS I...

Page 74: ...equirements PCI Auditing in the AWMS Interface Enabling or Disabling PCI Auditing Introduction to PCI Requirements AWMS supports wide security standards and functions in the wireless network One component of network security is the optional deployment of Payment Card Industry PCI Auditing The Payment Card Industry PCI Data Security Standard DSS establishes multiple levels in which payment cardhold...

Page 75: ...ment is not enabled in AWMS then AWMS does not monitor the network s status in relation to that requirement and cannot designate Pass or Fail network status AWMS servers without a RAPIDS license and users without RAPIDS enabled will not see the 11 1 PCI requirements in the PCI Compliance Report Table 36 PCI Requirements and Support in AWMS PCI Requirement Description 1 1 Monitoring configuration s...

Page 76: ... tracks The list includes common vendor default passwords The user can input new values to achieve compliance When Disabled When this PCI requirement is disabled in AWMS then network devices are not checked for forbidden information and PCI Compliance is not established 4 1 1 Using strong encryption in wireless networks When Enabled PCI Requirement 4 establishes the standard by which payment cardh...

Page 77: ...d configurations in this chapter prior to proceeding to ensuing chapters of this document Dell support remains available to you for any phase of AWMS installation Deploying WMS Offload Overview of WMS Offload in AWMS This section describes the Dell PowerConnect W Wireless LAN Management Server WMS offload infrastructure WMS Offload is supported with the following two requirements ArubaOS Version 2...

Page 78: ...ure device classification Set up rogue classification Set up rogue classification override Establish user classification override devices 4 Deploy Dell PowerConnect W specific monitoring features Enable remote AP and wired network monitoring View controller license information 5 Convert existing floor plans to VisualRF to include the following elements MMS AOS RF Plan 6 Use RTLS for increasing loc...

Page 79: ...in a given group using a configuration file Variables in such templates configure device specific properties such as name IP address and channel Variables also define group level properties For additional information about using the Templates page refer to Chapter 6 Creating and Using Templates on page 175 Security This page defines general security settings for device groups to include TACACS RAD...

Page 80: ...work security Configuring all settings on each device individually is time consuming and error prone AWMS addresses this challenge by automating the processes of device configuration and compliance auditing At the core of this approach is the concept of groups with the following functions and benefits AWMS allows certain settings to be managed efficiently at a Group level while others are managed ...

Page 81: ...802 1x APs and so forth Is Global Group Identifies whether or not the group has been identified as a global group that can be used to configure subscriber groups Global groups cannot contain APs and are visible by users of any role Global Group Displays the global group to which the group is subscribed if any SSID Column represents the Service Set Identifier SSID assigned to all devices within the...

Page 82: ...on and release 4 Click Save to retain your settings The Groups List page displays your changes The following pages include columns able to be edited for data display Home Search results Helpdesk Incidents Groups List Groups Monitor Groups Cisco WLC Config APs Devices List APs Devices New APs Devices Up APs Devices Down APs Devices Mismatched Up Down Status Polling Period Column represents the time...

Page 83: ...teps to configure basic group settings then continue to additional procedures to define additional settings as required 1 Navigate to the Groups List page Existing device groups appear on this page 2 To create a new group click Add Enter a group name and click Add The Group Basic page appears To edit an existing device group click the manage wrench icon next to the group The Group Basic page appea...

Page 84: ...s in AWMS Dell PowerConnect W AirWave 7 1 User Guide Figure 42 Groups Basic Page Illustration 3 Define the settings in the Basic and Global Group sections Table 38 describes several typical settings and default values of this Basic section ...

Page 85: ...vices can be disabled on all the devices in the group Once disabled all the devices in the groups will not be counted towards mismatched devices Global Groups No When enabled this field allows you to define the device group to be a global group Refer also to Using Global Groups for Group Configuration on page 125 Table 39 SNMP Polling Period Fields and Default Values Setting Default Description Up...

Page 86: ...to display the correct SSIDs for the group you must perform a Save and Apply action on the group Only Devices on this AMP AWMS hides all options and tabs that do not apply to the APs and devices currently on AWMS Use system defaults Use the default settings defined on the AWMS configuration page Selected device types Allows the user to specify the device types for which AWMS displays Group setting...

Page 87: ...ssage broadcasts Bridge Forward Delay 15 Sets the time in seconds that the port spends in listening and learning mode if the spanning tree has changed Table 43 NTP Fields and Default Values Setting Default Description NTP Server 1 2 3 None Sets the IP address of the NTP server that is to be configured on the AP UTC Time Zone 0 Sets the hour offset from UTC time to local time for the AP Times displ...

Page 88: ... Cisco Controllers on page 110 Table 46 Proxim Avaya Fields and Default Values Setting Default Description SNMP Version 1 Drop down menu specifies the version of SNMP used by AWMS to communicate to the AP Enable DNS Client No Enables the DNS client on the AP Enabling the DNS client allows you to set some values on the AP by hostname instead of IP address If you select Yes for this setting addition...

Page 89: ...mine when inactive clients are no longer associated to an AP Symbol Controller CLI Communication Telnet Select which connection type is to support the command line interface CLI connection The options are Telnet and secure shell SSH This is supported for WS5100 and RFS7000 devices only Web Config Interface Yes Enables or disables the http https configuration page for the Symbol 4131 and Intel 2011...

Page 90: ...tions in this chapter to create new groups or to edit existing groups Once general group level configurations are complete continue to later chapters in this document to add or edit additional device level configurations and to use several additional AWMS functions Table 50 3Com Enterasys Nortel Trapeze Fields and Default Values Setting Default Description SNMP Version 2c Drop down menu specifies ...

Page 91: ...ault values Figure 43 Groups Security Page Illustration Table 53 Groups Security Page Fields and Default Values Setting Default Description VLANs Section VLAN Tagging and Multiple SSIDs Enabled This field enables support for VLANs and multiple SSIDs on the wireless network If this setting is enabled define additional VLANs and SSIDs on the Groups SSIDs page Refer to Configuring Group SSIDs and VLA...

Page 92: ...d range is from 1 to 40 minutes This setting is supported only for HP ProCurve 420 Session Timeout 0 Sets the time at which the session times out for the device group being configured The supported range is from 0 to 65 535 seconds This setting is supported only for HP ProCurve 420 Cisco TKIP No Sets the device group to use the Cisco Temporal Key Integrity Protocol TKIP If enabled TKIP provides pe...

Page 93: ... Address Authentication No If enabled only MAC addresses known to the RADIUS server are permitted to associate to APs in the Group MAC Address Format Single Dash Allows selection of the format for MAC addresses used in RADIUS authentication and accounting requests Dash Delimited xx xx xx xx xx xx default Colon Delimited xx xx xx xx xx xx Single Dash xxxxxx xxxxxx No Delimiter xxxxxxxxxxxx This opt...

Page 94: ...group Note WLANs that are supported from one or more Cisco WLC controllers can be configured on the Groups Cisco WLC Config page Note AWMS reports users by radio and by SSID Graphs on the AP and controller monitoring pages have check boxes that display bandwidth in and out based on SSID Furthermore AWMS reports can also be run and filtered by SSID There is an option on the AMP Setup General page t...

Page 95: ...broadcast Native VLAN Selects this VLAN to be the native VLAN Native VLANs are untagged and typically used for management traffic only AWMS requires a Native VLAN to be set Some AP types do not require a native VLAN For those APs you need to create a dummy VLAN disable it on both radio controls and ensure that it has the highest VLAN ID Table 55 Groups SSIDs SSID VLAN Section Fields and Default Va...

Page 96: ...o For Proxim only this setting enables to AP to send its SSID in every beacon but it does not respond to any probe requests Unique Beacon Proxim only No For Proxim only if more than one SSID is enabled this option enables them to be sent in separate beacons Block All Inter client Communication Yes For Colubris only this setting blocks communication between client devices based on SSID Table 56 Gro...

Page 97: ...RADIUS Authentication Server 1 3 Colubris ProCurve420 Proxim only None Drop down menu to select RADIUS Authentication servers previously entered on the Group RADIUS configuration page These RADIUS servers dictate how wireless clients authenticate onto the network Authentication Profile Name Proxim Only None Sets the Authentication Profile Name for Proxim AP 600 AP 700 AP 2000 AP 4000 Avaya AP3 4 5...

Page 98: ...e Groups Security and Groups SSIDs configuration pages Perform these steps to create RADIUS servers 1 Navigate to the Groups List page and select the group for which to define AAA servers by clicking the group name Alternatively click Add from the Groups List page to create a new group define a group name In either case the Monitor page appears 2 Select the AAA Servers page The AAA Servers page ap...

Page 99: ...or Proxim ORiNOCO and Cisco Aironet IOS APs Secret and Confirm Secret None Sets the shared secret that is used to establish communication between AWMS and the RADIUS server NOTE The shared secret entered in AWMS must match the shared secret on the server Authentication No Sets the RADIUS server to perform authentication when this setting is enabled with Yes Authorization Port 1812 Sets the port us...

Page 100: ...oups 1 Navigate to the Groups List page and select the group for which to define radio settings by clicking the group name Alternatively click Add from the Groups List page to create a new group define a group name In either case the Monitor page appears 2 Navigate to the Groups Radio page Figure 48 illustrates this page Figure 48 Groups Radio Page Illustration Note If you have existing deployed d...

Page 101: ...d is enabled this specifies the size in bytes at which packets are fragmented A lower Fragmentation Threshold setting might be required if there is a great deal of radio interference RTS CTS Threshold Enabled No If enabled this setting configures the AP to issue a RTS Request to Send before sending a packet In most cases Aruba recommends leaving this option disabled RTS CTS Threshold Value 2338 If...

Page 102: ...do not support the functionality Table 62 HP ProCurve 420 Fields and Default Values Setting Default Description Slot Time Auto Short slot time mechanism if used on a pure 802 11g deployment improves WLAN throughput by reducing wait time for transmitter to assure clear channel assessment Multicast Data Rate 5 5Mbps Sets the maximum data rate of the multicast data packets Rogue Scanning Enabled If e...

Page 103: ...ettings Fields and Default Values Setting Default Description Use Aironet Extensions Yes When enabled this option allows Cisco devices to provide functionality not supported by 802 11 IEEE standards including the following Load balancing Allows the access point to direct Aironet clients to the optimum access point Message Integrity Check MIC Protects against bit flip attacks Temporal Key Integrity...

Page 104: ... in the group to either a only b only g only or b g 802 11b Transmit Rate Auto Fallback This setting specifies the minimum transmit rate required for the AP to permit a user device to associate 802 11g Transmit Rate Auto Fallback This setting specifies the minimum transmit rate required for the AP to permit a user device to associate 802 11a Transmit Rate Auto Fallback This setting specifies the m...

Page 105: ...est security but AP performance and throughput available to user devices may be impacted modestly during a rogue scan Automatic Channel Interval 12 Hours Sets the frequency by which APs monitor radio channels for availability and activity First Radio 802 11b only 1 Mbps Sets the operational mode and multicast data rate for the first Colubris radio Second Radio CN330 only 802 11b only 1 Mbps Sets t...

Page 106: ...at has been defined to support Cisco devices Click the group name or the Manage wrench icon and the Cisco WLC Config option appears in the navigation pane at the top 2 Navigate to the Groups List page and create a new group to support Cisco devices with these steps Click Add from the Groups List page to create a new group enter a group name and click Add Once AWMS prompts you with the Groups Basic...

Page 107: ...toggle to yes Note that the by setting this flag to yes AMP will display a mismatch if the WLANs in the desired and device config differ only on the order Figure 51 Groups Cisco WLC Config WLANS page illustration 3 To add or edit SSIDs or VLANs that are dedicated to Cisco WLC devices either click the Add New SSID VLAN button or click the pencil icon for an existing SSID VLAN A new page appears com...

Page 108: ... AirWave 7 1 User Guide Figure 52 Groups Cisco WLC Config WLANs Add New SSID VLAN General Tab Illustration Figure 53 Groups Cisco WLC Config WLANs Add New SSID VLAN Security Tab Illustration Figure 54 Groups Cisco WLC Config WLANs Add New SSID VLAN QoS Tab Illustration ...

Page 109: ...co WLC Config page and click WLANs Advanced AP Groups in the navigation pane at left This page displays the configured LWAPP APs Figure 56 illustrates this page Figure 56 Groups Cisco WLC Config WLANS Advanced AP Groups Page Illustration 2 To add a new LWAPP AP group click Yes in the AP Groups section Additional controls appear 3 Click the Add button to create a new LWAPP AP group To edit an exist...

Page 110: ...Navigation Configuring Wireless Parameters for Cisco Controllers This section illustrates the configuration of Wireless settings in support of Cisco WLC controllers The navigation for Wireless settings is illustrated in Figure 58 Figure 58 Groups Cisco WLC Config Wireless Navigation Illustration Configuring Security Parameters and Functions AWMS enables you to configure many security settings that...

Page 111: ...MS allows you to configure of SNMP and Syslog Server settings for Cisco WLC controllers Users should be able to configure up to four trap receivers on the Cisco WLC including the AMP IP that can be used in global groups To define SNMP and server settings navigate to the Groups Cisco WLC Config Management page illustrated in Figure 60 Figure 60 Groups Cisco WLC Config Management Navigation Illustra...

Page 112: ...Page Illustration 3 Define the settings on this page Table 71 describes the settings and default values Table 71 Groups PTMP WiMAX Fields and Default Values Setting Default Description Proxim MP 16 Section 3 5GHz WiMAX Channel Bandwidth 3 5GHz Sets the frequency used by the WiMAX devices in the group BSID 00 00 00 00 00 00 Defines the BSID used by the subscriber stations in the group To define the...

Page 113: ...nes the channel bandwidth used by the devices in this group Network Name Wireless Network Sets the Network name with a range of length supported from two to 32 alphanumeric characters Network Secret None Sets a shared password to authenticate clients to the network Table 72 PTMP WiMAX Configuring Packet Identification Rules Fields and Default Values Setting Default Description Name None Text field...

Page 114: ...net Priority Maximum 0 7 0 Identifies packets that meet a maximum priority Use VLAN ID No Identifies packets based on the VLAN ID VLAN ID positive integer 0 Specifies the VLAN that will be used to identify packets Use Source IP Address No Identifies packets based on source IP address Source IP address None Defines the source IP addresses that will be used to identify packets Use Destination IP Add...

Page 115: ...ber station class Scheduling Type Best Effort Drop down menu specifies the scheduling priority for the Service Flow Class There are two options as follows Best Effort Maximum sustained data rate and traffic priority Unsolicited Grant Service Maximum sustained data rate maximum latency and tolerable jitter Service Flow Direction Uplink Defines the direction of the service Maximum Sustained Data Rat...

Page 116: ... settings and default values Table 75 Groups Mesh Radio Settings General Fields and Default Values Setting Default Description Mesh Radio 4 9 5Ghz Drop down selects the radio that acts as the backhaul to the network Max Number of Mesh Links 6 Sets the maximum number of mesh links allowed on an AP This number includes the uplink to the portal as well as downlinks to other mesh APs Neighbor RSSI Smo...

Page 117: ... best uplink Maximum Hops to Portal 4 Set the maximum number of hops for the AP to reach the Portal AP RSSI Factor 5 Sets the factor associated with the RSSI values used when calculating the best path to the portal AP Higher factors will have more impact when deciding the best uplink Minimum RSSI Cutoff 10 Specifies the minimum RSSI needed to become a mesh neighbor Medium Occupancy Factor 5 Sets t...

Page 118: ...ction 1 Browse to the Groups MAC ACL configuration page Figure 66 illustrates this configuration page Figure 66 Groups MAC ACL Page Illustration 2 Select Yes on the Use MAC ACL drop down menu Enter all authorized MAC addresses separated by white spaces 3 Click Save when configurations are complete to retain these settings Click Save and Apply to retain these settings and push them to devices in th...

Page 119: ...are listed you must browse to the Device Setup Firmware configuration page to upload the firmware files to AWMS 3 Click Upgrade to apply firmware preferences to devices in the group Refer to the firmware upgrade help under APs Devices Manage configuration page for detailed help on Firmware job options 4 Click Save to save the firmware file as the desired version for the group 5 If you have opted t...

Page 120: ...m the Groups List page click Compare two groups Two drop down menus appear 2 Select the two groups to compare to each other in the drop down menus and click Compare The Compare page appears displaying some or many configuration categories Figure 68 illustrates this page Figure 68 Comparing Two Devices Groups on the Groups List Compare Page Partial View 3 Note the following factors when using the C...

Page 121: ...move all devices to other Groups before deleting a Group 4 Select the checkbox and click Delete Changing Multiple Group Configurations Perform the following steps to make any changes to an existing group s configuration 1 Browse to the Groups List configuration page 2 Click the Manage link the pencil icon for the group you wish to edit The Groups Basic configuration page appears 3 Select the field...

Page 122: ...s points unrelated to the typical AWMS group construct This utility provides the ability to delete simultaneously multiple devices migrate multiple devices to another group and or folder update credentials and optimize channels Perform these steps to modify multiple devices 1 To modify multiple devices navigate to one of the following pages APs Devices List APs Devices Up APs Devices Down APs Devi...

Page 123: ...to schedule the change for a time in the future Enter a start date and time in the scheduling field and select when the change should occur from the drop down menu one time is the default but you may select recurring options for many of the actions Scheduled jobs can be viewed and edited in the System Configuration Change Jobs tab 6 Using the neighbor lists AWMS is able to optimize channel selecti...

Page 124: ...urrent pre device desired settings Audit updates a number of the AP specific settings AWMS initially read off of the AP including channel power antenna settings and SSL certifications AWMS recommends using this setting if APs have been updated outside of AWMS Most settings on the APs Devices Manage configuration page are set to the values currently read off of the devices Reboot selected devices R...

Page 125: ...e a check box next to fields on the Basic Security SSIDs AAA Servers Radio Cisco WLC Config LWAPP APs PTMP WiMAX Proxim Mesh and MAC ACL tabs Figure 72 illustrates this configuration page Figure 72 Groups Basic Page for a Global Group When a global group configuration is pushed to subscriber groups all settings are static except for settings with the checkbox selected for fields with checkboxes se...

Page 126: ...he checkbox in the global group so it can be configured for each subscriber group The other four fields in the Basic section were not overridden so they are static fields that will be the same for each subscriber group These fields can be altered only on the global group Figure 74 Groups Basic Managed Illustration for a Subscriber Group If a global group has subscriber groups it cannot be changed ...

Page 127: ...is chapter SNMP HTTP scanning This is the primary method for AWMS to discover devices on your network and this discovery method contains four specific procedures The interface that configures this discovery method is the Device Setup Discovery page See SNMP HTTP Scanning on page 128 Cisco Discovery Protocol CDP AWMS enhances support for CDP by discovering a device s CDP neighbors See Enabling Cisc...

Page 128: ...in scan sets Defining a SNMP HTTP Scan Set explains how to create a scan set by combining networks and credentials when scanning for devices Running a Scan Set provides a procedure for running a scan set Figure 75 illustrates the Device Setup Discover page Figure 75 Device Setup Discover Page Illustration Adding Networks for SNMP HTTP Scanning The first step when enabling SNMP HTTP scanning for de...

Page 129: ... that you configure on the Device Setup Communications page Perform these steps to define scan credentials for SNMP HTTP scanning 1 Locate the Credentials section on the Device Setup Discover page This page displays scan sets networks and credentials that have been configured so far and allows you to define new elements for device scanning 2 To create a new scan credential click Add New Scan Crede...

Page 130: ...n page 130 Defining a SNMP HTTP Scan Set Once you have defined at least one network and one scan credential you can create a scan set that combines the two for device discovery Perform these steps to create a scan set 1 Locate the Scan Set area at the top of the Device Setup Discover page Figure 75 shown previously illustrates this page The Scan Set pane is illustrated in Figure 78 Figure 78 Devic...

Page 131: ... task Running a Scan Set on page 131 Running a Scan Set Once a scan has been defined on the Device Setup Discover page AWMS can now scan for devices Perform these steps 1 Browse to the Device Setup Discover page and locate the Discovery Execution area at the top of the page This section lists all scan sets that have been defined so far Figure 80 illustrates this page Note Scheduling an HTTP scan t...

Page 132: ...covered devices that the scan detected Figure 81 illustrates this page Table 79 Device Setup Discover Discovery Execution Fields Column Description Network Displays the network to be scanned Credentials Displays the credentials used in the scan Total APs Found Displays the total number of APs detected during the scan that AWMS can configure and monitor Total includes both APs that are currently be...

Page 133: ... Next To assign one or more devices to a group see Assigning Devices to AWMS from APs Devices New Page on page 134 To delete a device altogether from AWMS select the corresponding check box for each device and click Delete Aruba and some Cisco devices can also be added to an Aruba AP Group or an LWAPP AP Group when they are authorized ...

Page 134: ...mpares the device s current configuration settings with the Group configuration settings and automatically updates the device s configuration to match the Group policy If you place the device in Monitor read only mode AWMS compares the current configuration with the policy and displays any discrepancies on the APs Devices Audit page but does not change the configuration of the device Aruba recomme...

Page 135: ...s cannot be added to a Global Group groups designated as Global Groups cannot contain access points 3 Select either the Monitor only or the Manage read write radio button and click the Add button At this point you can navigate to the APs Devices List page and select the folder s to which you have assigned one or more devices to verify that your device has been properly assigned If you wish to assi...

Page 136: ... Devices with the Device Setup Add Page Adding Multiple Devices from a CSV File Adding Universal Devices Adding Devices with the Device Setup Add Page Manually adding devices from the Device Setup Add page to AWMS is an option for adding all device types You only need to select device vendor information from a drop down menu for Cisco and Aruba controllers and or APs and AWMS automatically finds a...

Page 137: ...to One NAT is enabled AMP communicates with the AP on a different address the IP address defined in the Device Communication area SNMP Port 161 Port AWMS uses to communicate with the AP using SNMP Community String Confirm Taken from the Device Setup Communication page Community string used to communicate with the AP NOTE The Community String should have RW Read Write capability SNMPv3 Username Tak...

Page 138: ...nt of any existing Cisco IOS based APs EnablePassword Confirm Taken from the Device Setup Communication page Password that allows AWMS to enter enable mode on the AP HTTP Username Password Taken from the Device Setup Communication page HTTP password used to manage the AP initially and to enable SNMP if desired NOTE Enter Intel if you are supporting new out of the box Intel APs Auth Password Taken ...

Page 139: ...ll add the information provided in the CSV file as it did before It will not override what you have specified in this file in any way The CSV list must contain the following columns IP Address SNMP Community String Name Type Auth Password SNMPv3 Auth Protocol Privacy Password SNMPv3 Username Telnet Username Telnet Password Enable Password SNMP Port You can download a CSV file and customize it as y...

Page 140: ...ng switches routers and access points whether or not they are supported devices Entering SNMP credentials is optional If no SNMP credentials are entered AWMS will provide ICMP monitoring of universal devices This allows you to monitor key elements of the wired network infrastructure including upstream switches RADIUS servers and other devices While AWMS can manage most leading brands and models of...

Page 141: ...rts MIB II interfaces and polls in out byte counts for up to two interfaces AWMS also monitors sysUptime Assigning Devices to the Ignored Page There are two ways a device can be assigned to the Ignored page from the APs Devices New page or from the APs Devices Manage page The advantage of having the device be designated in this way as in the case of a device that is temporarily down for a known re...

Page 142: ... discovery 2 To change the device parameters for a given device select the device with the corresponding checkbox and adjust group folder monitor and manage settings as desired 3 Click Add to add the device to AWMS so that it appears on the APs Devices New list Monitoring Devices This section discusses various device monitoring options and includes the following sections Viewing Device Monitoring ...

Page 143: ...r monitored by AWMS Using the drop down menu at the top of the Activity Area you can determine whether to view all devices or only the devices from a specified folder A lock icon in the Configuration column indicates that the device is in Monitor only mode Figure 89 illustrates this page Figure 89 APs Devices List partial split view accounts for horizontal scrolling ...

Page 144: ...tication Issues Figure 90 APs Devices List Alert Summary Section Illustration 4 You can view details and incidents by clicking the specific Alert Type The alert types and detailed information available for each are as follows AMP Alerts Clicking this link takes you to the AMP Alerts Summary page which cites detailed information for the current AMP Alerts Figure 91 illustrates this page Note Immedi...

Page 145: ...Incidents Summary page which cites all Helpdesk incidents and provides detailed information Helpdesk incidents are opened with the Helpdesk tab Note The Incidents portion of this Alert Summary table only increments the counter for incidents that are open and associated to an AP The incidents are based on the Top folder on the Groups Monitor page and on the Home Overview page Incidents that are not...

Page 146: ...on issues by type and all such issues listed in chronological sequence and by folder Figure 94 illustrates this page Figure 94 RADIUS Authentication Issues Summary Understanding the APs Devices Monitor Pages for All Device Types You can quickly go to any device s monitoring page once you navigate to its specific folder or group on the APs Devices List page by clicking its hyperlinked name in the D...

Page 147: ...the top displaying information such as monitoring configuration status serial number firmware version and so on as shown in Figure 96 Figure 96 Monitoring Page Top Level Data Common to All Device Types The alert summary events and audit log sections are also the same regardless of device type and these sections appear at the bottom of these pages a portion of which is shown in Figure 97 ...

Page 148: ... WLAN switches or thin or fat APs These differences are discussed in the sections that follow Monitoring Data Specific to Wireless Devices APs Devices Monitor for controllers and APs include a graph for users and bandwidth The controller graph lists the APs connected to it while the APs include a list of users it has connected When available a list of CDP and RF neighbors are also listed A sample ...

Page 149: ...iate update of all data except for rogue information Shows attempt status and last polling times Status Displays ability of AWMS to connect to the AP Up no issue means everything is working as it should Down SNMP get failed means AWMS can get to the device but not speak with it using SNMP Check the SNMP credentials AWMS is using the view secrets link on the APs Devices Manage page and verify SNMP ...

Page 150: ... of time the AP reports and is not based on any connectivity with AWMS LAN MAC Address Displays the MAC address of the Ethernet interface on the device Serial Displays the serial number of the device Radio Serial Displays the serial number of the radios in the device NOTE This field is not available for all APs Antenna Type Indicates internal or external radio For devices where antenna type is def...

Page 151: ...played Bandwidth Shows the bandwidth in and out reported by the device for a configurable period of time Bandwidth for controllers is the sum of the associated APs Checkboxes below the graph can be used to limit the data displayed CPU Utilization controllers only Reports overall CPU utilization not on a per CPU basis of the controller Memory Utilization controllers only Reports average used and fr...

Page 152: ...cryption or decryption cipher supporting the user when this information is available The client devices may all be similar but if the APs to which they are associated are of different models or if security is set up differently between them then different Auth Type or Cipher values may be reported to the AWMS server Auth Time Shows when the user authenticated Signal Quality Displays the average si...

Page 153: ...ry usage graphs as shown in Figure 99 Figure 99 APs Devices Monitor Page for Wired Devices All managed wired devices also include an Interfaces tab as shown in Figure 100 Table 86 APs Devices Monitor Recent Events Fields and Default Values Field Description Time Displays the day and time the event was recorded User Displays the user that triggered the event Configuration changes are logged as the ...

Page 154: ...rrows in Figure 100 above You can edit both monitoring and configuration settings this way Interface labels are used to group one or more interfaces for the purpose of defining interface bandwidth triggers For more information on interface bandwidth triggers see Monitoring and Supporting AWMS with the System Pages on page 249 on page 213 Understanding the APs Devices Interfaces Page Monitoring Dat...

Page 155: ...vidual Interface Operational Status Information Pane Bandwidth and various standard and enterprise specific error counting information is displayed in the lower pane in a tabbed graph as shown in Figure 103 Figure 103 Individual Interface Bandwidth and Error Counting Graph What Next All device monitoring pages act as portals to management pages if you have the proper read write privileges Clicking...

Page 156: ...l not be configured by AWMS 4 Verify the additional information in the Configuration column for that device A status of Good indicates that all of the device s current settings match the group policy settings and that no changes will be applied when the device is shifted to Manage mode A status of Mismatched indicates that at least one of the device s current configuration settings do not match th...

Page 157: ...trate this component Figure 105 APs Devices Up Page Example Folder views are persistent in AWMS If you select the Top folder and then click the Down link at the top of the page you are taken to all of the down devices in the folder If you want to see every down device click the Expand Folders to show all devices link When the folders are expanded you see all of the devices on AWMS that satisfy the...

Page 158: ...is not possible to push archived configurations to devices but archived configurations can be compared to the current configuration the desired configuration or to other archived configurations using the drop down menus on the APs Devices Audit page This applies to startup or to running configuration files Compare two configurations to highlight the specific lines that are mismatched The Audit pag...

Page 159: ...ges to the device immediately click Schedule to schedule the changes to occur during a specific maintenance window or click Cancel to return to the APs Devices Manage page 7 Some device configuration changes may require the device to reboot Use the Schedule function to schedule these changes to occur at a time when WLAN users will not be affected 8 To move multiple devices into managed mode at onc...

Page 160: ...uled for this AP they appear in a Scheduled Changes section at the top of the page above the other fields The linked name of the job takes you to the System Configuration Change Job Detail page for the job 2 Locate the General section this section provides general information about the APs current status Table 87 describes the fields information and settings ...

Page 161: ...iguring the AP Also displays a link to the Groups Template page This is only visible for APs that are being managed using templates Folder Displays the name of the folder containing the AP Also displays a link to the APs Devices List page for the folder Management Mode Displays the current management mode of the AP No changes are made to the AP when it is in Monitor Only mode AWMS pushes configura...

Page 162: ...lude the following Local H REAP Monitor Rogue Detector Sniffer Table 88 APs Devices Manage Settings Fields and Default Values Continued Setting Default Device Type Description Note For complete listing and discussion of settings applicable only to Aruba devices see the Aruba AirWave Wireless Management Suite Configuration Guide for this release Table 89 APs Devices Manage Page Illustration Additio...

Page 163: ...iption in Receive Antenna above Antenna Diversity Primary Only Intel 2011 Symbol 4131 Drop down menu provides the following options Full Diversity The AP receives information on the antenna with the best signal strength and quality The AP transmits on the antenna from which it last received information Primary Only The AP transmits and receives on the primary antenna only Secondary Only The AP tra...

Page 164: ...net page and ensure the AP stays online Customers typically use this option to temporarily disable wireless access in particular locations This setting can be scheduled at an AP Level or Group Level DHCP Yes All except Colubris If enabled the AP will be assigned a new IP address using DHCP If disabled the AP will use a static IP address For improved security and manageability Aruba recommends disa...

Page 165: ...te None Cisco IOS AWMS will read the SSL Certificate off of the AP when it comes UP in AWMS The information in this field will defines what will be used in place of certificate Extra IOS Commands None Cisco IOS Defines the lines that will replace the ap_include_1 variable in the IOS template This field allows for unique commands to be run on individual APs If you have any settings that are unique ...

Page 166: ...s shown in Figure 111 Figure 111 Import Interfaces for Refresh and Reload lower portion of page You can view details for each interface on a wired device from its individual interface page as well For a detailed explanation of the data available on each individual interface monitoring page see Understanding the APs Devices Interfaces Page on page 154 You can configure interface settings individual...

Page 167: ...ance depending on whether you are configuring a physical or virtual interface as shown in Figure 113 and Figure 114 Figure 113 Physical Interfaces Monitoring and Configuration Window Figure 114 Virtual Individual Interfaces Configuration Pane To configure interfaces as a group click the Edit Interfaces button above the Physical or Virtual Interfaces table that includes the interfaces you want to e...

Page 168: ... will have the option to make changes to the most commonly edited settings in batch mode as shown in Figure 116 Figure 116 Multiple Interface Edit UI AWMS assembles the entire running configuration using templates and your modifications to these pages For a more detailed discussion on the use of templates see Chapter 6 Creating and Using Templates on page 175 ...

Page 169: ...pre populated settings as well as revise or add to the Additional Commands fields to tailor the template configuration to the needs of your production environment For further details and assistance with settings configuration refer to your Cisco product documentation AWMS assembles the entire running configuration using templates and your modifications to these pages For a more detailed discussion...

Page 170: ...esents a confirmation window reminding you of all configuration changes that will be applied to the AP Click Confirm Edit to apply the changes to the AP immediately Schedule to schedule the changes to occur during a specific maintenance window or Cancel to return to the APs Devices Manage page Click Upgrade Firmware to upgrade the device s firmware Figure 119 illustrates this page and Table 91 des...

Page 171: ... drop down menu on the Device Setup Firmware Files page Job Name None Sets a user defined name for the upgrade job Aruba recommends using a meaningful and descriptive name Use safe flag for Cisco IOS firmware upgrade command No Enables or disables the safe flag when upgrading IOS APs The safe flag must be disabled on older APs for the firmware file to fit in flash memory Email Recipients None Disp...

Page 172: ...s in Table 92 3 If the SNMP Get Failed message appears click the APs Devices Manage tab to go to the management page for that device 4 If visible click the View device credentials link in the Device Communications area This displays the credentials AWMS is using unsuccessfully to communicate with the device This link can be removed from AWMS for security reasons by setting a flag in AWMS Only user...

Page 173: ... AP Credentials 5 If the credentials are incorrect return to the Device Communications area on the APs Devices Manage page Figure 122 illustrates this page Figure 122 APs Devices Manage Device Communication Section Illustration Note The View AP Credentials message may appear slightly different depending on the vendor and model Note The Device Communication area may appear slightly different depend...

Page 174: ...ing Adding and Managing Devices Dell PowerConnect W AirWave 7 1 User Guide 6 Enter the appropriate credentials and click Apply 7 Return to the APs Devices List page to see if the device appears with a Status of Up ...

Page 175: ...Group Templates Supported Device Templates Templates are helpful configuration tools that allow AWMS to manage virtually all device settings A template uses variables to adjust for minor configuration differences between devices The Groups Templates configuration page allows you to create configuration templates for the following types of devices Dell PowerConnect W Aruba Alcatel Lucent Cisco Airo...

Page 176: ...ver which may differ from one group to the next The AWMS template understands many variables including the following ap_include_1 through ap_include_10 channel hostname ip_address ofdmpower The variable settings correspond to device specific values on the APs Devices Manage configuration page for the specific AP that is getting configured Note Changes made on the other Group pages Radio Security V...

Page 177: ...ustrates the Groups Templates configuration page and Table 93 describes the information columns Figure 123 Groups Templates Page Illustration for a Sample Device Group Table 93 Groups Templates Fields and Default Values Setting Description Notes When applicable this section lists devices that are active on the network with no template available for the respective firmware Click the link from such ...

Page 178: ...f the template Fetch Date Sets the date that the template was originally fetched from a device Version Restriction Designates that the template only applies to APs running the version of firmware specified If the restriction is None then the template applies to all the devices of the specified type in the group If there are two templates that might apply to a device the template with the most rest...

Page 179: ...Dell PowerConnect W AirWave 7 1 User Guide Creating and Using Templates 179 Figure 124 Groups Templates Add Template Page Illustration ...

Page 180: ...mplate Firmware Version field Template firmware version None Designates that the template only applies to APs running the version of firmware specified Community String None If the template is updating the community strings on the AP enter the new community string AWMS should use here AWMS updates the credentials it is using to communicate to the device after the device has been managed Telnet SSH...

Page 181: ...t will be configured by this template 5 Select the model AP from the drop down list and click Fetch 6 AWMS automatically attempts to replace some values from the configuration of that AP with variables to enable AP specific options to be set on an AP by AP basis Refer to Using Template Syntax on page 183 These variables are always encapsulated between signs On the right side of the configuration p...

Page 182: ...and Apply button to push the configuration to all of the devices in the group If the devices are in monitor only mode which is recommended while you are crafting changes to a template or creating a new one then AWMS will audit the devices and compare their current configuration to the one defined in the template For example changing the SSID on Cisco IOS APs requires the AP to be rebooted Two othe...

Page 183: ...d in push_and_exclude are included in the AP startup config file but AWMS ignores them when verifying configurations Lines enclosed in ignore_and_do_not_push cause AWMS to ignore those lines during configuration verification Ignore_and_do_not_push Command The ignore and do not push directive should typically be used when a value cannot be configured on the device but always appears in the running ...

Page 184: ... syntax for conditional variables is as follows and syntax components are described in Table 95 if variable value endif Using Substitution Variables in Templates Substitution variables are used to set AP specific values on each AP in the group It is obviously not desirable to set the IP address hostname and channel to the same values on every AP within a Group The variables in Table 96 are substit...

Page 185: ...asis The list of used and available variables appears on the template detail configuration page Variables are always encapsulated between signs The following example illustrates this usage hostname hostname interface Dot11Radio0 power local cck CCK_POWER power local ofdm OFDM_POWER channel CHANNEL The hostname line sets the AP hostname to the hostname stored in AWMS Table 96 Substitution Variables...

Page 186: ...option is selected then AWMS instructs the AP to copy the configuration from AWMS to the startup config file of the AP and reboot the AP If the Reboot Devices after Configuration Changes option is not selected then AWMS instructs the AP to copy the configuration to the startup config file and then tell the AP to copy the startup config file to the running config file Dell recommends using the rebo...

Page 187: ...rrespond to the following lines in the APs configuration file username Cisco privilege 15 password 7 0802455D0A16 aaa authorization exec default local ip scp server enable The username line is a guideline and will vary based on the username being set in this case Cisco and the password and encoding type in this case 0802455D0A16 and 7 respectively These values can be set on a group wide level usin...

Page 188: ...ring General Templates on page 181 Configuring Symbol Controller HP WESM Templates This section describes the configuration of templates for Symbol controllers and HP WESM devices Symbol controllers RFS x000 5100 and 2000 can be configured in AWMS using templates AWMS supports Symbol thin AP firmware upgrades from the controller s manage page A sample running configuration file template is provide...

Page 189: ...precedence 10 spanning tree mst cisco interoperability enable spanning tree mst configuration name My Name ip dns server forward wwan auth type chap no bridge multiple spanning tree enable bridge forward country code us aap ipfilter list no port 3333 plz aap ipfilter list no port 3333 tcp plz deny tcp src start ip 0 0 0 0 src end ip 255 255 255 255 dst start ip 0 0 0 0 dst end ip 255 255 255 255 d...

Page 190: ...ge rate 18 endif A sample Symbol thin AP template is provided below for reference and for the formatting of if statements radio add radio_index lan_mac radio_type ap_type radio radio_index radio number radio_number radio radio_index description description if radio_type 11a radio radio_index speed basic6 9 basic12 18 basic24 36 48 54 radio radio_index antenna mode primary radio radio_index self he...

Page 191: ...s points in subscriber groups Such a template enables turning settings like group RADIUS servers and encryption keys into variables that can be configured on a per group basis Perform the following steps to create a global template or to view or edit an existing global template 1 Navigate to the Group Templates configuration page for the global group that owns it 2 Click the Add button to add a ne...

Page 192: ...ontain columns for Group Name and Variable Name All fields must be completed Group Name the name of the subscriber group that you wish to update Variable Name the name of the group template variable you wish to update Variable Value the value to set For example for a global template with a variable called ssid_1 the CSV file might resemble what follows Group Name ssid_1 Subscriber 1 Value 0 8 Once...

Page 193: ...g and Using Templates 193 For more information on using templates in AWMS see the previous section of this chapter It is also possible to create local templates in a subscriber group using global groups does not mean that global templates are mandatory ...

Page 194: ...194 Creating and Using Templates Dell PowerConnect W AirWave 7 1 User Guide ...

Page 195: ...es in your WLAN network in the following ways Over the Air Using your existing enterprise APs Aruba Alcatel Lucent Cisco WLC Symbol for example RF scanning using AirWave Management Client AMC Optional On the Wire Using HTTP and SNMP Scanning Polling routers and switches to identify classify and locate unknown APs Furthermore RAPIDS integrates with external intrusion detection systems IDS as follow...

Page 196: ...196 Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7 1 User Guide Figure 128 RAPIDS Overview tab ...

Page 197: ... Field displays events from the past two hours the past 24 hours and total IDS events Names of attacks link to summary pages with more details Rogue Data A summary of rogue device counts by RAPIDS classification in a color coded pie chart format and listed summary View additional details for rogue devices via the RAPIDS List page Operating System Detected operating systems represented in both a co...

Page 198: ...s Yes or is blank if wired information was not detected APs Hearing Displays the number of AP devices that have wirelessly detected the rogue device A designation of heard implies the device was heard over the air Location As with all List pages in AWMS the RAPIDS List page includes the Location column Click the location associated to the rogue device to view the VisualRF floor plan that includes ...

Page 199: ... with a fingerprint scan and this information may not always be available IP Address Displays the IP address of the rogue device The IP address data comes from fingerprint scans or ARP polling of routers and switches Last Discovering AP Displays the most recent AP to discover the rogue device The device name in this column is taken from the device name in the group Switch Router Displays the switc...

Page 200: ...f there is at least one discovering device that they can see The discovery events displayed are from APs that you can see on the network There may be additional discovery events that remain hidden Each rogue device typically has multiple discovery methods all of which are listed As you work through the rogue devices use the Name and Notes fields to identify the AP and document its location Note Th...

Page 201: ...Such devices do not trigger alerts and do not display on lists of rogue devices To display ignored rogue devices perform the following steps 1 From the RAPIDS List page click View Ignored Rogues at the bottom left of the page to launch the Ignored Rogues page 2 From the Minimum Classification drop down menu select the type of ignored rogue devices to display Table 98 explains the fields on this pa...

Page 202: ...n For example the switch router information port or IP address are found only through switch or router polling Furthermore RSSI signal channel SSID WEP or network type information only appear through wireless scanning Such information can vary according to the device type that performs the scan Table 100 RAPIDS Setup Classification Options Field Default Description Acknowledge Rogues by Default No...

Page 203: ...ote AP that discovers them Enabling this option causes AWMS to drop all rogue discovery information coming from Remote APs Table 101 RAPIDS Setup Filtering Options Field Default Description Note WMS Offload is not required to manage containment in AMP Table 102 RAPIDS Setup Containment Options Field Default Description Manage Rogue AP Containment Yes Rogue APs on Cisco WLC and Aruba controllers as...

Page 204: ...t status information as shown in Figure 134 Figure 134 Rogue Containment Status Page Additional Settings Additional RAPIDS settings such as role filtering and performance tuning are available in the following locations Use the AMP Setup Roles Add Edit Role Page to define the ability to use RAPIDS by user role Refer to Creating AWMS User Roles on page 50 Use the AMP Setup General Performance Tuning...

Page 205: ...ormation to the RAPIDS classification engine RAPIDS classifications and controller classifications are separate and often are not synchronized The following table compares how default classification may differ between AWMS and ArubaOS for scenarios involving WMS Offload For additional information about WMS Offload refer to the Aruba Practices Guide Device OUI Score The Organizationally Unique Iden...

Page 206: ...e RAPIDS Rules page Figure 135 Table 105 defines the content of the RAPIDS Rules page Figure 135 RAPIDS Rules Page Illustration Score of 2 Indicates any device in which the OUI belongs to a manufacturer that produces wireless 802 11 equipment Score of 3 Indicates that the OUI matches a block that contains APs from vendors in the Enterprise and SOHO market Score of 4 Indicates that the OUI matches ...

Page 207: ... the sequence of rules in relation to each other Click then drag and drop the icon for any rule to move it up or down in relation to other rules A revised sequence of rules must be saved before rogues are classified in the revised sequence NOTE The sequence of rules is very important to proper rogue classification A device gets classified by the first rule to which it complies even if it conforms ...

Page 208: ... regular expression NOTE For SSID matching functions AWMS processes only alpha numeric characters and the asterisk wildcard character AWMS ignores all other non alpha numeric characters For example the string of ethersphere matches the SSID of ethersphere wpa2 but also the SSID of ethersphere_this_is_an_example without any dashes Table 107 Wireline Properties Drop Down Menu Option Description Dete...

Page 209: ...ned by the fields OUI Score Rogue matches manufacturer OUI criteria You can specify minimum and maximum OUI score settings from two drop down lists Click remove to remove one or both criteria as desired Operating System Rogue matches OS criteria Specify matching or non matching OS criteria as prompted by the fields Table 108 Wireless Wireline Properties Drop Down Menu Option Description Manufactur...

Page 210: ...d Hoc devices that are broadcasting your SSID If this happens too frequently you can restrict the rule to apply to non ad hoc devices If More Than Four APs Have Discovered a Device Then Classify as Rogue By default AWMS tries to use Signal Strength to determine if a device is on your premises Hearing device count is another metric that can be used The important concept in this scenario is that leg...

Page 211: ...a score and select the desired score Once the new score has been saved all detected devices with that prefix receive the new score 4 Click Add to create the new override or click Save to retain changes to an existing override The new or revised override appears on the RAPIDS Score Override page 5 To remove any override select that override in the checkbox and click Delete Note Note that rescoring ...

Page 212: ...ts that are associated with rogue devices follow the classification based system described in this chapter For additional information about triggers that support rogue device detection see to Monitoring and Supporting AWMS with the System Pages on page 249 Reports The Rogue Devices Report displays summary and detail information about all rogues first discovered in a given time period For more info...

Page 213: ...grading AWMS on page 256 Backing Up AWMS on page 256 Monitoring and Supporting AWMS with the System Pages on page 249 Overview of Triggers and Alerts This section describes triggers and alerts and contain the following topics Overview of Triggers and Alerts Viewing Triggers Creating New Triggers Delivering Triggered Alerts Viewing Alerts Responding to Alerts AWMS monitors key aspects of wireless L...

Page 214: ...re new triggers These steps define settings that are required for any type of trigger 1 To create a new trigger click the Add New Trigger button from the System Triggers page AWMS launches the Trigger Detail page illustrated in Figure 141 Figure 141 System Trigger Detail Page Illustration 2 Configure the Trigger Restrictions and Alert Notifications This configuration is consistent regardless of th...

Page 215: ...ption NOTE If the trigger is restricted by folder and group it only applies to the intersection of the two it only applies to APs in the group and in the folder Include Subfolders Sets the trigger to apply to all devices in the specified folder and all of the devices in folders under the specified folder Group Sets the trigger to apply only to APs Devices in the specified group NOTE If the trigger...

Page 216: ...ng procedures for each trigger Setting Triggers for Devices on page 216 Setting Triggers for Radios on page 218 Setting Triggers for Discovery on page 220 Setting Triggers for Users on page 221 Setting Triggers for RADIUS Authentication Issues on page 222 Setting Triggers for IDS Events on page 223 Setting Triggers for AWMS Health on page 225 Setting Triggers for Devices After completing steps 1 3...

Page 217: ... establish the type that a device is or is not Multiple conditions can apply to this type of trigger Configuration Mismatch This trigger type activates when the actual configuration on the AP does not match the defined Group configuration policy To set the conditions for this trigger type click Add in the Conditions section Complete the conditions with the Option Condition and Value drop down menu...

Page 218: ...total bandwidth through the AP has exceeded a predefined threshold for more than a specified period in seconds such as more than 1500 kbps for more than 120 seconds You can also select bandwidth direction and page radio Selecting Device Bandwidth as the trigger type displays the following new fields in the Type section Define these settings Figure 144 Trigger Type Section for Device Bandwidth Type...

Page 219: ...a complete list of parameters Click Add New Trigger Condition to access these settings Define at least one condition for this trigger type Selecting this trigger type displays a new Duration setting Define the Duration which can be expressed as hours minutes seconds or a combination of these 802 11 QoS Counters This trigger type enables monitoring of Quality of Service QoS parameters on the networ...

Page 220: ...owing example illustrates the Add Condition section for a New Devices Discovered trigger Figure 147 Sample of Condition for New Device Discovered Trigger Type New Rogue Device Detected This trigger type indicates that a device has been discovered with the specified Rogue Score Ad hoc devices can be excluded automatically from this trigger by selecting the Yes button See Using RAPIDS and Rogue Clas...

Page 221: ...ion of user related triggers a If you have not already done so choose a trigger type from the Users category listed in the Type drop down menu See Figure 142 Table 115 itemizes and describes the User related trigger types and condition settings for each discovery trigger type Table 115 User Trigger Types and Condition Settings User Trigger Option Description New User This trigger type indicates wh...

Page 222: ...od in seconds such as more than 1500 kbps for more than 120 seconds Once you choose this trigger type click Add New Trigger Condition to specify the bandwidth characteristics that triggers an alert You can apply multiple conditions to this type of trigger The Option drop down menu provides these options Bandwidth kbps Combined Bandwidth kbps in Bandwidth kbps out The Condition drop down menu provi...

Page 223: ...Triggers on page 214 to create a new trigger Setting Triggers for IDS Events After completing steps 1 3 in Creating New Triggers on page 214 perform the following steps to complete the configuration of Intrusion Detection System IDS related triggers a If you have not already done so choose the Device IDS Events trigger type from the drop down Type menu See Figure 142 Table 117 describes condition ...

Page 224: ... to remove and click Delete e Repeat this procedure for as many triggers and conditions as desired Refer to the start of Creating New Triggers on page 214 to create a new trigger Table 117 Device IDS Events Authentication Trigger Types and Condition Settings IDS Trigger Options Description Device IDS Events This trigger type is based on the number of IDS events has exceeded the threshold specified...

Page 225: ...d Refer to the start of Creating New Triggers on page 214 to create a new trigger Delivering Triggered Alerts AWMS uses Postfix to deliver alerts and reports via email because it provides a high level of security and queues email locally until delivery If AWMS is located behind a firewall preventing it from sending email directly to a specified recipient use the following procedures to forward ema...

Page 226: ... Helpdesk Incidents page RADIUS Authentication Issues Displays RADIUS related alerts for devices in the top viewable folder available to the AWMS user The detailed list displays the MAC address username AP radio controller RADIUS server and time of each event Alerts can be sorted by any column 2 The second way to display and process alerts is to use the Alerts and Severe Alerts counters in the Sta...

Page 227: ...st alert is recognized Move the alert to the Alert Log by selecting the alert and clicking the Acknowledge button at the bottom of the page You may see all logged alerts by clicking the View logged alerts link at the top of the System Alerts page Click the New Alerts link to return to the list of new alerts Delete the alert by selecting the alert from the list and clicking the Delete button at the...

Page 228: ... all users of which AWMS is aware with related information Non active users are listed in gray text For a description of the information supported on this page refer to Monitoring WLAN Users With the Users Connected and Users All Pages on page 229 Users Guest Users Displays all guest users in AWMS and allows you to create edit or delete guest users See Supporting Guest WLAN Users With the Users Gu...

Page 229: ...custom view options You can expand bandwidth to include custom view options You can display all users a specific number of users per page or another custom setting The Alerts section displays custom configured alerts that were defined in the System Alerts page AWMS enhances the Users Connection page to include SSID information for users This enhancement applies to additional graph based pages in A...

Page 230: ...hich the user is connected Ch BW Displays the channel bandwidth that currently supports the user User Radio Mode Displays the Radio mode used by the user to associate to the AP It will display 802 11a b g bg 802 11bg is reported when the AP does not provide AWMS with enough information to determine the exact radio type Association Time Displays the first time AWMS recorded the MAC address as being...

Page 231: ...stration 2 Next navigate to the AMP Setup Users page and create a new user with the role that was just created for Guest Access Sponsors Figure 159 illustrates this page Figure 159 AMP Setup Users Page Illustration 3 The newly created login information should be provided to the person or people who will be responsible for creating guest access users Anyone with an Admin role can also create guest ...

Page 232: ...les or disables the user status Set the status of the guest user as active enabled or expired disabled Configure the user on the Guest User edit page by clicking the pencil icon Email Displays the optional email address of the user Set the email address with the Guest User edit page by clicking the pencil icon Company Name Displays the optional company name for the user Set the company name with t...

Page 233: ...tery and transmit signals autonomously and passive tags have no battery RFID tags often support additional and proprietary innovations that improve network integration battery life and other functions The Users Tags page displays a list of wireless tags such as Aeroscout PanGo and Newbury that are heard by thin APs and reported back to a controller that AWMS monitors AWMS displays the information ...

Page 234: ...om the navigation pane Figure 163 illustrates the contents of Users User Details page This page provides information for the wireless device signal quality and bandwidth consumption This page also provides an AP association history and current association status Finally when VisualRF is licensed and enabled this page provides a graphical map of the user location and facility information If you hav...

Page 235: ...ics Page Introduction and Overview of the Diagnostics Page The Users Diagnostics page is a focused sub menu that becomes visible when you select user specific information Access the Users Diagnostics page in one of the following ways Click the MAC Address for a specific user from one of the following pages Users Connected Users All You can search for a user and click the associated MAC address fro...

Page 236: ...h consumption for all users on a given AP not strictly the user who reports an issue Unauthenticated User This section conveys the user s current authentication status and the actual authentication type If a network deploys RADIUS authentication then the RADIUS server could be experiencing issues even if a user attempts to log in with valid authentication credentials but shows as Unauthenticated o...

Page 237: ...assign the best available channel to the AP 1 Log in to your AWMS 2 From the AP Devices List page click the Modify Devices link 3 Select the APs that are running into channel interference problems by checking the corresponding box for each Several new settings appear below the device list by which to configure these devices NOTE Toward the bottom of this section click Optimize for the Optimize cha...

Page 238: ... a Cisco device from the APs Devices List page and on the Monitor page for that device click Statistics The ensuing page displays the 802 11 Counters Summary table which summarizes counters on the AP level Scroll down on this page to convey additional information from which the counters summary on the Diagnostics page is derived Some of the sections on the Statistics page only populate when there ...

Page 239: ...n also send email or NMS notifications about the event See Monitoring and Supporting AWMS with the System Pages on page 249 The Master Console also contains an optional Public Portal which allows any user to view basic group level data for each managed AWMS This feature is disabled by default for security reasons no AWMS or Master Console login is required to view the public portal It can be enabl...

Page 240: ...oups SSIDs page override options are available only on the Add page navigate to the Groups SSIDs page and click the Add button Once global groups have been configured on the Master Console groups must be created or configured on the managed AMPs to subscribe to a particular Global Group It will take several minutes for changes to global groups on the Master Console to be pushed to the managed AMPs...

Page 241: ...the Home Overview Page on page 241 The Home Search page provides a simple way to find users and managed devices AWMS enhances searching by adding an ability to search for rogue devices by multiple criteria Refer to Searching AWMS with the Home Search Page on page 246 The Home Documentation page provides easy access to all relevant AWMS documentation See Accessing AWMS Documentation with the Home D...

Page 242: ...242 Performing Daily Administration in AWMS Dell PowerConnect W AirWave 7 1 User Guide Figure 170 Home Overview Page Illustration ...

Page 243: ...usted To remove bandwidth in or out from the graphical display clear the check box for In or Out To display details for specific devices click Show All and select the devices to be included in the graphical bandwidth summary chart Monitoring Status This Monitoring Status chart displays the percentage of devices that are up and down on the network This chart covers 100 of the known devices on the n...

Page 244: ...ion for any or all of them Use the Groups pages to edit add or delete groups that appear in this section See Configuring and Using Device Groups in AWMS on page 79 View latest reports AWMS supports 13 reports enabling you to generate custom reports or to display the latest daily version of any report Click any report type to display the daily version See Creating Running and Emailing Reports on pa...

Page 245: ...ame Displays a user definable name for AWMS maximum 20 characters The System Name can be configured from the AMP Setup General page Organization Displays the organization listed on your license key Hostname Displays the DNS name assigned to AWMS IP Address Displays the static IP address assigned to AWMS The IP Address can be configured from the AMP Setup Networking page Current Time Displays the c...

Page 246: ...rial number LAN MAC radio MAC and apparent IP address of all the APs as well as the client MAC VPN user User LAN IP and VPN IP fields Figure 172 illustrates this page Figure 172 Home Search Page Illustration with Sample Hits on 00 1 Enter the keyword or text with which to search If searching for a MAC address enter it in colon delimited format 2 Click Search and the results display after a short m...

Page 247: ...ns for a given search APs Devices Users Rogues Tags Folder Group Accessing AWMS Documentation with the Home Documentation Page The Home Documentation page provides easy access to all relevant AWMS documentation All of the documents on the Home Documentation page are hosted locally by AWMS and can be viewed by any PDF viewer Figure 173 illustrates this page Figure 173 Home Documentation Page Illust...

Page 248: ...into AWMS This page includes the authentication type local user or TACACS and access level This page also provides the user with the ability to customize some of the information displayed in AWMS and change their password To create new users navigate to the AMP Setup Users page and refer to Creating AWMS Users on page 48 Users can customize the information displayed in the AWMS header Figure 174 H...

Page 249: ... 253 Table 127 Home User Info Fields Field Description Customize Header columns Enables disables the ability to control which statistics hyperlinks are displayed at the top of every AWMS screen Stats Select the specific data you would like to see in the header Severe Alert Threshold Configures the minimum severity of an alert to be included in the Severe Alerts count Note The severe alerts count h...

Page 250: ...rWave 7 1 User Guide System Performance Displays basic AWMS hardware information as well as resource usage over time Refer to Using the System Performance Page on page 254 System Firmware Upgrade Jobs Displays information about current and scheduled firmware upgrades ...

Page 251: ...restart the AWMS services without power cycling the server or reloading the OS Figure 175 illustrates this page Figure 175 System Status Page Illustration The link diagnostics tar gz downloads a tar file that contains reports and logs that are helpful to AirWave support in troubleshooting and solving problems AirWave support may request that you submit this file along with other logs that are link...

Page 252: ...page components Figure 176 System Event Logs Page Illustration Table 128 Status Log Log Description pgsql Logs database activity ssl_error_log Reports problems with the web server This report is also linked from the internal server error page that displays on the web page please send this log to AirWave support whenever reporting an internal server error maillog Applies in cases where emailed repo...

Page 253: ...e job using the Delete button or cancel the job edit by clicking the Cancel button 2 Click the linked AP or group name under the Subject column to go to the monitoring page of the AP or group 3 Click the linked group and folder names under Folder or Group to go to the AP s folder or group page 4 Scheduled configuration change jobs will also appear on the Manage page for an AP or the Monitoring pag...

Page 254: ... health of AWMS over time Figure 178 illustrates this page and Table 130 describes fields and information displayed Figure 178 System Performance Page Illustration Partial Screen Shown Table 130 System Performance Page Fields Field Description CPU s Basic CPU information as reported by Linux Memory The amount of physical RAM and Swap space seen by the operating system AWMS requires a minimum of 1 ...

Page 255: ... as well as the amount that was idle Application CPU Usage CPU usage broken down by application AWMS services includes all AWMS processes except the database and the webserver I O Throughput Displays reads and writes for workers AMP services database VisualRF web server RRD tool and AWRRD tool and for services AMP VisualRF and web server CPU Utilization Displays reads and writes for workers AMPser...

Page 256: ...mp_upgrade v x x x The start_amp_upgrade script will check the root directory for the latest update If the update is not found the script will attempt to download it from the AirWave support page The script will then extract the version specific upgrade script The version specific script will deploy all needed files update the database perform any data migrations and restart the AWMS services Back...

Page 257: ...cedure 1 Use your AWMS Installation CD to build a new machine The new machine must be running the same version as the AWMS that created the backup file 2 Copy the nightly_data00 1 4 tar gz file to the new AWMS The tmp directory is an appropriate destination A good open source Windows file transfer client that supports SFTP and SCP for is WinSCP which is available from http winscp sourceforge net e...

Page 258: ...nloads Once the Failover AWMS determines that the Watched AWMS is not up based on the user defined missed poll threshold it will restore the data backup of the Watched AWMS and begin monitoring the watched AMP APs Devices There are many variables that affect how long this will take including how long client historical data is being retained but for an AWMS with 1000 APs it might take up to 10 minu...

Page 259: ...ailover AWMS needs HTTPS access to the watched AMPs Username None A username with management rights on the watched AWMS Password None The password for the username with management rights specified above HTTP Timeout 5 1000 Sec 60 The amount of time before AWMS considers a polling attempt failed Polling Enabled Yes Enables or disables polling of the Watched AWMS NOTE You do not need to disable poll...

Page 260: ...260 Performing Daily Administration in AWMS Dell PowerConnect W AirWave 7 1 User Guide ...

Page 261: ...network monitoring on multiple levels Among their benefits reports provide an interface for multiple configurations allowing you to act upon information in the reports You can generate an export a wide variety of reports in AMP AWMS reports have the following general parameters AWMS runs daily versions of all reports during predefined windows of time All reports can be scheduled so that they run i...

Page 262: ...min users displays additional reports that have been scheduled for other roles This section of the page adds the Role column and other columns are the same Each pane includes a Latest Reports table with the most recently run reports for each definition and role created Run and Delete buttons allow you to select a report from the definitions table to run or delete Once you define a custom report fr...

Page 263: ...s a field for entering report title and dropdown menu shown in Figure 181 displaying all possible report types Report Restrictions Displays dynamic fields that include spaces for selecting attributes and entering data relevant to your selected report type scope such as groups folders SSID Device Search filter report start and end times Scheduling Options Reveals options for one time or regularly s...

Page 264: ... viewing options By default the reports on the Reports Generated page are sorted by Generation Time You can sort reports by any other category column header in sequential or reverse sequential order Click a report title to view details for each scheduled report Click Add to create new generated reports Generated reports are scheduled and custom configurable Scroll to the bottom of the Reports Gene...

Page 265: ...ons pane on the right The order of the data in the Selected Options section is the order that it will appear in the report The data can be reordered by dragging an item up or down the list Table 134 Report Definition Page Fields and Descriptions Field Description Generated Time Displays the date and time of the last time the report was run or when the latest report is available Clicking the link i...

Page 266: ...ate and describe the contents of the Capacity Planning Report Figure 185 AWMS Capacity Planning Report Page split view Table 135 Capacity Planning Report Fields and Contents Top Portion Field Description Device Displays the device type or name Interface Displays the type of 802 11 wireless service supported by the device Group Displays the device group with which the device is associated Folder Di...

Page 267: ...play pages 3 You can display device specific configuration to reduce report size and to focus on a specific device When viewing configured devices on the Detail page click a device in the Name column The device specific configuration appears 4 You can create or assign a template for a given device from the Detail page Click Add a Template when viewing device specific configuration information 5 Yo...

Page 268: ...ery device on the network Clicking a given device name in this column allows you to display device specific configuration Folder Displays the folder in which the device is configured in AWMS Clicking the folder name in this report displays the APs Devices List page for additional device folder and configuration options Group Displays the group with which any given device associates Clicking the gr...

Page 269: ...u can specify a location and then sort the Devices list by the Location column to see details by location or you can see all of the APs associated with a particular controller by sorting on the controller column If the AP name contains information about the location of the AP you can sort by AP name If sorting the Devices list does not provide you with sufficient detail you can specify a Group or ...

Page 270: ...devices for any category and these are listed in sequential or reverse sequential order AP Device Displays the name of the device which can be a MAC address or other identifier Number of Users Displays the number of users associated with each device Max Simultaneous Users Displays the maximum number of users that were active on the associated device during the period of time that the report covers...

Page 271: ...dentified as needing attention or can be proven to have superior performance when using this report Perform these steps to view the most recent version of the Device Uptime report 1 Navigate to the Reports Generated page 2 Scroll to the bottom and click Device Uptime Report to display report Detail information 3 To generate more reports of this type that cover a greater span of time refer to Repor...

Page 272: ...e steps to view the most recent version of the IDS Events report Table 138 Reports Generated Device Uptime Report Fields and Descriptions Field Description Device Displays the name of the device Group Displays the name of the device s group Folder Displays the folder to which the device belongs SSID Displays the Service Set Identifier SSID set on the device SNMP Uptime Displays the percentage of t...

Page 273: ...DS Events Detail Fields Field Description AP This column lists the AP devices for which IDS events have occurred in the prior 24 hours and provides a link to the APs Devices Monitor page for each Total Events This column cites the total number of IDS events for each device that has experienced them during the prior 24 hour period First Event This column cites the first IDS event in the prior 24 ho...

Page 274: ...tion by clicking the device name IP address MAC Address Group Folder or associated controller links Figure 190 Reports Generated Inventory Report Illustration Split View Using the Memory and CPU Usage Report The Memory and CPU Usage Report displays the top memory usage by device and CPU usage on the network by device The usage for any given resource whether CPU or RAM usage is listed as a percenta...

Page 275: ...tail information 3 The Detail page allows you to view device or other information by clicking the device name IP address MAC Address Group Folder or associated controller links Figure 191 illustrates the Reports Generated Daily Memory and CPU Usage Detail page Figure 191 Reports Generated Daily Memory and CPU Usage Report Illustration Contents Rearranged for Space ...

Page 276: ...s Number of users by time period average bandwidth in and out Perform these steps to view the most recent version of the Network Usage Report 1 Navigate to the Reports Generated page 2 Scroll to the bottom and click Network Usage to display report Detail information 3 The Detail page allows you to view bandwidth and device usage in three sections illustrated below Figure 192 illustrates the Report...

Page 277: ... only wirelessly with extensive device parameters and hyperlink interoperability to additional AWMS pages Detailed and text based table of all rogue devices supporting all discovery methods with extensive device parameters and hyperlink interoperability to additional AWMS pages Detailed and text based table of discovery events pertaining to the discovery of rogue devices with extensive parameters ...

Page 278: ...278 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 1 User Guide Figure 193 Reports Generated New Rogue Devices Report Illustration Top Half of Report ...

Page 279: ... Using RAPIDS and Rogue Classification on page 195 for additional information Threat Level Displays the numeric threat level by which the device has been classified according to rules defined on the RAPIDS Rules page Refer to Using RAPIDS and Rogue Classification on page 195 for additional information Ack Displays whether the device has been acknowledged with the network First Discovered Displays ...

Page 280: ...e rogue device when known SSID Displays the SSID for the rogue device when known Network Type Displays the network type on which the rogue was detected when known Channel Displays the wireless RF channel on which the rogue device was detected WEP Displays Wired Equivalent Privacy WEP encryption usage when known RSSI Displays Received Signal Strength RSSI information for radio signal strength when ...

Page 281: ...pliance Report that is viewable on the Reports Generated page Perform these steps to view the most recent version of the PCI Compliance Report 1 Verify that AWMS is enabled to monitor compliance with PCI requirements as described in the Enabling or Disabling PCI Auditing on page 76 2 Navigate to the Reports Generated page 3 Scroll to the bottom and click PCI Compliance to display Detail informatio...

Page 282: ...e Report You can generate a wide array of port usage statistics from the Port Usage Report feature including each of the following List of all the switches and ports in your network by folder List of unused ports List of access and distribution ports Histogram displaying unused ports vs unused switches by type access or distribution List of most used switches List of most used ports Perform these ...

Page 283: ...rt Usage Report to display report Detail information 3 The Detail page allows you to view all the information you selected from the Port Usage area of the Reports Definitions page A sample of the types of information you might choose to generate in a Port Usage Report appears in Figure 198 Figure 198 Reports Generated Port Usage Report Detail Page partial view ...

Page 284: ...tom and click RADIUS Authentication Issues Report to display report Detail information 3 The Detail page allows you to view information for RADIUS issues that have appeared on the network during the time period defined for the report Figure 199 illustrates the fields and information in the RADIUS Authentication Issues Report Figure 199 Reports Generated RADIUS Authentication Issues Detail Page Ill...

Page 285: ...hat includes all of the following Connection Mode wired wireless or both depending on how report definition is created SSID Role VLAN Cipher Summary Summary Sessions User Perform these steps to view the most recent version of the User Session Report 1 Navigate to the Reports Generated page 2 Scroll to the bottom and click User Session Report to display report Detail information 3 The Detail page a...

Page 286: ...286 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 1 User Guide Figure 201 User Session Detail Connection Mode Information Figure 202 User Session Detail SSID Information ...

Page 287: ...ect W AirWave 7 1 User Guide Creating Running and Emailing Reports 287 Figure 203 User Session Detail Role Information Figure 204 User Session Detail VLAN Information Figure 205 User Session Detail Cipher Information ...

Page 288: ...288 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 1 User Guide Figure 206 Summary and User Information partial view ...

Page 289: ...eport Definitions Add Page Fields Field Default Description Title Empty Enter a Report Title Aruba recommends using a title that is a meaningful and descriptive so it may be found easily on the lists of reports that appear on either Generated or Definitions pages Type Capacity Choose the type of report you wish to create in the Report Type drop down menu Group All Groups Specify the groups and fol...

Page 290: ...ort Start and Report End fields as these define the period of time to be covered by the report These Schedule fields establish the time that a report runs independent of report scope Current Local Time Displays for reference the time of the AWMS system Desired Start Date Time Sets the time the report runs which may often be separate from the time period covered by the report This allows you to run...

Page 291: ...Yes Yes Tracks bandwidth capacity and consumption according to thresholds for data throughput This is a device oriented report Using the Configuration Audit Report No Yes Provides a snapshot of the configuration of all specified access points in AWMS at report run time Using the Device Summary Report Yes Yes Summarizes user and bandwidth statistics and lists devices in AWMS Using the Device Uptime...

Page 292: ...email directly to the specified recipient use the following procedure to forward email to a smarthost 1 Add the following line to etc postfix main cf relayhost mail Aruba com Where mail Aruba com is the IP address or hostname of your smarthost 2 Run service postfix restart 3 Send a test message to an email address Mail v xxx xxx com Subject test mail CC 4 Press Enter 5 Check the mail log to ensure...

Page 293: ...ou for a location on which it can save the zip CSV files 3 In your browser click File Save As Define the filename and location select Web Page Complete as the file type then click Save A brief Save Webpage status box appears to display the saving process Allow the process sufficient time particularly for reports that contain many links or large graphics If you are downloading a zip file you only n...

Page 294: ...294 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 1 User Guide ...

Page 295: ...nal features described in this chapter The Helpdesk tab appears to the right of the Home tab Users with an Admin role have the Helpdesk option enabled by default Admin users can make the Helpdesk available to users of any role by selecting the enabled radio button on the role detail page To edit existing roles click the pencil icon next to a role on the AWMS Setup Roles page The AWMS Helpdesk allo...

Page 296: ...ents according to the person who created them Finally the Helpdesk Incidents page allows you to add or delete incidents The table at the bottom of the page as described in Table 145 below summarizes the incidents that have been reported thus far and which AWMS has not yet purged Use the AWMS Setup General page and the Historical Data Retention page Using the Closed Helpdesk Incidents field set the...

Page 297: ...dent is created State The current state of the incident this can be either open or closed The drop down menu at the top of the column can be used to show only open or closed incidents The default is to show incidents of both states Opened By Displays the username of the AWMS user who opened the incident Helpdesk can be made available to users of any role by selecting the enabled radio button on th...

Page 298: ...cking the snapshot description opens a popup window to display the screenshot Figure 212 illustrates these GUI tools Note The Incidents portion of the Alert Summary table on other AWMS pages only increments the counter for incidents that are open and associated to an AP This field displays incidents based on folder which is the Top folder on this page and on the Home Overview page Incidents that a...

Page 299: ...h no changes to the web service definitions To use the Helpdesk tab with a Remedy server first navigate to the Helpdesk Setup page In the BMC Remedy Setup area click the Yes button to enable Remedy This launches a set of fields for information about the Remedy server Once enabled to use Remedy the Helpdesk header icons work in the same way for a Remedy configured Helpdesk as they do for the defaul...

Page 300: ...ear only when Remedy is enabled Middle Tier Host The location of the Remedy installation s web server Port The port for the HTTP interface with the web server this is likely 8080 but there is no default value in AWMS SOAP URL Gateway for web services on Remedy s middle tier host This is usually arsys services ARService but there is no default value in AWMS Server The location of the backend server...

Page 301: ...ver snapshots are only stored locally on the AWMS server they are not pushed to the Remedy server Assignee Assigned by Remedy installation cannot be changed in AWMS Urgency Displays the urgency level as chosen by the AWMS or Remedy User 1 Critical 2 High 3 Medium 4 Low Table 150 Helpdesk Incidents Add a New Remedy Incident Fields Field Description Customer First and Last Name These must match exac...

Page 302: ...302 Using the AWMS Helpdesk Dell PowerConnect W AirWave 7 1 User Guide ...

Page 303: ...e GPG key The GPG key is used to validate the authenticity of all packages downloaded by Yum 2 To install the GPG key type rpm import etc pki rpm gpg RPM GPG KEY CentOS 5 If the key was not manually installed before Yum is run for the first time the user will be prompted to install and accept a new key 3 To run Yum manually log in to the AWMS console and type yum update and press Enter If the pack...

Page 304: ...304 Package Management for AWMS Dell PowerConnect W AirWave 7 1 User Guide ...

Page 305: ...ers External Accounting Servers page 3 Select External RADIUS Accounting from the Create drop down list 4 Click Enable server onscreen 5 Enter the user definable Name for the AWMS server 6 Enter the Server IP Address or DNS entry for AWMS 7 Accept the default Port setting of 1813 8 Enter the Shared Secret matching the AWMS shared secret 9 Enter Notes optional 10 Click the Save button 11 If you are...

Page 306: ...in Integrating a RADIUS Accounting Server on page 65 Example Network Configuration In this example the APs are connected to the Access Controller The Access Controller routes wireless user traffic to the Employee Network while bridging AP management traffic Each AP is presumed to have a static IP address Perform these steps for HP ProCurve 700wl Series Configuration allowing AWMS to manage APs thr...

Page 307: ...P Address 8 Enter Shared Secret 9 Enter Port 1812 10 Enter the Shared Secret and Confirm matching the AWMS shared secret 11 Enter Reauthentication Field Session Timeout 12 Enter Timeout 5 13 Select the Enable RADIUS Accounting RFC 2866 check box 14 Enter Port 1813 for RFC 2866 15 To verify and view the log files on AWMS proceed to System Event Log page ...

Page 308: ...308 Third Party Security Integration for AWMS Dell PowerConnect W AirWave 7 1 User Guide ...

Page 309: ... reset the unit Note that Cisco changed the procedure for resetting the AP configuration beginning with software version 11 07 The procedure below helps you determine which software version your AP s is currently running and which procedure to use to reset the AP Connecting to the AP Perform these steps to return VxWorks Access Points to their default state and to reset the unit 1 Connect the COM ...

Page 310: ...nplugging and then re plugging the power connector 3 When the memory files are listed under the heading Memory File press CTRL W within five seconds to reach the boot block menu 4 Copy the AP s installation key to the AP s DRAM by performing the following steps Press C to select Copy File Press 1 to select DRAM Press the selection letter for AP Installation Key 5 Perform the following steps to ref...

Page 311: ...rvice timestamps debug datetime msec service timestamps log datetime msec service password encryption hostname hostname enable secret 5 1 ceH2 1BN2DQpOoBAz KI2opH7 ip subnet zero ip domain name Aruba com ip name server 10 2 24 13 no aaa new model dot11 ssid OpenSSID authentication open power inline negotiation prestandard source username newpassword password 7 05050318314D5D1A0E0A0516 username Cis...

Page 312: ...p route cache if ip static ip default gateway gateway endif ip http server no ip http secure server ip http help path http www cisco com warp public 779 smbiz prodconfig help eag access list 111 permit tcp any any neq telnet snmp server view iso iso included snmp server community public view iso RW control plane bridge 1 route ip line con 0 line vty 0 4 login local end Speed Issues Related to Cisc...

Page 313: ...s detected AWMS verifies the firmware was applied correctly and all AP configuration settings match those in the AWMS database 5 AWMS pushes the configuration if necessary to restore the desired configuration Some firmware upgrades reconfigure settings Cisco IOS access points take longer than most access points because their firmware is larger ...

Page 314: ...314 Access Point Notes Dell PowerConnect W AirWave 7 1 User Guide ...

Page 315: ...on on port 23 to AirWave s support server Please ensure your firewall allows this The connection can be configured to run on 22 80 443 and a few other ports if necessary Please contact Dell support if you need to make any changes Procedure Perform these steps to initiate a support connection for AWMS 1 Sign into the serial or regular console with your root login 2 Type service support_connection s...

Page 316: ...316 Initiating a Support Connection Dell PowerConnect W AirWave 7 1 User Guide ...

Page 317: ...ADIUS Accounting Server Perform these steps to configure Cisco Clean Access integration 1 Log in to the clean machine server and navigate to the User Management Accounting Server Config page Select Enable RADIUS Accounting Input the AWMS Hostname or IP Address For Timeout sec leave default 30 Ensure the Server Port is set for 1813 Ensure that the input Shared Secret matches the AWMS shared secret ...

Page 318: ...318 Cisco Clean Access Integration Perfigo Dell PowerConnect W AirWave 7 1 User Guide ...

Page 319: ... hp hpSMHSetup pl at the command line interface This configures the web server Configure the Add Group Administrator page with a name 0 Enable IP Binding type 1 at the command line interface At the next interface enter the IP address and mask of the server 6 Type etc init d hpasm reconfigure at the command line interface When going through this menu this time select y to use the existing snmpd con...

Page 320: ...320 HP Insight Install Instructions for AWMS Servers Dell PowerConnect W AirWave 7 1 User Guide ...

Page 321: ...e for a table listing RAM requirements for AWMS Click Next 8 Accept the VMware default virtual network adapter and click Next 9 Allocate a virtual disk large enough to contain the AWMS operating system application and data files refer to the AWMS Best Practices Guide for suggested disk space allocations for typical wireless network deployments 10 Click Next 11 Review the virtual machine settings t...

Page 322: ... d K40smartd etc rc d rc3 d Z40smartd mv etc rc d rc6 d K40smartd etc rc d rc3 d Z40smartd To install VMware Tools on AWMS perform these steps 1 From the VMware Infrastructure Client select Inventory Virtual Machine Install Upgrade VMware Tools 2 At the AWMS console type mkdir media cdrom 3 Then type mount dev cdrom media cdrom 4 Next type cd tmp tar xvzf media cdrom VMwareTools 3 5 0 67921 tar gz...

Page 323: ...BE LIABLE FOR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE DATA OR PROFITS WHETHER IN AN ACTION OF CONTRACT NEGLIGENCE OR OTHER TORTIOUS ACTION ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE Net SNMP Part 1 CMU UCD copyright notice BSD like Copyright 1989 1991 1992 by Carnegie Mellon University Derivative Work 1996...

Page 324: ...NCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 3 Cambridge Broadband Ltd copyright notice B...

Page 325: ...ific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL...

Page 326: ...nditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of Cisco Inc Beijing University of Posts and Telecommunications nor the names of their contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CON...

Page 327: ... CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE The licence and distribution terms for any publically available version or derivative of this code cannot be changed i e this code cannot simply be copied and put under another dist...

Page 328: ...ON HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE SWFObject v 1 5 Flash Player detection and embed http blog deconcept com swfobject SWFObject is c 2007 Geoff Stearns and is released under the MIT License mod_auth_tacacs ...

Page 329: ...ES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE APACHE GROUP OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN ...

Page 330: ...330 Third Party Copyright Information Dell PowerConnect W AirWave 7 1 User Guide ...

Page 331: ... managing and troubleshooting 127 modifying 122 troubleshooting a newly discovered device 172 verifying 142 156 F failover 15 firewall configuring 21 firmware loading device firmware 58 specifying minimum firmware 119 G global templates 191 groups assigning newly discovered devices to groups 134 changing multiple group configurations 121 configuring and using 79 configuring basic group settings 83...

Page 332: ...are requirements 17 initial login 29 installing 17 21 naming the network administration system 20 Package Management 303 protocol and port diagram 21 Proxim 4900 104 Proxim Avaya 88 PTMP 112 R radio settings configuring for groups 100 RADIUS 98 adding a server 98 authentication 62 configuring authentication and authorization 64 integrating 65 RAPIDS 25 195 RAPIDs 14 reports 261 creating running an...

Page 333: ... 100 Groups Templates 177 179 191 192 Help 26 Helpdesk Incident 299 Helpdesk Incidents 296 300 Helpdesk Setup 299 Home 24 241 Home Documentation 247 Home License 245 Home Overview 242 Home Search 246 Home User Info 248 Home Overview 35 36 37 38 Master Console 239 Master Console Groups Basic 240 241 Master Console Groups Basic Managed 240 Master Console Manage AMPs IP Hostname239 RAPIDS 25 RAPIDS R...

Page 334: ...334 Index Dell PowerConnect W AirWave 7 1 User Guide ...

Reviews: