Dell PowerConnect W-Airwave 7.4 User's Manual
Contents
1. ccccsssesscssssesssesessssecssseeessesesateees 255 Emailing Reports to SmarthoSt ccccssccssssesssscscssssesssececsesecsesesessesecaesesessesesassesesaesesateees 255 Exporting Reports to XML or CSV a ssenssenssnensnennenensnnnrerurnnurensnnnnenunuivunnrersnnnnnrnnnnrnnnrnnnnnnnns 255 Transtering Reports Using FIP srnosinassiriseninennansnea 255 Using VISUAIRP saasssvvannssasannnaserasnqnsesvoeacseaanneracapicnainesciaciodannnniacionaiaimancametsevensaantenopnaenectan s 257 PEES ae E A E E N E E A 258 Usetul TENS sisvsacsnsesiecaxtstecbensesesssmatergatinosasupsansbedonssbanseePersaceuoesiedvaatebnidgesnndabensibenstzessinenxprusyciotsensinee 258 SEA A S a E E T T E E E E 258 Basic QuickView Navigation cccccscscssssesssscssssscseseeecsesssesesecessusecsesescecsesecaesesessusesatsesesansesaees 259 Network View Navigation cccccsssessscssssssecssssessssesesseeecsesesseseesesaeeessesesseseesesaeeesaesesensess 260 Dell PowerConnect W AirWave 7 4 User Guide OC ee a 260 BUS VG Uae sehciet scene nacinsvatiodes ovanpsniravbvosprensesaustievaefecusiabasnas E a SN 260 BAIT I OM isp caisau tne rapncasetiteseaa Perio E a vaaceaesansiie 261 Using the Settings in the VisualRF gt Setup Page ccssssssesesssscssssssesseecseseseesseesesseseeasenes 262 VisualRF Resource UtiliZation ccccccsssssescssssesesscsseseeecsessesessesesaeeessesesseseesesseeesaesaseneess 265 Configuring QuickView Personal PreferencCes2. ccccscscsesssscssssseesseseesesesseseeseseesesseeesansassneess 56 Using Web Auth Bundles in AirWave un cccssessccssessscssssesssscssssseesseseeseseeseeaseessnses 57 Setting Up Device Types ee eee ae ee ee ee aa EREE 58 Configuring Cisco WLSE and WLSE Rogue Scanning e s sssssersrsrssssrsrninnnsrsnnrersrnnnnrnnersnrensn 58 Introduction to CISCO WLSE ce ccseseesseecsssessesesececsesecsesesecseseesesesessusesassesesauseeassusesansesasenes 58 Configuring WLSE Initially in AirWave ccccsseessssccssssessssseceseesssecesseseesseesessesesaseeeees 59 Adding an ACS Server for WLSE cececsescscssssessessecesseseececsesecaesesesseeeassesesanseeasenes 59 Enabling Rogue Alerts for Cisco WLSE ou ce cceeecscssssesessessseesseseseceeseseeaesesesseseeatenes 59 Configuring WLSE to Communicate With APS cccsescsseseseeseecsssseseeeeesseseeateneeeen 59 Disc vering Oh ec ce ee re re 60 Managing Devices cccccsssessescssssssecsessesssecsesseseseeseesesessesasseseesesassesaeseeseseesesatesatsasensass 60 Inventory Reporting cas sececcts pons cnrncesacaunsoetvaupeaaapuuteescnindeciabiteistanehasereaitnetstoientiepinsesbenparst 60 Defining ACCESS a csinccisstiteiavsazitvesnenatiavideressnasbeseanonganeddavensitedsptucdauelitetsnraditsssasyetatedstsnesusbivents 60 GOUD scp aes entation cope E A 60 Configuring IOS APs for WDS Participation cc ceccsssseseessesssesssseesesseseesseesesseseeaseeeeees 60 WDS ATC FI a
3. cccsecssssssesssscsessssessseceesesecsesesessesecassesesseeeaseess 100 Modifying Multiple DeViC S ccc ecsssessessssssseecsessesessesessesessuseesesecsesaesecsusessesessesansesausesenseeoes 101 Using Global Groups for Group Configuration ceesessescesssscsseecscsessesssesesseseesesesesseseeaseess 104 Discovering Adding and Managing DeVICES cccccecsssseesesscssseesessesseseeseseeseeeess 107 DEVICE Discovery OVETVIGW cssetsissssnnccdcanniadvacsmiiensantenensineasiiccutaesiecanitedsenannddbtesinaciotssndeitnenndiacdanesan 107 Discovering and Adding DeVICES ccsccccscssesssscssssesscsessesesecsesatsesseseeseseesesaesecsusasseseesesasesaeses 107 SNMP H Mal Mess UUM GD decison ceannsse ciara ceca asute vhvucntannnduectot NA 108 Adding Networks for SNMP HTTP SCanning c ccccssscssesssesssseesecsesesesassesesseseees 108 Adding Credentials for SCAnning cssssssccssssssssssscscssssesesesecsesecseseseesesesassesetaeseees 108 Defining a SCAN Set ou eeseescssscssssssesecseseseeseececseseesesesecsesecassesessuseassesesausesarsesesansesasenes 109 Running a Scan Selespeed ee nee a eee ee 110 Enabling Cisco Discovery Protocol CDP cccccessssssssssesesessssssseeeeseeeseeesesesetseseeenen 111 Authorizing Devices to AirWave from APs Devices gt New Page cccsecseeeeen 111 Manually Adding Individual DeVICES cccccscscscssesssecssssesssseseeseeesseseeseseesesaeeessuseeaneess 112 Addin
4. cscssssssescscssesesseecscseseeseeeceesesecassesessnseeatenss 266 Increasing LOCATION ACCU ACY csscsissicoracazessanrsnvssvennnaoensnsededivaasstousnnsese sensanenasantintensdaasesrnnseaiaunesnts 267 Adding Exterior Walls cossvecnscsceudusenejasnenusnvonanaev ash descsninsberieskedasasnnevnedadeteduaraesuadassisiastussprciaanei 268 Location Training for Stationary D VICGS c ccceessescessssesseessessseesesesessesecassesesseeeateees 268 Adding Oe gies tg oh eee ee eee ee ee ee 269 Adding Location Probability Regions ccccsccsssesssscssssessssesseseescseseeseseeseeseeessesassesessesaees 270 VOC DOCK OE ea E E E E A 271 Viewing Port Status on Deployed Switches qu ecessescscssssesssesecseseesseesessesecaesesessnseees 212 Fine Tuning Location Service in VisualRF gt Setup cs escescsessesesseececseseesssesesseseeaeeees 212 Configuring Infrastructure ccccccssssesssscsssssscsesseecsesesseseseceesesecsesececsesesassesesanseeasenss 213 Deploying APs for Client Location Accuracy cccessssessessssesssecssssseesseeseeseseeateess 274 Using QuickView to Assess RF Environment ccccsessescsessssesseecscseseesssesesseseeassesessnseeasenss 274 Viewing a Wireless User s RF EnvirOnment cccscccsssessssessseeecsessseeseeseeseeesseseeeeees 274 Tracking Location HIStOry ccccsescssssesssscssesssscsssseseseeseesssecsuseeseseesesaseessusessesaeseeaees 215 Checking Signal Strength to Clie
5. NOTE If you select Manage Select Devices AirWave automatically overwrites existing device settings with the specified Group K settings Placing newly discovered devices in Monitor mode is strongly recommended until you can confirm that all group configuration settings are appropriate for that device 4 If you do not wish to manage or monitor a discovered device you may select the device s from the list and select either Ignore or Delete If you choose to Ignore the devices they will not be displayed in the APs Devices gt New list even if they are discovered in subsequent scans You can view a list of all Ignored devices on the APs Devices gt Ignored page If you choose to Delete the device it will be listed on the APs Devices gt Nevw list if discovered by AirWave in a subsequent scan Refer to Assigning Devices to the Ignored Page on page 116 Manually Adding Individual Devices Some deployment situations may require that you manually add devices to AirWave You can add devices manually by uploading a CSV file or from the Device Setup gt Add page This section describes the following procedures Adding Devices with the Device Setup gt Add Page Adding Multiple Devices from a CSV File Adding Universal Devices Adding Devices with the Device Setup gt Add Page Manually adding devices from the Device Setup gt Add page to AirWave is an option for adding all device types You only need to select device vendor infor
6. Note This field only appears if you selected Yes in Customize Header Columns Search Preferences Customize Search Set to No by default when set to Yes you can select which search categories to display when Full search results are returned Display Preferences Default Number of Records per Defines the number of rows to appear in any list by default If a row count is manually set List it will override the default setting Reset List Preferences Reset all list preferences including number of records per list column order and hidden column information Customize Columns for Other Allows admin users to determine the columns that should be displayed and the order they Roles should be displayed for specific user roles To customize lists for other users navigate to that list and select Choose Columns for roles above the list Make the desired column changes select the roles to update and Save Console Refresh Rate The frequency in which lists and charts automatically refresh on a page Idle Timeout Number of minutes of idle time until AMP automatically ends the user session This 5 mins to 240 mins setting only the logged in user of this AMP The default is 60 minutes To set the max idle timeout for all users of this AMP see Setting Up Login Configuration Options on page 48 Perform the following steps to configure your own user account with the Home gt User Info page l In the User Information section en
7. STEP 7 Changing default root password You will now change the password for the root shell user Changing password for user root New Password Enter the new root password and press Enter The Linux root password is similar to a Windows administrator password The root user is a super user who has full access to all commands and directories on the computer This password should be kept as secure as possible because it allows full access to the machine This password is not often needed on a day to day basis but is required to perform AirWave upgrades and advanced troubleshooting If you lose this password contact Dell support for resetting instructions 20 Installing and Getting Started Dell PowerConnect W AirWave 7 4 User Guide Completing the Installation Upon completion of all previous steps the following message appears CONGRATULATIONS AirWave is configured properly To access AirWave web console browse to https lt IP Address gt Login with the following credentials Username admin Password admin To view the Phase installation log file type cat root install log To view the Phase 2 installation log file type cat tmp amp install log To access the AirWave GUI enter the AirWave IP address in the address bar of any browser The AirWave GUI then prompts for your license key If you are entering a dedicated Master Console or AirWave Failover license refer to Supporting AirWave Servers with the Master Conso
8. 11 0 Optional 802 11g Transmit Rate Auto Fallback Frag Threshold Enabled Yes No 802 11a Transmit Rate Auto Fallback Threshold Value 256 2347 bytes 2337 Rogue Scanning Yes C No RTS CTS Threshold Enabled Yes No Rogue Scanning Interval 15 1440 min 15 Threshold Value 0 2347 bytes 1200 Proxim 4900M RTS CTS Maximum Retries 1 255 4 9GHz Public Safety Channel Bandwidth 20 Maimum Data Retries 1 255 32 802 11a 4 9GHz Public Safety Operational Mode 802 11a a Beacon Period 19 5000 msec 100 DTIM Period 1 255 I y Rogue Scanning ves C No Ethernet Encapsulation C g02 1H RFC1042 Rogue Scanning Interval 5 480 min 240 Radio Preamble C Long Short Save Save and Apply Revert 3 Locate the Radio Settings area and adjust these settings as required Table 62 describes the settings and default values Table 62 Groups gt Radio gt Radio Settings Fields and Default Values Default Description Allow Automatic Channel If enabled whenever the AP is rebooted it uses its radio to scan the airspace and Selection 2 4 5 and 4 9 select its optimal RF channel based on observed signal strength from other radios GHz Public Safety NOTE If you enable this feature AirWave automatically reboots the APs in the group when the change is implemented 802 11b Data Rates Required Displays pull down menus for various data rates for transmitting data Mbps 1 0 NOTE This setting does not app
9. Clients The Clients pages provide detailed information about all client devices Connected and users currently and historically associated to the WLAN including All VPN users Prior to 7 4 this tab was called Users For additional Rogue Clients information refer to Monitoring and Supporting WLAN Clients on Guest Users page 196 l l Client Detail Diagnostics VPN Sessions VPN Users VPN Client Detail Tags Reports The Reports pages list all the standard and custom reports generated by Generated AirWave For additional information refer to Chapter 9 Creating Definition Running and Emailing Reports on page 227 Detail System The System page provides information about AirWave operation and Status administration including overall system status the job scheduler trigger Syslog amp Traps alert administration and so forth Event Log For additional information refer to Monitoring and Supporting AirWave Triggers with the System Pages on page 183 Alerts Backups Configuration Change Jobs Firmware Upgrade Jobs Performance 24 Installing and Getting Started Dell PowerConnect W AirWave 7 4 User Guide Table 6 Components and Subtabs of the AirWave Navigation Continued Main Tab AMP Setup RAPIDS VisualRF NOTE The AMP Setup tab varies with user role The RAPIDS and VisualRF tabs appear based on the license entered on the Home Description The Device Setup pages provide the ability to ad
10. Hostname IP Address a Protocol Port Username Polling Period Last Contacted Errors fF 10 1 11 1 HTTP 2002 stuff 10 minutes 5 14 2009 6 37 AM Select All Unselect All 2 Select Add to create a new ACS server or select a pencil icon to edit an existing server To delete an ACS server select that server and select Delete When selecting Add or edit the Details page appears as illustrated in Figure 33 Figure 33 AMP Setup gt ACS gt Add Edit Details Page Illustration ACS Server Hostname IP Address Po Protocol Port Confirm Password Po Polling Period 10 minutes 3 Complete the settings on AMP Setup gt ACS gt Add Edit Details Table 36 describes these fields Table 36 AMP Setup gt ACS gt Add Edit Details Fields and Default Values Field Default Description P Hostname None Sets the DNS name or the IP address of the ACS Server HTTP Launches a drop down menu specifying the protocol AirWave uses when it polls the ACS server Port 2002 Sets the port through which AirWave communicates with the ACS AirWave generally communicates via SNMP traps on port 162 Username None Sets the Username of the account AirWave uses to poll the ACS server Password None Sets the password of the account AirWave uses to poll the ACS server Polling Period 10 min Launches a drop down menu that specifies how frequently AirWave polls the ACS server for username information Dell PowerConnect W AirWave 7 4 User Guide Configuring
11. 105 106 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Chapter 5 Discovering Adding and Managing Devices This chapter describes how to add configure and monitor wired and wireless devices and contains the following sections corresponding to features of the Device Setup and APs Devices tabs Device Discovery Overview on page 107 Discovering and Adding Devices on page 107 Monitoring Devices on page 116 Configuring and Managing Devices on page 134 Troubleshooting a Newly Discovered Down Device on page 146 Setting up Dell Spectrum Analysis in AirWave on page 147 Device Discovery Overview Once you have deployed AirWave on the network the next step is to discover all existing devices connected to your network AirWave allows device discovery in the following ways all of which are described in this chapter SNMP HTTP discovery scanning This is the primary method to discover devices on your network configured in the Device Setup gt Discover page See SNMP HTTP Scanning on page 108 Cisco Discovery Protocol CDP AirWave enhances support for CDP by discovering a Cisco device s CDP neighbors See Enabling Cisco Discovery Protocol CDP on page 111 Manual device entry This admin supported method of discovery applies when you know of devices that are already on your network See the following sections for information and p
12. 6 Start Web UI of FUW Step 1 This is the cropping step This and all subsequent steps use the converted JPG file The greater the floor plan dimensions the less clarity the background image provides Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 289 Batch Importing CAD Files This process provides the ability to automatically upload many CAD files and auto provision existing walls and access points and contains the following topics Requirements on page 290 Pre Processing Steps on page 290 Upload Processing Steps on page 290 Post Processing Steps on page 291 Sample Upload Instruction XML File on page 291 Common Importation Problems on page 291 Requirements Operating System Client machine must be Windows XP Windows Vista or Windows 7 Flash Version 9 or later Pre Processing Steps l Increase Memory Allocation in VisualRF gt Setup as follows 25 floors or less 512 MB 25 to 75 floors 1 GB More than 75 floors 1 5 GB 2 Massage the output data 3 Increase the Location Caching Timer to hour so that VisualRF does not overload the server calculating client locations while calculating path loss and process floor plan images Upload Processing Steps l Create CAD XML files which contain drawing filename dimensions and optional information like device manufacture and model device coordinates wall coordinates and building material This step is usually pe
13. 802 11n Configuring Cisco WLC Security Parameters and Functions AirWave enables you to configure many security settings that are specific to Cisco WLC controllers This section supports four overriding types of configuration as follows AAA to cover both RADIUS and TACACS server configuration Priority Order Wireless Protection Policies Web Auth Figure 55 illustrates these components and this navigation Figure 55 Groups gt Cisco WLC Config gt Security Navigation Illustration ErSecurity TAAA RADIUS pa Fallback TACACS AP Policies Priority Order Management User Wireless Protection Policies Rogue Policies General Client Exclusion Policies Web Auth Lieb Login Page Configuring Management Settings for Cisco WLC AirWave allows you to configure of SNMP and Syslog Server settings for Cisco WLC controllers You can configure up to four trap receivers on the Cisco WLC including the AMP IP that can be used in Global Groups To define SNMP and server settings go to the Groups gt Cisco WLC Config gt Management page illustrated in Figure 56 Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 95 Figure 56 Groups gt Cisco WLC Config gt Management Navigation Illustration CrManagement SNMP m Recevers Trap Controls Ly ervi iD slog rs Configuring Group PTMP Settings The Groups gt PTMP configuration page configures Point to Multipoint P
14. Aruba 6000 RUB BB w w Provision Deployed Devices i 24 ZB z2 21 Search View By e Group Folder Y amp Bangalore Y amp Bejing Y amp Cisco Gear Y amp Distribution Centers Y amp Ethersphere lms3 gt HQ RemoteAP gt Inst_Test gt marcus gt NRF v lt GROSS B ry i V Hide Already Provisioned Devices en ee ee ee ee a o Wired devices that are added to an IDF are included in any BOM report covering that floor Viewing Port Status on Deployed Switches Deployed switches on a rack will display the port status as red down and green up interface icons which corresponds with the operationally up devices on the APs Devices gt Interfaces list Planned switches do not display these status indicators in VisualRF Figure 204 Deployed switch showing red and green port status icons Fine Tuning Location Service in VisualRF gt Setup There are several options on the VisualRF gt Setup page which increase client location accuracy All of these items will increase the processing requirements for the location service and could negatively impact the overall performance of AMP 272 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Grid Size decreasing the grid size will enable the location to place clients in a small grid which will increase accuracy You can right click on a floor plan within a building view and change this setting Dynamic
15. Autonomous Devices Folder as the discovering devices the same Group Folder as the closest IP neighbor Location i and or a specified auto authorization group and folder The Current Global Setting set in AMP Setup gt General is shown below this field Selecting a different option overrides the global setting Add New Thin APs Whether to auto authorize new thin APs to the New Devices List the same Group Folder Location as the discovering devices the same Group Folder as the closest IP neighbor and or a specified auto authorization group and folder The Current Global Setting set in AMP Setup gt General is shown below Selecting a different option overrides the global setting for this group 20 To automate putting multiple devices in this group into Manage mode at once so that changes can be applied and have the devices revert to Monitor Only mode after the maintenance period is over locate the Maintenance Windows option and define a new AP Group Maintenance Window 21 Select Save when the configurations of the Groups gt Basic configuration page are complete to retain these settings but without pushing these settings to all devices in the group Save is a good option if you intend to make additional device changes in the group and wish to wait until all configurations are complete before you push all configurations at one time Select Save and Apply to make the changes permanent or select Revert to discard all unapplied changes
16. Capacity Planning Max Values 3 1 2009 12 00 a m today 5 21 2009 12 15 AM Daily at 12 15 am PDT Custom Device Summary Report 2 weeks ago now 5 14 2009 6 36 AM Custom IDS Events Report 5 14 09 22 00 5 14 09 23 00 5 15 2009 7 13 AM Select All Unselect All an Report definitions for other roles 1 4 of 4Report Definitions Page i wof1 rae corp users via radius Radius Auth Problems RADIUS Authentication Issues All Groups Folders and SSIDs Partner Device Summary Report Device Summary All Groups Folders and SSIDs 0 Partner RADIUSReport RADIUS Authentication Issues 0 Partner PCICompliance Detailed 3wks Acme PCI Compliance Group HQ LatestReport Report End LastRun Time Scheduled _ yesterday now 4 27 2009 2 21 PM Device Summary Report 5 5 2009 5 8 2009 5 8 2009 10 58 AM 1 1 2009 3 31 2009 3 31 2009 6 08 AM PCICompliance Detailed 3wks Acme 3 weeks ago Select All Unselect All Rn Delete now 4 28 2009 7 12 AM Figure 162 Report Type Drop down Menu in Reports gt Definitions Illustration emory and CPU Utilization Group Research Lab and Folder Top gt Sunnyvale HQ gt HQ Cisco LWAPP and SSID wpa2 Z NOTE Only admin users have complete access to all report information The AirWave reports and online displays of information can vary with configuration User Roles and Folders Reports gt Generated Page Overview The Reports gt Generated page displays reports that have been run as well as
17. Configuring and Using Device Groups in AirWave Figure 41 Groups gt Security Page Illustration VLANs RADIUS Authentication Servers VLAN Tagging and Multiple SSIDs Enabled Disabled RADIUS Authentication Server 1 10 2 32 151 1812 1813 Create and edit VLANs and SSIDs on this group s SSIDs page RADIUS Authentication Server 2 Management VLAN ID 0 4094 Untagged RADIUS Authentication Server 3 Select Proxim AP 600 AP 700 AP 2000 AP 4000 Avaya AP 3 Untagged Avaya AP 7 AP 4 5 6 AP 8 ProCurve520WL g RADIUS Authentication Server 4 Select M ProCurve420 Enterasys AP3000 only Authentication Profile Name Proxim Only AMP Defined Server 1 Permit RADIUS Assigned Dynamic VLANs gg HP ProCurve 420 only es o Authentication Profile Index Proxim Only pi VLAN ID Format HP ProCurve 420 only C Asc E RADIUS Accounting Servers Ethernet Untagged VLAN ID 1 4094 RoamAbout 10 2 32 151 1812 1813 _ z AP3000 only p RADIUS Accounting Server 1 2 RADIUS Accounting Server 2 10 2 32 151 1812 1813 RADIUS Accounting Server 3 10 2 32 151 1812 1813 Create Closed Network C Yes No RADIUS Accounting Server 4 Select Block All Inter Client Communication C Yes No Accounting Profile Name Proxim Only Accounting EAP Options Accounting Profile Index Proxim Only 3 WEP Key Rotation Interval 0 10000000 sec 300 Session Key Refresh Rate 0 1440 min HP fo MAC Address ProCurve 420 only MAC Address Authenti
18. FP TT i minimum version of 6 0 0 0 AM Scanning Profile 71 oh MAM Scanning Requires a minimum version of 6 0 0 0 default MARM HT Radio Settings Spectrum Radio Enable Yes C No Event Thresholds Optimization GFSSID Security Local Confia The above steps will use the defaults in the referenced Spectrum Profile To change the defaults navigate to Groups gt Dell PowerConnect W Config gt Profiles gt RF gt 802 11a g Radio gt Spectrum and create a new Spectrum profile with non default settings In most cases you should not change the settings in the default profile If all of the devices in this Dell PowerConnect W AP Group are managed by the same controller and you want to temporarily override one or more profile settings in your spectrum mode APs you can set up a controller override To disable spectrum mode in this group change the referenced radio profile back to default Configuring an Individual AP to run in Spectrum Mode If you want to temporarily set an individual radio in an AP to run in Spectrum mode without creating or changing Dell AP Groups or radio profiles perform these steps to set up a Spectrum Override on a supported Dell PowerConnect W Series AP 148 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide l Go to the APs Devices gt Manage page for a Spectrum supported Dell PowerConnect W Series AP 2 After checking the Audit page set the AP to Manage Read
19. Maximum number of Increases the number of processes that are pushing configurations to your devices configuration as an option The optimal setting for your network depends on the resources Processes available especially RAM Contact Dell support at support dell com if you think you might need to increase this setting for your network Increases the number of processes that audit configurations for your devices as an option The optimal setting for your network depends on the resources available especially RAM Contact Dell support at support dell com if you are considering increasing this setting for your network Maximum number of audit processes 3 Verbose Logging of Enables or disables logging detailed records of SNMP configuration information SNMP Configuration SNMP Rate Limiting When enabled AirWave fetches SNMP data more slowly potentially reducing for Monitored device CPU load Enabling this global setting is recommended when monitoring Dell Devices PowerConnect W Series controllers only if your network contains a majority of legacy controllers 800 2400 5000 controllers that use Supervisor Module II If your network mainly uses newer processors 3000 series 600 series the M3 module in the 6000 series disabling this setting is strongly recommended RAPIDS Processing Defines the processing and system resource priority for RAPIDS in relation to Priority AirWave as a whole When AirWave Is processing data at or near its
20. Partial Closed System Proxim only For Proxim only this setting enables to AP to send its SSID in every beacon but it does not respond to any probe requests Unique Beacon For Proxim only if more than one SSID is enabled this option enables them to be sent Proxim only in separate beacons Block All Inter Client Yes This setting blocks communication between client devices based on SSID Communication Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 85 5 Locate the Encryption area on the Groups gt SSIDs page and adjust these settings as required Table 58 describes the settings and default values Table 58 Groups gt SS Ds gt Encryption Section Field and Default Values Default Description Encryption Mode No Encryption Drop down menu determines the level of encryption required for devices to associate to the APs The drop down menu options are as follows Each option displays additional encryption settings that must be defined Complete the associated settings for any encryption type chosen No Encryption Optional WEP Wired Equivalent Privacy not PCI compliant as of 2010 Require WEP Wired Equivalent Privacy not PCI compliant as of 2010 Require 802 1x Based on the WEP algorithm Require Leap Lightweight Extensible Authentication Protocol 802 1x WEP Combines the two encryption types shown 802 1x LEAP Combines the two encryption types shown LEAP WEP Combines
21. Subnet mask Y netmask or ip address dhcp gateway ip default gateway gateway antenna_ receive Receive antenna antenna receive diversity antenna_receive antenna_transmit Transmit antenna antenna transmit diversity antenna_transmit cck_power 802 11g radio module CCK power power local cck cck_power maximum level Dell PowerConnect W AirWave 7 4 User Guide Creating and Using Templates 159 Table 92 Substitution Variables in Templates Continued Variable Meaning Command Suppressed Default 802 11g radio module OFDM power power local ofdm ofdm_power level power 802 11a and 802 11b radio module power local power maximum power level The location of the SNMP server snmp server location location pe The SNMP server contact snmp server contact contact SS The SSL Certificate used by the AP certificate pe ap include The AP include fields allow for Yoap_include_1 through configurable variables Any lines ap_include_10 placed in the AP Include field on the APs Devices gt Manage configuration page replace this variable Using AP Specific Variables When a template is applied to an AP all variables are replaced with the corresponding settings from the APs Devices gt Manage configuration page This enables AP specific settings such as Channel to be managed effectively on an AP by AP basis The list of used and available variables appears on the template detail configuration page Variables a
22. System Disk Utilization The amount of data read from the disk and written to the disk System Disk IOPs The number of disk reads and writes per second System Disk Throughput The rate of reading and writing from and to the disk in bytes per second System Disk Outstanding I O The average number of outstanding 1 0 requests queue depth If it s high it means that 0 Requests requests disk reads writes aren t being serviced as fast as they re being asked for System Swap Usage The amount of Swap memory used by AirWave Swap is used when the there Is no more free physical RAM A large performance penalty is paid when swap is used If an AirWave consistently uses swap you should consider installing additional RAM System CPU Utilization The percentage of CPU that has been used by the user and the system as well as the amount that was idle I O Throughput by Worker by Displays reads and writes for workers AMP services database VisualRF web server RRD tool Service and AWRRD tool and for services AMP VisualRF and web server CPU Utilization by Worker by Displays reads and writes for workers AMP services database VisualRF web server RRD tool Service and AWRRD tool and for services AMP VisualRF and web server System Network Bandwidth All traffic in and out measured in bits per second of your primary network interface Eth0 being the most common Bandwidth by Protocol Displays the amount of traffic used by Telnet HT
23. Workflow of the Dell PowerConnect W Instant and AMP Integration Process The following is a sample setup workflow around a common Dell PowerConnect W Instant use case Setting up Dell PowerConnect W Instant Hardware See the Dell PowerConnect W Instant Quick Start Guide the Dell PowerConnect W Instant Professional Installation Guide the IAP 105 Wireless Access Point Installation Guide and the IAP 92 and IAP 93 Wireless Access Point Installation Guide for information on setting up the hardware and configuring the network Required Personnel For each remote location an on site installer is required to physically mount the IAPs connect to the Dell PowerConnect W Instant SSID configure the WLAN configure the names of the IAPs and enter the information in the first IAP s user interface that will enable communication with the AMP An AMP administrator sends an Organization String and Shared Secret key along with AMP s IP address to the on site installer The AMP admin later validates the first Virtual Controller s Organization String and its Shared Secret when it appears in the APs Devices gt New list The administrator also enables user roles to administer the Dell PowerConnect W Instant systems makes any other changes in AMP as necessary Creating your Organization String The Organization String is a set of colon separated strings created by the AMP administrator to accurately represent the deployment of each Dell PowerConnect W I
24. a a Unknown Mismatched Mismatched Mismatched Mismatched Mismatched VLAN AP Radio 51 1 51 moe ie 51 51 3 10 2009 10 00 AM matches use quotes around the search phrase 802 11bq 802 11b 802 11bq 802 11bq 802 11bq 802 11b 802 11a 802 11a 802 11b 802 11bg 802 11a 802 11bg ected wirelessly ected wirelessly ected wirelessly Group Folder Controller Master Controller Access Points airespace Access Points airespace iwlc thin aps airespace airespace 4400 1 gt iwlc thin aps airespace airespace 4400 1 Access Points airespace 4400 airespace Connection Mode ChBW Association Time 802 119 802 11b 802 11b 802 11b 802 11b 802 11b 802 11a 802 11a 802 11b 802 11bg 802 11a 802 119 Device Classification Wired APs All Unclassified Unclassified Valid Unclassified Unclassified Valid Unclassified Unclassified Closest AP 1250 91 1250 91 lwapp 1250 13 21 1e lwapp 1250 13 21 1e 14 42 14 42 0 v 3 10 2009 5 22 PM 1 23 2009 9 07 AM 1 29 2009 2 25 PM 1 29 2009 2 19 PM 3 5 2009 3 18 PM 2 24 2009 1 08 PM 1 29 2009 8 59 AM 2 5 2009 5 30 PM 1 28 2009 7 41 PM 2 20 2009 7 59 AM 1 29 2009 4 00 PM Duration 2 13 2009 12 50 PM SSID hearing test012 TroposNetworks dbishop airespace open ethersphere voip RoamAbout Default Network Name ws5100_102 Nomadix BetsyFromPike _ gt AAaAa
25. 0 Exit discard changes If you want to configure a second network interface please use AirWave s web interface AMP Setup gt Network Tab l Enter the network information K NOTE The Secondary DNS setting is an optional field 2 Commit the changes by typing 9 and pressing Enter To discard the changes type 0 and press Enter Step 5 Naming the AirWave Network Administration System Upon completion of the previous step the following message appears STEP 5 Naming AirWave AirWave name is currently set to New AirWave Please enter a name for your AirWave At the prompt enter a name for your AirWave server and press Enter Step 6 Assigning a Host Name to AirWave Upon completion of the previous step the following message appears on the screen STEP 6 Assigning AirWave s hostname Does AirWave have a valid DNS name on your network y n 1 If AirWave does not have a valid host name on the network enter n at the prompt The following appears Generating SSL certificate for lt IP Address gt 2 If AirWave does have a valid host name on the network enter y at the prompt The following appears Enter AirWave s DNS name 3 Type the AirWave DNS name and press Enter The following message appears Generating SSL certificate for lt IP Address gt Proceed to the next step as the system prompts you Step 7 Changing the Default Root Password Upon completion of the prior step the following message appears
26. 153 Figure 113 Groups gt Templates gt Add Template Page Illustration Group Routers Switches Cisco Catalyst Any Model Name Device Type Cisco Catalyst Any Model v Reboot devices after configuration changes Yes No Restrict to this version Yes No Template firmware version Template Select Fetch template from device Select Device Template The following variables may be used in the templ value of each variable is configured on the APs C Manage page for each device in the group Each must be surrounded by percent signs osinan if statements must be terminated by en cannot be nested lt ignore_and_do_not_push gt lt ignore_and_do_n f lt push_and_exdude gt lt push_and_exclude gt tags can be used to achieve a good configuratior refer to the User Guide for more information Available Variables ap_include_1 contact ap_include_10 domain ap_include_2 gateway ap_include_3 hostname ap_include_4 interfaces ap_include_5 location ap_include_6 manager_ip_ ap_include_7 ss _cert ap_include_8 ap_include_9 chassis_id Credentials Change credentials the AMP uses to contact devices after successful config push Community String Confirm Community String Telnet SSH Username Telnet SSH Password Confirm Telnet SSH Password enable Password Confirm enable Password SNMPv3 Username Auth Password Confirm A
27. 4 Additional Log Files Restart A WwMS Reboot System The link diagnostics tar gz contains reports and logs that are helpful to Dell support in troubleshooting and solving problems Your Dell support representative may ask for this file along with other logs that are linked on this page Similarly the VisualRFdiag zip link contains VisualRF diagnostic information that might be requested by Dell support at support dell com A summary table lists logs that appear on the System gt Status page These are used to diagnose AirWave problems Additional logs are available via SSH access in the var log and tmp directories Dell support 184 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide engineers may request these logs for help in troubleshooting problems and will provide detailed instructions on how to retrieve them Table 104 describes some of the most important logs Table 104 A Sample of Important Status Logs Description Logs database activity error_log Reports problems with the web server Also linked from the internal server error page that displays on the web page please send this log to Dell support whenever reporting an internal server error maillog Applies in cases where emailed reports or alerts do not arrive at the intended recipient s address Viewing Device Events in System gt Syslog amp Traps Admins can use the System gt Syslog amp Traps page to review all s
28. AMP will attempt to translate them to human readable format when possible AMP will not receive processed SNMP traps into the Device Event framework if the AMP doesn t have MIB file to translate the trap Use the Search field at the top of the column to filter the messages by a substring Syslog messages also appear in the APs Devices gt Monitor page for controllers and in Clients gt Client Detail pages under the Association History section Using the System gt Event Log Page The System gt Event Log page is a very useful debugging tool containing a list of recent AirWave events including APs coming up and down services restarting and most AirWave related errors as well as the user that initiated the action Figure 130 illustrates this page and Table 106 describes the page components Figure 130 System gt Event Log Page Illustration Refresh Time User Type Event Device ID Folder Tue Jan 18 19 33 34 2011 System Device Symbol 7131 4P 7131N 1 Error in SNMP polling Counter length too long 5 bytes 59914 Top gt symbol gt fat aps Tue Jan 18 19 31 00 2011 System Device HP ProCurve 2626 PWR other hp poe switch dey Un setting upstream device 51805 Top gt Routers and switches Tue Jan 18 19 30 40 2011 System Device Dell PowerConnect W 3400 Aruba 3400 Configuration verification configuration on device does not match desired configuration 60081 Top gt aruba gt quest user Tue Jan 18 19 28 48 2011 System Device Aruba 651 intel a6
29. AP Status wisxNAccessPointIsUp wisxTrapAPMac wisxTrap Time 5 24 2011 22 40 29 U1 5 24 2011 7 39 PM SNMP Trap lt Unknown gt 00 1a 1e c0 2b 34 Rogue Detection wisxAPEntryChanged wisxTrapAPMacA wisxTrap Time 5 24 2011 22 40 29 U1 create 1 wisxTrap TableGenNumber 0 5 24 2011 7 39 PM SNMP Trap lt Unknown gt 00 1a 1e c0 2b 34 Rogue Detection wisxAPEntryChanged wisxTrapAPMacAi wisxTrap Time 5 24 2011 22 40 25 U1 delete 2 wisxTrap TableGenNumber 0 5 24 2011 7 39 PM SNMP Trap lt Unknown gt 00 1a 1e c0 2b 34 Rogue Detection wisxAPEntryChanged wisxTrapAPMacAi wisxTrap Time 5 24 2011 22 40 29 U1 modify 3 wisxTrap TableGenNumber 0 5 24 2011 7 39 PM SNMP Trap lt Unknown gt 00 1a 1e c0 2b 34 AP Status wisxNAccessPointisDown wisxTrapAPM wisxTrap Time 5 24 2011 22 40 25 U1 5 24 2011 7 38 PM SNMP Trap lt Unknown gt 00 1a 1e c0 55 46 AP Status wisxNAccessPointIsUp wisxTrapAPMac wisxTrap Time 5 24 2011 22 39 49 U1 1 10 w of 41967 Device Events Page 1 wof 4197 gt gt Reset filters Table 105 describes the columns and the information provided Table 105 System gt Syslog amp Traps Columns and Descriptions Column Description The timestamp of the device event Either Syslog or SNMP Trap Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 185 Table 105 System gt Syslog amp Traps Columns and Descriptions Continued Column Description Source Device
30. Ae EE EE 83 Voice OV UG eect eee 260 W Watched AMPS ccccssseccccceecccccccceccecueceeeceuaaeess 225 WDS Rolle ic cccccccccccccescccecccesccescecececesccencecucecaceeaseeess 140 Web Auth bundles cceececceeeeceeeeeeceeeeeeeeees 52 57 wired devices POMPOM eigin ie 130 Wired Interfaces table ccccccccsecccccceeeeececeeeeess 121 Dell PowerConnect W AirWave 7 4 User Guide Index 309 310 Index Dell PowerConnect W AirWave 7 4 User Guide
31. Automatically Provisioning APs onto a Floor Plan on page 286 e Tweaking a Planning Region on page 287 e Printing a Bill of Materials Report on page 288 Creating a New Campus Floors are associated with a building and buildings are associated with a campus In order to create a new floor you must first create a campus and building To create and place your campus follow these steps l Navigate to VisualRF gt Floor Plans 2 Select the Add Campus button located above the floor plan on the top left The Create New Campus window illustrated in Figure 219 appears Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 279 3 Enter the following campus information Name of the campus Client Transmit Power used in auto placement of access points onto floors within this campus The range is 30mW to 100mW Desired Speed mbps used in auto placement of access points onto floors within this campus The range is 6 to 200 mbps K NOTE Buildings and floors inherit transmit power and speed from the campus Figure 219 Create New Campus window T Create New Campus Fi Name East Client Transmit Power A i 4 Select OK to save You will see a new Campus icon appear on the campus canvas 5 Add appropriate network geographical background or upload a personalized image by right clicking on the background Set Map Allows you to browse with the included maps Auto Arrange Campuses Arrang
32. Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 79 What Next Continue to additional sections in this chapter to create new groups or to edit existing groups Once general group level configurations are complete continue to later chapters in this document to add or edit additional device level configurations and to use several additional AirWave functions Adding and Configuring Group AAA Servers Configure RADIUS servers on the Groups gt AAA Servers page Once defined on this page RADIUS servers are selectable in the drop down menus on the Groups gt Security and Groups gt SSIDs configuration pages Perform these steps to create RADIUS servers 2 NOTE TACACS servers are configurable only for Cisco WLC devices Refer to Configuring Cisco WLC Security Parameters and Functions on page 95 l Go to the Groups gt List page and select the group for which to define AAA servers by selecting the group name The Monitor page appears 2 Select the AAA Servers page The AAA Servers page appears enabling you to add a RADIUS server Figure 40 illustrate this page for AAA RADIUS Servers Figure 40 Groups gt AAA Servers Page Illustration WLANs on a Cisco WLC can be configured on the Cisco WLC Config page New RADIUS Server Hostname IP Address a Authentication Authentication Port Accounting Accounting Port Timeout Max Retries 10 180 180 180 Yes 1812 Ko S 0 10 181 181 191 Yes
33. Field Description SSID Displays the SSID associated with the VLAN VLAN ID Identifies the number of the primary VLAN SSID on which encrypted or unencrypted packets can pass between the AP and the switch Name Name Displays the name ofthe VLAN Displays the name ofthe VLAN name of the VLAN Encryption Mode Encryption Mode Displays the encryption onthe VLAN Displays the encryption onthe VLAN encryption on the VLAN First or Second Radio Enables the VLAN SSID and Encryption Mode on the radio control Enabled First or Second Radio Specifies which VLAN to be used as the primary VLAN A primary VLAN is required Primary NOTE If you create an open network see the Create Closed Network setting below in which the APs broadcast an SSID the primary SSID is broadcast Native VLAN Sets this VLAN to be the native VLAN Native VLANs are untagged and typically used for management traffic only AirWave requires a Native VLAN to be set For AP types do not require a native VLAN create a dummy VLAN disable it on both radio controls and ensure that it has the highest VLAN ID 3 Select Add to create a new SSID or VLAN or select the pencil icon next to an existing SSID VLAN to edit that existing SSID or VLAN The Add SSID VLAN configuration page appears as illustrated in Figure 43 and explained in lable 57 84 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Figure 43 Groups gt SSIDs
34. Manage pages Use the AMP Setup page to configure AirWave wide default firmware options Table 32 below itemizes the contents settings and default values for the Upload Firmware amp Files page Table 32 Device Setup gt Upload Firmware amp Files Fields and Default Values Default Description Dell Displays a drop down list of the primary AP makes and models that AirWave supports with PowerConn_ automated firmware distribution ect W SeriesContr oller any model Owner Role Displays the user role that uploaded the firmware file This is the role that has access to the file when an upgrade Is attempted Description None Displays a user configurable text description of the firmware file Server Protocol None Displays the file transfer protocol by which the firmware file was obtained from the server Use Group File Displays the name of the file server supporting the group Server Firmware Filename Displays the name of the file that was uploaded to AirWave and to be transferred to an AP when the file is used in an upgrade FirmwareVersion None Displays the firmware version number This is a user configurable field Firmware MD5 Displays the MD5 checksum of the file after it was uploaded to AirWave The MD5 Checksum checksum is used to verify that the file was uploaded to AirWave without issue The checksum should match the checksum of the file before it was uploaded Firmware File Size None Displays the size of t
35. Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Chapter 9 Creating Running and Emailing Reports This chapter describes AirWave reports including access creation scheduling and distribution This chapter includes the following sections Overview of AirWave Reports on page 227 Using Daily Reports on page 230 Defining Reports on page 252 Emailing and Exporting Reports on page 255 AirWave ships with several reports enabled by default Default reports may run nightly or weekly depending on the AirWave release Review the list of defined and scheduled reports with the Reports gt Generated and Reports gt Definition pages to determine if default reports are desired If not you can delete disable or reschedule any of them AirWave supports additional specialized reports as follows System gt Status page supports the diagnostic report file for sending to customer support diagnostics tar gz System gt Status page supports the VisualRF diagnostics report file VisualRFdiag tar gz VisualRF gt Network View supports the Bill of Materials BOM report Refer to Chapter 10 Using VisualRF on page 257 Overview of AirWave Reports Reports are powerful tools in network analysis user configuration device optimization and network monitoring on multiple levels Among their benefits reports provide an interface for multiple configurations AirWave reports h
36. Removes the selected APs from AirWave The deletes will be performed in the background and AMP may take a minute to be removed from the list Using Global Groups for Group Configuration To apply group configurations using the AirWave Global Groups feature first go to the Groups gt List configuration page Select Add to add a new group or select the name of the group to edit settings for an existing group Select the Duplicate icon usually near the last column of the list to create a new group with identical configuration to an existing group To have Global Group status a group must contain no devices accordingly access points can never be added to a Global Group Global groups are visible to users of all roles so they may not contain devices which can be made visible only to certain roles Figure 64 illustrates the Groups gt List page Figure 64 Groups gt List Page Illustration Add New Group Compare two groups 1 41 wof41Groups Page 1 wof1 Choose Columns CSV Export Name Up Down Status Polling Period Total Devices Is Global Group a Global Group Down Mismatched Ignored Users BW Duplicate SSID m S ws5100 60 seconds 5 No gauss three 4 4 0 0 0 m A _ infrastructure 60 seconds 31 No gauss two a 16 0 0 0 ki Guest R a airespace 60 seconds a No gauss one 2 0 0 0 ki 4000 80 To set a group as a Global Group go to the Groups gt Basic configuration page for an existing or a newly created group Select Yes for the Is
37. Rogue Device Threat Level The threat level classification adds granularity for each general RAPIDS classification Devices of the same classification can have differing threat scores based on the classifying rule ranging from to 10 with a default value of 5 This classification process can help identify the greater threat Alerts can be defined and sorted by threat level Threat level and classification are both assigned to a device when a device matches a rule Once classified a device s classification and threat level change only if it is classified by a new rule or is manually changed Threats Dell PowerConnect W AirWave 7 4 User Guide Using RAPIDS and Rogue Classification 173 levels can be manually defined on the RAPIDS gt Detail page when the RAPIDS classification is manually overridden or you can edit the rule to have a higher threat level Viewing and Configuring RAPIDS Rules To view the RAPIDS rules that are currently configured on AMP navigate to the RAPIDS gt Rules page Figure 121 Figure 121 RAPIDS gt Rules Page Illustration Default RAPIDS Classification Unclassified Change the priority order of rules by dragging and dropping rows Add New RAPIDS Classification Rule Rule name Classificatic Threat Level Enabled Protect my SSID Rogue 10 Yes e Fingerprint scan Rogue 5 Yes e Detected wirelessly and on LAN Rogue 5 Yes e Signal strength gt 75 dBm Suspected Rog
38. Signal Quality 18 Controller spowitil Association 11 3 2011 1 13 PM Group Ethersphere Duration 21 mins Folder Top gt Ethersphere Mode 802 11n 2 4 GHz AP Device Location Usage Radio 402 11 bgn SSID ethersphere wpa2 VLAN 65 Ch BW HT20 Forward Mode Tunnel Encrypted LAN IP 1 10 6 5 49 LAN Hostname 1 gerard festa arubanetworks com Auth Type WPAZ EAP Auth Time 21 mins Ci AES SNMP Source Poll Viewing a Client s Association History Past association details of a client are tracked in the Association History table which is located under the VRF QuickView illustration if available and the Alert Summary in Clients gt Client Detail The columns in this table shown in Figure 147 are the same as the fields in the Current Association section for this user Figure 147 Association History in Clients gt Client Detail Association History 1 2 of 5 Past Associations Page 1of2 Resetfilters Choose columns Export CSV Username AOS Device Type w Role w AP Device SSID w WLAN Interface Connection Mode w Ch BW w Forward Mode w Tunneled Controller w ARUBANETWORKS sdas Windows 7 employee 1154 Q ethersphere wpaz 105 Bgz llan 802 1in 5 GHz HT40 Tunnel Encrypted ARUBANETWORKS sdas Windows 7 employee sdas rapzwg ethersphere wpez 2360 BI2 1ibg 802 1ig 1 2 of 5 Past Associations Page 1of2 Reset filters Viewing the Rogue Association History for a Client Past association details of a rogue
39. Table 71 Device Setup gt Discover gt Discovery Execution Fields Continued Column Description Displays the date and time the scan most recently completed Scheduled Displays the scheduled date and time for scans that are scheduled to be run 7 Go to the APs Devices gt New page to see a full list of the newly discovered devices that the scan detected Figure 70 illustrates this page NOTE This page is only visible to users with the AMP Administrator role or roles that have Allow authorization of APs Devices enabled in AMP Setup gt Roles Figure 70 APs Devices gt New Page Illustration To discover more devices visit the Discover page 1 3 w of 146 APs Devices Page i wof49 gt gt Choose Columns CSV Export Device a Controller Type IP Address LAN MAC Address Discovered a 00 0b 86 ce e1 84 tt Aruba3200 RN Aruba AP 70 10 51 6 222 00 0B 86 CE E1 84 6 11 2010 1 26 PM O 00 1a 1e c0 6c 46 Aruba3600 Master Aruba AP 125 10 51 81 175 00 1A 1E C0 6C 46 12 23 2010 12 00 PM E 00 1a 1e c4 5a 10 tt Aruba3200 RN Aruba AP 60 10 51 3 44 00 1A 1E C4 5A 10 9 29 2010 3 03 PM 1 3 w of 146 APs Devices Page i w of 49 gt gt Select All Unselect All View Ignored Devices Group Access Points Folder Top X Aruba AP Group Auto Detect Monitor Only Firmware Upgrades Manage Read Write Add Ignore Delete What Next To authorize one or more devices to a group see Authorizing Devices
40. copied from the new configuration file to the startup configuration file on the AP If No is selected AirWave uses the AP to merge the startup and running configurations If Yes is selected the configuration is copied to the startup configuration file and the AP is rebooted This field is only visible for some devices Restrict to this version Template firmware version Community String Restricts the template to APs of the specified firmware version If Yes is selected the template only applies to APs on the version of firmware specified in the Template Firmware Version field Designates that the template only applies to APs running the version of firmware specified If the template is updating the community strings on the AP enter the new community string AirWave should use here AirWave updates the credentials It is using to communicate to the device after the device has been managed Telnet SSH Username If the template is updating the Telnet SSH Username on the AP enter the new username AirWave should use here AirWave updates the credentials it is using o to communicate to the device after the device has been managed Telnet SSH Password If the template is updating the Telnet SSH password on the AP enter the new Telnet SSH password AirWave should use here AirWave updates the credentials it is using to communicate to the device after the device has been managed enable Password If the template is updating the enab
41. gt Add SSID VLAN Page Illustration SSID VLAN RADIUS Authentication Servers Specify Interface Name Yes No RADIUS Authentication Server 1 Cisco WLC Select eal ProCurve420 Proxim only Interface management A RADIUS Authentication Server 2 Cisco WLC Select mm SSID ProCurve420 Proxim only X Name RADIUS Authentication Server 3 Cisco WLC Select ProCurve420 Proxim only n5 Maximum Allowed Associations 0 2007 255 Authentication Profile Name Proxim Only Broadcast SSID Cisco WLC Proxim and Symbol 4131 y N only es o Authentication Profile Index Proxim Only Partial Closed System Proxim only Yes No RADIUS Accounting Servers Unique Beacon Proxim only Yes No RADIUS Accounting Server 1 Cisco WLC Proxim Select mm Block All Inter Client Communication Yes No n RADIUS Accounting Server 2 Cisco WLC Proxim Select aml Encryption Encryption Mode No Encryption RADIUS Accounting Server 3 Cisco WLC Proxim Select only am EAP Options Accounting Profile Name Proxim Only WEP Key Rotation Interval 0 10000000 sec 120 Accounting Profile Index Proxim Only Add Cancel 4 Locate the SSID VLAN section on the Groups gt SSIDs configuration page and adjust these settings as required This section encompasses the basic VLAN configuration lable 57 describes the settings and default values Note that the displayed settings can vary Table 57 Groups gt SSIDs
42. gt List page and select the wrench icon next to the device whose AP settings you want to edit This directs you to the Manage page for that device Figure 98 illustrates this page Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 135 Figure 98 APs Devices gt Manage Page Illustration Name Status Configuration Last Contacted Type Controller Group Folder Management Mode ap125 meshportal karen Up OK Good 2 12 2010 10 29 AM AP 125 sphere lms sphere lms Top gt HQ Monitor Only Firmware Upgrades Manage Read Write Name ap125 meshportal karen Domain Name Location Contact Latitude 10 02450899096407 Longitude 0 7395866645358211 Altitude m 0 Group sphere Ims3 v Folder HQ b Auto Detect Upstream Device Yes O No Upstream device will automaticaly be updated when the device is polled Automatically clear Down Status Message when device comes back up O Yes No Down Status Message Aruba AP Group default Installation Default Mesh Mode Portal AP AP i Authentication Method gt gt gt gt oO o PPPoE Authentication Enable Disable Remote AP O Yes No Master Discovery Type Host Controller IP Host Controller IP Address 16 2 250 Master Controller IP Address DNS Name 16 2 250 Link
43. gt SSID VLAN Section Fields and Default Values Setting Default Description Specify Interface Name Yes Enables or disables an interface name for the VLAN interface Selecting No for this option displays the Enable VLAN Tagging and VLAN ID options Sets the interface to support the SSID VLAN combination SSID Sets the Service Set Identifier SSID which is a 32 character user defined identifier attached to the header of packets sent over a WLAN It acts as a password when a Interface mobile device tries to connect to the network through the AP and a device is not permitted to join the network unless it can provide the unique SSID Sets a user definable name associated with SSID VLAN combination Indicates the number of the VLAN designated as the Native VLAN typically for management purposes Displays if Specify Interface Name is set to No Maximum Allowed 255 Indicates the maximum number of mobile users which can associate with the Associations 0 2007 specified VLAN SSID Name VLAN ID 1 4094 NOTE 0 means unlimited for Cisco Broadcast SSID Cisco For specific devices as cited this setting enables the AP to broadcast the SSID for WLC Proxim and Symbol the specified VLAN SSID This setting works in conjunction with the Create Closed 4131 only Network setting on the Groups gt Security configuration page Proxim devices support a maximum of four SSIDs NOTE This option should be enabled to ensure support of legacy users
44. or set to poll from switches in a range from every 15 seconds to 30 minutes Interface Sets the frequency in which network interfaces are polled for bandwidth usage This setting Bandwidth Polling sinus can be disabled or set to poll from switches in a range from every 5 minutes to 30 minutes Period Interface Error 30 Sets the frequency in which network interfaces are polled for up down status This setting Counter Polling minutes can be disabled or set to poll bridge forwarding tables from switches in a range from every 5 Period minutes to 30 minutes Poll 802 3 error Sets whether 802 3 error counters should be polled counters Poll Cisco interface Sets whether the interface error counters for Cisco devices should be polled error counters 18 To configure settings for universal devices on the network including routers and switches that support both wired and wireless networks locate the Universal Devices Routers and Switches section of the Groups gt Basic page and define the version of SNMP to be supported 19 To control the conditions by which devices are automatically authorized into this group locate the Automatic Authorization settings section and adjust these settings as required Table 53 describes the settings and default values Table 53 Automatic Authorization Fields and Default Values Default Description Add New Controllers and Whether to auto authorize new controllers to the New Devices List the same Group
45. shows the setting and default value Table 28 Device Setup gt Communication gt Telnet SSH Settings Fields and Default Values Setting Default Description Telnet SSH Timeout a Sets the timeout period in seconds used when performing Telnet and SSH commands 3 120 sec 5 Locate the HTTP Discovery Settings section and adjust the default value Table 29 shows the setting and default value Table 29 Device Setup gt Communication gt HTTP Discovery Settings Fields and Default Values Setting Default Description HTTP Timeout aa Sets the timeout period in seconds used when running an HTTP discovery scan 3 120 sec 6 Locate the ICMP Settings section and adjust the default value as required Table 30 shows the setting and default value Table 30 Device Setup gt Communication gt ICMP Settings Fields and Default Values Setting Default Description Attemptto ping Yes When Yes is selected AirWave attempts to ping the AP device devices that Select No if performance is affected in negative fashion by this function If a large number unreachable of APs are unreachable by ICMP likely to occur where there is in excess of 100 APs the via SNMP timeouts start to impede network performance NOTE If ICMP is disabled on the network select No to avoid the performance penalty caused by numerous ping requests 7 Locate the Symbol 4131 and Cisco Aironet IOS SNMP Initialization area Select one of the options listed Table 31
46. supported devices Search Preferences M APs Devices Enable RTLS collector Aruba only C yes No M Clients Connected fe F7 Cients Histori Use embedded mail server Yes No I VPN Sessions Connected ___Send Test Email _ l VPN Sessions Historical Process user roaming traps from Cisco WLC yes No MV Rogue Clients de Enable AMON Data Collection ves No rd Groups Iv Tags Performance iv 2 Monitoring Processes 1 2 2 cree eee le number of configuration processes 1 5 Maximum number of audit processes 1 10 3 E Gereicl Bey 1hece e oo SNMP Fetcher Count 2 6 2 Verbose logging of SNMP configuration Yes No Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 35 Perform the following steps to configure AirWave server settings globally across the product for all users l Browse to the AMP Setup gt General page locate the General section and enter the information described in Table 8 Table 8 AMP Setup gt General gt General Section Fields and Default Values Setting Default Description System Name Defines your name for the AirWave server with a maximum limit of 20 alphanumeric characters Automatically Launches a drop down menu that specifies the behavior AirWave should follow monitor manage new when it discovers a new device Devices are placed in the default group which is devices defined in the next field Choose one of these options Monitor Only AirWave compares the curre
47. you for any phase of AirWave installation Auditing PCI Compliance on the Network This section describes PCI requirements and auditing functions in AirWave with the following topics Introduction to PCI Requirements PCI Auditing in the AirWave Interface Enabling or Disabling PCI Auditing Introduction to PCI Requirements AirWave supports wide security standards and functions in the wireless network One component of network security is the optional deployment of Payment Card Industry PCI Auditing The Payment Card Industry PCI Data Security Standard DSS establishes multiple levels in which payment cardholder data is protected in a wireless network AirWave supports PCI requirements according to the standards and specifications set forth by the following authority Payment Card Industry PCI Data Security Standard DSS PCI Security Standards Council Website https www pcisecuritystandards org PCI Quick Reference Guide Version 1 2 October 2008 https www pcisecuritystandards org pdfs pci_ssc_quick_guide pdf PCI Auditing in the AirWave Interface PCI Auditing in AirWave allows you to monitor audit and demonstrate PCI compliance on the network There are five primary pages in which you establish monitor and access PCI auditing as follows The AMP Setup gt PCI Compliance page enables or disables PCI Compliance monitoring on the network and displays the current compliance status on the network See Enabling or Disabl
48. 105 10 6 1 192 17 391 13 Kbps Verify that the devices you added are now appearing in the devices list with a Status of Up NOTE Newly added devices will be status Down until they have been polled the first time They will be configuration Unknown until they have finished verification The Up status is not contingent on verification The same section also appears on the Groups gt Monitor page and is hyperlinked from a controller s monitoring interface The Alert Summary section of APs Devices gt List cites the number of events that have occurred in the last two hours the last 24 hours and total There are four categories of alerts as listed below AMP Alerts IDS Events Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 117 RADIUS Authentication Issues K NOTE The Alert Summary table is also a feature of the Home gt Overview page and has the same links in that location For more information on the Alert Summary table refer to Viewing Alerts on page 194 Understanding the APs Devices gt Monitor Pages for All Device Types You can quickly go to any device s monitoring page once you go to its specific folder or group on the APs Devices gt List page by selecting its hyperlinked name in the Device column All Monitor pages include a section at the top displaying information such as monitoring configuration status serial number total users firmware version and so on as sho
49. 17 Contained Not Contained Signal strength gt 75 dBm Airespace 5500 Senao Inte 43 7B B1 00 02 6F 43 7B B1 Contained Not Contained Signal strength gt 75 dBm Airespace 5500 Cisco 9F 75 90 00 10 45 9F 75 90 Not Contained Contained Manual Classification Override Aruba2400 Enterasys 36 5C 18 00 01 F4 36 5C 18 Contained Not Contained Signal strength gt 75 dBm Aruba2400 Enterasys 37 44 C3 OO0 01 F4 37 44 3 Contained Not Contained Signal strength gt 75 dBm Aruba2400 Cisco 9F 75 90 00 10 45 9F 75 90 Not Contained Contained Manual Classification Override Aruba2400 Locally Ad 71 BA 90 02 20 46 71 B4 90 Contained Not Contained Signal strength gt 75 dBm Aruba2400 Locally Ad 71 BA 90 02 20 46 71 BA 91 Contained Not Contained Signal strength gt 75 dBm 1 8 of 8 Rogues Contained Page 1of1 Using the Client Session Report The Client Session Report extensively itemizes user level activity by session any instance in which a user connects to the network In list and chart form this report tracks and display session information that can include any or all of the following Session Data by OS List or Chart Session Data by OS Detail List or Chart Session Data by Model List or Chart Session Data by Manufacturer List or Chart Session Data by Device Type List or Chart Session Data by AOS Device Type List or Chart Session Data by Network Interface Vendor List or Chart Session Data by Network Chipset List or Chart Se
50. 1812 Ko 4 0 C Sm 10 153 183 153 Yes 1812 Ko 2 0 10 182 182 152 YEs 1812 Mo 2 0 4 RADIUS Servers Select All Unselect All 3 To add a RADIUS server or edit an existing server select Add New RADIUS Server or the corresponding pencil icon to edit an existing server lable 54 describes the settings and default values of the Add Edit page Table 54 Adding a RADIUS Server Fields and Default Values Setting Default Description Hostname IP Address Sets the IP Address or DNS name for RADIUS Server NOTE IP Address is required for Proxim ORiINOCO and Cisco Aironet IOS APs Secret and Confirm Sets the shared secret that is used to establish communication between AirWave and the Secret RADIUS server NOTE The shared secret entered in AirWave must match the shared secret on the server Authentication No Sets the RADIUS server to perform authentication when this setting is enabled with Yes Authorization Port 1812 Appears when Authentication is enabled Sets the port used for communication between the AP and the RADIUS server Accounting No Sets the RADIUS server to perform accounting functions when enabled with Yes Accounting Port Appears when Accounting is enabled Sets the port used for communication between the AP and the RADIUS server 80 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Table 54 Adding a RADIUS Server Fields and Default Values Continued Setting Default
51. 196 Overview Of the Clients Pages c ccsscssssssesssssscscssssesesecscseseeseseseesesecaeseseesusesassesesansesaseess 196 Monitoring WLAN Users in the Clients gt Connected and Clients gt All Pages 197 Supporting Guest WLAN Users With the Clients gt Guest Users Page ccee 199 Supporting VPN Users with the Clients gt VPN Sessions Page ssssscssnccccsssss 201 Supporting RFID Tags With the Clients gt Tags Page ccssssssescessssesseeesssessesseeeeeen 202 Evaluating and Diagnosing User Status and ISSUCS cccecssescssssessseeseceeeecsnsessesessesaneeeanees 203 Evaluating User Status with the Clients gt Client Detail Page uuu cc eeeeeeseseeeeseees 203 Mobile Device Access Control ceccssssssessssesessssessssesesessesssecaeseseeseseeanseseeensesatenss 204 Classifying Dell Devices in Client Detail cc cseesessescsssssesseesssseseessesesseseeateees 205 Quick Links for Clients on Dell Devices ce ecsessesesseecsesesseseeesecseseestsesessnseeatenes 206 Using the Deauthenticate Client Feature 0 0 ccc cseseesscsscssescssseeeeseeseseeesneeseneen 206 Viewing a Client s Association HiStory ccccesssssescscssssessessscssseesseesessesesaesesesseeeees 206 Viewing the Rogue Association History for a ClONt ccc ecesceessseescsseesseseeseeenes 206 Evaluating Client Status with the Clients gt Diagnostics Page cssssseseseseeeeseees 207 Managing Mobile Devices with
52. 2011 2 41 PM 10 20 2011 1 15PM 00 0B 86 7D 2C 50 ga_hyb Srini gt Srini gt 3 dwg 10 17 2011 1 22 PM 10 20 2011 12 56 PM 00 0B 86 7D 2C 50 ga_hyb Srini gt Srini gt 3 dwa 1 2 of 2 Rogue Client Assodations Page i wof1 BUL CSV MAC Address 00 21 6A 4B8 E2 88 pdedhia 00 24 D7 EB 0B 48 Discovery Events l EE Page BALE gt gt weet tl asc columns Export CSV Ow WEP WPAWT Network Type P Address Discovery Method Y 10 20 2011 1 16PM Wireless AP scan 24 BB z No No 00 7 86 fDC50 AP AMb5 e5 e0 39 50 6 No No 00 08 86 70 2C 50 AP 10 20 2011 1 16PM Wireless AP scan Spectrum AP93 af 79 6 No No OO 0B 86 7D 20 50 AP 10 20 2011 1 01 PM Wireless AP scan 1341 AP39 04 13 83 6 No No OO 0B 86 7D 20 50 AP 10 20 2011 1 01 PM Wireless AP scan 1341 AP38 af 79 6 No No OO 0B 86 7D 20 50 AP 10 20 2011 1 01 PM Wireless AP scan 1341 AP36 04 1 5 of 35 Discovery Events Page iwof gt gt Reset filters Important things to remember regarding the information in the device detail page are Users with the role of Admin can see all rogue AP devices Active rogue clients associated with this AP are listed in the Current Rogue Client Associations table Selecting a linked MAC address will take you to the Clients gt Client Detail page where you can view fingerprinting and device details Users with roles limited by folder can see a rogue AP if there is at least one discovering device that they ca
53. 50 18 50 21 50 0 50 3 50 6 50 4 50 12 50 15 50 16 50 21 50 0 50 3 50 Bio 9 50 Show All Maximum Average Show All Maximum Average D w Max Users a SeS 4 users B w Avg Bits Per Second In 16 4 Mbps 1 1 Mbps P i year ago ee a eile ae 100 50 60 40 20 go d erem A ed alae ll 12 55 15 55 18 59 21 55 0 35 Sioa Broo Q7 55 12 50 15 55 16 59 21 55 0 55 3 55 G 559 9 55 Show All Maximum Average Show All Maximum Average B w Supervisor Card CPU Avg Load 3 5 5 3 a w Average Free Memory 427 3 MB 422 6 MB w Average Used Memory 328 MB 322 1 MB EZ i year ago P OV LTA Connected Users 1 2 of 2 Connected Users Page le of 1 Reset filters Choose co lumns Dew ice Type w Fole P I YPS F Lope Connection Foc w 00 13 Speed Dragon Multimedia Limited guest 51 gigabitethernet 0 2 Wired OO IF FE 0005 99 Speed Dragon Multimedia Limited logon 51 gigabitethernst 0 3 Wired Tunnel Encrypted 1 2 of 2 Connected Users Page 1 of 1 Reset filters Dell PowerConnect W AirWave 7 4 User Guide All managed wired devices also include an Interfaces subtab as shown in Figure 91 Figure 91 APs Devices gt Interfaces Page for Wired Devices partial view Helpdesk Groups Monitor Home Aine ee Users List Manage Audit Down Distribution Switch Switch otal Up ArubaS3500 27 is il Down 11 1 0 20 n Physical Interfaces 4 Edit Interfaces 1 10 wof 24 Interfaces Page iwof3 gt
54. 7 Note No template is available for Aruba 3200 devices with firmware version 3 3 2 8 n 3 0 Note No template is available for Symbol RFS7000 devices with firmware version 1 1 1 0 003R Note No template is available for Cisco Aironet 871W devices with firmware version 12 4 4 T7 New Template Templates allow you to manage the configuration of 3Com Alcatel Lucent Aruba Cisco Aironet IOS Enterasys HP Hirschmann LANCOM Nomadix Nortel Symbol and Trapeze devices in this group using a configuration file Variables in the templates are used to configure device specific properties like name IP address and channel as well as group level properties ssid radius server etc Name a Device Type Status Fetch Date Version Restriction Aruba 200 Aruba 200 Template saved 1 19 200811 43PM 3 2 0 3 m Aruba 200 3 3 1 1 Aruba 200 Template saved 2 28 2008 6 24 AM None Aruba 3600 3 2 0 3 Aruba 3600 Template saved 1 18 2008 11 06 AM 3 2 0 3 g Aruba 800 Aruba 800 Template saved 2 27 2008 10 58 PM None Aruba 800 3 1 1 7 Aruba 800 Template saved 1 20 2008 2 09AM 3 1 1 7 Table 89 Groups gt Templates Fields and Default Values Setting Description Notes When applicable this section lists devices that are active on the network with no template available for the respective firmware Select the link from such a note to launch the Add Template configuration page for that device Displays the template name Devic
55. 7 4 User Guide Configuring Communication Settings for Discovered Devices To configure AirWave to communicate with your devices to define the default shared secrets and to set SNMP polling information navigate to the Device Setup gt Communication page illustrated in Figure 27 Figure 27 Device Setup gt Communication Page Illustration Default Credentials SNMP Settings The credentials below are used to communicate with devices that are discovered by AMP SNMP Timeout 3 60 sec 10 regardless of the credentials used for discovery Changing these credentials does not affect APs that are already being managed or are already in the New Devices list SNMP Retries 1 20 3 it Vi 3Com Edit View SNMPV3 Inf 3Com 8750 Edit View Add New SNMPv3 User APC Edit View 1 1 w of 1 SNMPv3 Users Page i wofi1 Choose Columns Username a Auth Protocol Priv Protocol Aruba Edit View m v3informuser SHA DES 1 1 w of 1 SNMPv3 Users Page 1 w of 1 Alcatel Lucent Edit View Avaya Edit View Select All Unselect All BelAir Edit View Delete Cisco Aironet 4800 Edit View Cisco IOS AP Edit View Telnet SSH Settings Cisco Switch Edit View Telnet SSH Timeout 3 120 sec 120 Cisco WLC Edit View HTTP Timeout 3 120 sec E Colubris Edit View ICMP Settings Custom Device Edit View Attempt to ping devices that were unreachable via Ce lees D Link Edit View ae Del Edit View Cisco Aironet VxWorks User Creation Options Enterasys Edit View Do not modify s
56. 7 4 User Guide l Go to AMP Setup gt Authentication 2 Complete the fields described on l able 23 Table 23 Login Configuration section of AMP Setup gt Authentication Field Default Description Max AMP User Idle Number of minutes of idle time until AMP automatically ends the user session Affects all Timeout users of this AMP The range is 5 240 minutes A persistent message that will appear for all of this AMP s users after they log in 3 Select Save if you are finished or you can follow the next procedure to configure Single Sign On TACACS and RADIUS Authentication options Login message Setting up Single Sign On Administrators can set up single sign on SSO for users that have access to Dell PowerConnect W Series controllers This allows users to log in to an AMP and use the IP Address or Quick Links hypertext links across AMP to access the controller s UI without having to enter credentials again The links the user can select to access a controller can be found on the APs Devices gt Monitor page in the Device Info section and on device list pages This feature must be enabled per role in AMP Setup gt Roles To enable this feature for this AMP locate the Single Sign On section in AMP Setup gt Authentication In the Enable Single Sign On field select Yes Then select Save if you are finished or you can follow the next procedure to configure TACACS and RADIUS Authentication options Configuring TAC
57. 75 Mbps 374 7 kbps D Avg bps for EnetO of tharglin2 ap65 44 53 Mbps 322 9 kbps O Avg bps for EnetO of mflynn ap65 47 74 Mbps 345 7 kbps O Avg bps for EnetO of kmorris RAP 2WG 96 81 Mbps 947 4 kbps O Avg bps for EnetO of hmclarnon rap2wg 39 91 Mbps 299 4 kbps G Avg bps for Radio 2 on AL37 1 044 Mbps 29 81 kbps E Avg bps for Radio 2 on ALI 887 7 kbps 14 82 kbps D Avg bps for Radio 2 on AL27 4 342 Mbps 316 4 kbps G Avg bps for Radio 2 on 182C 2 954 Mbps 278 7 kbps G Avg bps for Radio 2 on 130C 4 303 Mbps 174 6 kbps G Avg bps for Radio 2 on 92C 3 459 Mbps 173 8 kbps G Avg bps for Radio 2 on 12C 6 52 Mbps 379 3 kbps E Avg bps for Radio 2 on 175C 1 664 Mbps 242 1 kbps O Avg bps for Radio 1 on apl24 cO 2b 32 dev airwave com 965 1 kbps 184 8 kbps O Avg bps for Radio 1 on mtsai rap2wg 4 112 Mbps 79 98 kbps O Avg bps for Radio 1 on kperedia ap125 584 kbps 35 28 kbps GO Avg bps for Radio 1 on dpatil ap65 2 091 Mbps 31 55 kbps GO Avg bps for Radio 1 on jhrim 65 4 742 Mbps 50 89 kbps O Avg bps for Radio 1 on jbarry ap65 2 875 Mbps 171 3 kbps O Avg bps for Radio 1 on gcheng rap2wg 1 598 Mbps 78 18 kbps O Avg bps for Radio 1 on mbathina rap2wg 1 957 Mbps 83 82 kbps GO Avg bps for Radio 1 on thenu rap5 807 5 kbps 20 12 kbps G Avg bps for Radio 2 on Fish bowl 2 282 Mbps 49 81 kbps E Avg bps for Radio 2 on 1249 5 082 Mbps 498 9 kbps E Avg bps for Radio 2 on 1242 H 5 902 Mbps 297 9 kbps E Avg bps for Radio 2 on 1372 3 797 Mbps 442 4 kbps G Avg bps for Radio 2 on 115
58. 9 ap65 c2 2e 4a 2 104 50 0 0 00 chicken fingers Aruba2400 Top Access Points 10 1372 2 90 00 3 233005 00 ethersphere 1322 Top Access Points Most Channel Changes 2 4 GHz Daka Deve Chae vO MORE RSENS Caisel IERIE aiherafi s Banldith fhm Locaia Cest dier faller Gwm 1 00 24 6c c4 ce 26 20 0 Aruba651 Top Access Points 2 00 1a 1e c0 6c 46 16 eFI 0 z r Aruba3600 US Top Access Points 3 1154 Q 9 71 50 1 419 00 ethersphere 1322 Top Access Points 4 1249 8 90 50 1 56 00 ethersphere 1322 Top Access Points 5 APOO1id alfc ca7a_ 7 77 50 25 20 0 0 00 default location 5500 6 0 196 0 Top Access Points 6 1260 6 86 50 2 676 00 ethersphere 1322 Top Access Points Z 2188 6 73 50 1 308 00 ethersphere 1322 Top Access Points 8 ap105 A1 6 86 50 0 0 00 pit Aruba 3400 Top Access Points 9 1372 3 81 50 0 0 00 ethersphere 1322 Top Access Points 10 1153 5 85 00 2 1200 00 ethersphere 1322 Top Access Points Most Transmit Power Changes 5 GHz O yr R R 7 pene eames ee enn ne 1 ap105 A1 31 0 Aruba 3400 Top Access Points 2 00 24 6c c4 ce 26 17 S lt 0 00 Aruba651 Top Access Points 3 2103 7 14 88 00 0 672 00 ethersphere 1322 Top Access Points 4 OO0 1a 1e c0 2b 34 6 1 88 00 0 0 00 Aruba3200 3 121 Top Access Points 5 00 1a 1e c0 6c 46 5 1 89 50 0 0 00 Aruba3600 US Top Access Points 6 1248 5 13 88 00 1 6185 00 ethersphere 1322 Top Access Points 7 1263 4 6 91 00 3 1493316 00 etherspher
59. AirWave network settings l Locate the Primary and Secondary Network Interface sections The information in these sections should match what you defined during initial network configuration and should not require changes Table 19 describes the settings and default values Table 19 Primary and Secondary Network Interface Fields and Default Values Setting Default Description IP Address Sets the IP address of the AirWave network interface NOTE This address must be a static IP address Hostname None Sets the DNS name assigned to the AirWave server Subnet Mask None Sets the subnet mask for the primary network interface Gateway None Sets the default gateway for the network interface Primary DNS IP None Sets the primary DNS IP address for the network interface Secondary DNS IP None Sets the secondary DNS IP address for the network interface Secondary Network Select Yes to enable a secondary network interface You must also define the IP Interface address and subnet mask 2 On the AMP Setup gt Network page locate the Network Time Protocol NTP section The Network Time Protocol is used to synchronize the time between AirWave and your network reference NTP server NTP servers synchronize with external reference time sources such as satellites radios or modems NOTE Specifying NTP servers is optional NTP servers synchronize the time on the AirWave server not on individual access points To disable NTP services cle
60. Attenuation enabling dynamic attenuation which is on by default instructs the location service to sample the current RF environment and to dynamically adjust Path Loss Configuring Infrastructure Ensure that the hardware is configured to retrieve the RF information and that it provides this information on a timely basis There are three unique timing mechanisms which impact location accuracy how often the infrastructure collects and correlates RF statistics in their MIB how often the AMP queries those MIB entries and how often VisualRF service queries AMP for this RF information Figure 205 Jiming Factors Impacting Location Accuracy How often VisualRF asks How often AMP collects RF How often the Controller AMP for RF Statistics Statistics from Controller gathers RF Statistics from APs er Qe Polling Periods i i Communication Controller AP VisualRF gt Setup Client Location Timer VisualRF Service within AMP AMP These best practices are recommended when configuring hardware infrastructure For legacy autonomous APs ensure on the Group gt Radio page that Rogue Scanning is enabled and the interval is accurate as shown in Figure 200 Figure 206 Group Rogue Scanning Configuration Rogue Scanning Enabled Disabled Rogue Scanning Interval 15 1440 min 15 For thin APs ensure that the controllers are configured to gather RF information from the thin APs frequently For Cisco LWAPP navigate to
61. Bridge Maximum 20 Sets the maximum time in seconds that the device stores protocol information The Age supported range Is from 6 to 40 Bridge Hello Time Sets the time in seconds between Hello message broadcasts Bridge Forward Sets the time in seconds that the port spends in listening and learning mode if the spanning Delay tree has changed 9 To configure NTP settings locate the NTP section and adjust these settings as required lable 5 describes the settings and default values Table 45 NTP Fields and Default Values Setting Default Description NTP Server 1 2 3 None Sets the IP address of the NTP server to be configured on the AP UTC Time Zone Sets the hour offset from UTC time to local time for the AP Times displayed in AirWave graphs and logs use the time set on the AirWave server Daylight Saving Enables or disables the advanced daylight saving time settings in the Proxim section of the Time Groups gt Basic configuration page 10 To configure settings specific to Cisco IOS Catalyst locate the Cisco IOS Catalyst section and adjust these settings as required Table 46 describes the settings and default values Table 46 Cisco OS Catalyst Fields and Default Values Setting Default Description SNMP Version The version of SNMP used by AirWave to communicate to the AP Cisco 10S CLI Telnet The protocol AirWave uses to communicate with Cisco IOS devices Selecting SSH Communication uses the secure shell for
62. Cisco WLSE Cisco WLSE functions as an integral part of the Cisco Structured Wireless Aware Network SWAN architecture which includes IOS Access Points a Wireless Domain Service an Access Control Server and a WLSE In order for AirWave to obtain Rogue AP information from the WLSE all SWAN components must be properly configured Table 34 describes these components Table 34 Cisco SWAN Architecture Components SWAN Component Requirements WDS Wireless Domain WDS Name Services Primary and backup IP address for WDS devices IOS AP or WLSM WDS Credentials APs within WDS Group NOTE WDS can be either a WLSM or an IOS AP WLSM WDS can control up to 250 access points AP WDS can control up to 30 access points 58 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Table 34 Cisco SWAN Architecture Components Continued SWAN Component Requirements WLSE Wireless LAN IP Address Solution Engine Login ACS Access Control IP Address Server Login Configuring WLSE Initially in AirWave Use the following general procedures to configure and deploy a WLSE device in AirWave Adding an ACS Server for WLSE Enabling Rogue Alerts for Cisco WLSE Configuring WLSE to Communicate with APs Discovering Devices Managing Devices Inventory Reporting Defining Access Grouping WDS Participation Primary or Secondary WDS Adding an ACS Server for WLSE l Go to the Devices gt Discover gt AAA Server page 2 Selec
63. Defining RAPIDS Rules The RAPIDS gt Rules page is one of the core components of RAPIDS This feature allows you to define rules by which any detected device on the network is classified This section describes how to define use and monitor RAPIDS rules provides examples of such rules and demonstrates how they are helpful This section contains the following topics Controller Classification with WMS Offload on page 172 Device OUI Score on page 173 Rogue Device Threat Level on page 173 Viewing and Configuring RAPIDS Rules on page 174 Recommended RAPIDS Rules on page 176 Using RAPIDS Rules with Additional AirWave Functions on page 176 Controller Classification with WMS Offload This classification method is supported only when WMS offload is enabled on Dell PowerConnect W Series WLAN switches Controller classification of this type remains distinct from RAPIDS classification WLAN 172 Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7 4 User Guide switches feed wireless device information to AirWave which AirWave then processes AMP then pushes the WMS classification to all of the Dell PowerConnect W Series controllers that are WMS offload enabled WMS Offload ensures that a particular BSSID has the same classification on all of the controllers WMS Offload removes some load from master controllers and feeds connected to lan information to the RAPIDS classification eng
64. Figure 176 Reports gt Generated gt New Users Report Illustration Daily New Users Report for All Groups Folders SSIDs and Roles E XML XHTML export a CSV export ia Email this report Print report 2 6 2010 12 00 AM to 2 7 2010 12 00 AM Generated on 2 7 2010 12 16 AM New Users 1 9 wof9New Users Page iwof i Username Role MAC Address Vendor AP Device Association Time Duration VoFi 00 03 24 00 03 24 Unidata Communication Systems Inc Operations AL25 1 20 2009 6 25 PM 38 mins NETWORKS abc employee 00 16 CF 00 16 CF Hon Hai Precision Ind Co Ltd ExecutiveSuite AL16 1 20 2009 5 17 PM 17 mins 00 03 24 00 03 24 Cisco Linksys LLC HQ Engineering 1 20 2009 2 46 PM 5 mins wifiphone employee 00 16 CF 00 16 CF Unidata Communication Systems Inc Haystack AL29 1 20 2009 1 44 PM 10 hrs 31 r employee networks com employee 00 03 24 00 03 24 Nokia Danmark AS Area51 AL33 1 20 2009 11 17 AM 6 mins 38224 visitor 00 16 CF 00 16 CF Intel Facilities AL37 1 20 2009 11 11 AM 2hrs33m Using the PCI Compliance Report AirWave supports PCI requirements in accordance with the Payment Card Industry PCI Data Security Standard DSS The PCI Compliance Report displays current PCI configurations and status as enabled on the network Verify that AirWave is enabled to monitor compliance with PCI requirements as described in the Enabling or Disabling PCI Auditing on page 66 In addition to citing simple pass or fail status with regard to each P
65. Folder in the report Definition of a custom report If you create a separate Group or Folder for each set of master and local controllers you can generate a separate report for each Group or Folder With this method the summary sections of each report contain only devices from that Group or Folder and lable 131 illustrate and describe the Reports gt Generated gt Device Summary Detail page 236 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Figure 169 Reports gt Generated gt Daily Device Summary Report Illustration partial view Daily Device Summary Report for All Groups Folders and SSIDs XML XHTML expo CSV export 1 11 2011 12 00 AM to 1 12 2011 12 00 AM ail thi Generated on 1 12 2011 12 40 AM NORTE PONNI Print report Most Utilized by Maximum Number of Simultaneous Users Rank AP Device Number of Users Max Simultaneous Users Total Bandwidth MB Average Bandwidth kbps Location 7 Controller 2 ethersphere ms3 205 116 19610 24 1815 76 Aruba Networks 4 RAP Loca 99 45 6476 88 599 71 1344 Server Room 1 ethersphere 1322 231 176 20165 29 2422 71 1322 3 RAP OPS 02 290 Fl 18975 59 1757 00 5 1310 41 23 5849 25 541 60 ethersphere 1 6 AL2 42 23 3368 82 311 93 ethersphere ir T 1153 46 23 6290 70 582 47 ethersphere 1 B 1242 H 50 19 1418 28 131 32 ethersphere 1 9 12C 41 19 4206 01 389 44 ethersphere tr 10 1263 56 19 3181 33 294 57 ethersphere 1 Most Utilized by Bandwidth
66. If the device has two fixed non removable antennas the Diversity setting should be used for both receive and transmit antennas Right If your device has removable antennas and you install a high gain antenna on the device s right connector the connector on the right side when viewing the back panel of the device use this setting for receive and transmit Left If your device has removable antennas and you install a high gain antenna on the device s left connector use this setting for both receive and transmit Transmit Antenna See description in Receive Antenna above Antenna Diversity Primary Only Symbol 4131 Drop down menu provides the following options Full Diversity The AP receives information on the antenna with the best signal strength and quality The AP transmits on the antenna from which it last received information Primary Only The AP transmits and receives on the primary antenna only Secondary Only The AP transmits and receives on the secondary antenna only Rx Diversity The AP receives information on the antenna with the best signal strength and quality The AP transmits information on the primary antenna only Transmit Power Proxim Transmit Power Reduction determines the APs transmit power The Reduction max transmit power Is reduced by the number of decibels specified Channel All Represents the AP s current RF channel setting The number relates to the center frequency output by the AP s RF synthesizer
67. Illustration Refresh Diagnostic report file for sending to customer support diagnostics tar gz WisualRF diagnostics report file visualRFoiag tar gz Service Airbus Message Server Alert Cache Builder Alert Monitor Asynchronous Work Scheduler At AWMS News Fetcher Cisco ACS Cisco WLSE Poller Client Monitor Yorker Configuration Monitor Configuration Server Cron Database Device List Cacher Device Monitor Device Monitor Poll Now Discovery Event Existing amp P Cacher DNS Fetcher DHS Refresh Failover Monitor Firmware Server FTP Server Guest User Credential Enabler HTTR SHMP Scanner LYVAPP Managed Certificate Builder Master Console MC Report Runner Mobile Device Management Engine HTP client PAPI Message Processor PAPI Message Router Farallel HTTF Fetcher Ferformance Monitor Persistent TupleSpaces Server Postfix Mail Server RADIUS Accounting Server Report Runner Rogue Filter RTLS Collector SHMP Enabler SHMP Fetcher SNMP W2 Fetcher SNMP Trap Handler Synchronous Event Handler Tag Expiration TupleSpaces Server WisualRF Engine Web Server WEP Key Setter Whitelist Collector Work Queue Collision Logger Additional Log Files Description Log Nightly Maintenance System Audit Log Telnet commands Status OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK Disabled OK Disabled OK OK OK Disabled OK Disabled OK OK OK
68. Information Usage and Interface Frame Counters graphs and Connected Clients Specifics of the interface are in the Interface Information section as depicted in Figure 93 Figure 93 ndividual Interface Information Section Operational Status Down Admin Status Up Last Contacted 1 26 2010 3 50 PM Type ethernetCsmacd Alias Description FastEthernet0 4 MAC Address 00 18 18 8D 40 06 BW In kbps 0 BW Out kbps 0 Bandwidth and various standard and enterprise specific error counting information is displayed in the lower section in a tabbed graph which are shown in Figure 92 above Connected Clients if any are listed in a table below the interactive graphs as shown in Figure 94 Figure 94 Connected Clients list in APs Devices gt Interface Monitoring for a selected interface 1 1 wof 1 Connected Users Page lwof1 Reset filters Choose columns Export CSV Device Type Role w MAC Address Interface Connection Mode Forward Mode Speed Dragon Multimedia Limited logon Gutisisutuutusias 51 gigabitethernet0 0 9 Wired Tunnel Encrypted Aruba3200 l 1 of 1 Connected Users Page iwof i Reset filters 132 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide What Next All device lists in AirWave act as portals to management pages if you have the proper read write privileges Selecting the wrench or pencil icon next to a device table entry or selecting Modify Devices where appropria
69. Installing and Getting Describes system and network requirements Linux OS installation and AirWave Started installation Chapter 3 Configuring AMP Describes the primary and required configurations for startup and launch of AirWave with frequently used optional configurations Chapter 4 Configuring and Using Device Groups in AirWave Describes configuration and deployment for group device profiles Chapter 5 Discovering Adding Describes how to discover and manage devices on the network and Managing Devices Chapter 6 Creating and Using Describes and illustrates the use of templates in group and global device configuration Templates Chapter 7 Using RAPIDS and Rogue Classification Describes RAPIDS module of AirWave and enhanced rogue classification supported in AirWave Chapter 8 Performing Daily Describes common daily operations and tools in AirWave to include general user Administration in AirWave administration the use of triggers and alerts network monitoring and backups Chapter 9 Creating Running and Describes AirWave reports scheduling and generation options and distribution of Emailing Reports reports from AirWave Chapter 10 Using VisualRF Describes how to use VisualRF Appendix A Setting Up Dell Ddescribes the Dell PowerConnect W Instant access point and Virtual Controller system PowerConnect W Instant in and how to integrate this system with AMP
70. Issues Report Latest RF Health Report Latest User Session Report Using Daily Reports This section describes the default and custom scheduled reports supported in AirWave These reports can be accessed from the Reports gt Generated page Viewing Generated Reports The Reports gt Generated page supports the following general viewing options By default the reports on the Reports gt Generated page are sorted by Generation Time You can sort reports by any other column header in sequential or reverse sequential order You can also choose columns export the Generated Reports list in CSV and modify the pagination of this list The Reports gt Detail page launches when you select any report title from this page The Generated Reports page contains fewer columns and information than the Definitions page Table 128 describes each column for the Reports gt Generated page Table 128 Reports gt Generated Page Fields and Descriptions Description Generated Time Displays the date and time of the last time the report was run or when the latest report is available Selecting the link in this field displays the latest version of a given report When the latest version of a given report is not available this field is blank In this case a report can be run by selecting the report title and selecting Run Tile Displays title of the report This is a user configured field when creating the report Type Displays the type of the repo
71. Known Issues of Dell PowerConnect W Instant Integration with AirWave If the Organization String configured on the Dell PowerConnect W Instant device is different than what is statically written in the template AMP will overwrite the configured Organization String to match the template 300 Setting Up Dell PowerConnect W Instant in AirWave Dell PowerConnect W AirWave 7 4 User Guide Appendix B Installing AirWave on VMware ESX 4 1 This appendix provides complete instructions for installing AirWave on VMware ESX 4 1 and includes the following sections Creating a New Virtual Machine to Run AirWave on page 301 Installing AirWave on the Virtual Machine on page 301 AirWave Post Installation Issues on VMware on page 302 Creating a New Virtual Machine to Run AirWave 1 wl 9 Select Create a new virtual machine from the VMware vSphere 2 Select Next to select a Typical virtual machine configuration 3 4 Select an available datastore with sufficient space for the number of APs your AirWave will manage choosing Name your virtual machine and then select Next the right server hardware to comply with the hardware requirements in this document Select Next Select the Linux radio button and select CentOS 4 5 64 bit from the drop down menu then select Next Allocate a virtual disk large enough to contain the AirWave operating system application and data files refer to the AirWave Management Platfo
72. Mesh device to device link polling 0 0 74 BALCWAY E getters 120 IN VisualRE ccccccccceccceccccecccecececeececeesecees 262 mode ooecececccescccccccccccccccccccuccceceucucceuseueceueueuenseenss 120 MONI OTINE ce gescccessiensttcndecstaceunsccamnrnupdeanoseenieas 128 POX 00 0ccccccccccccecceccceccecceccacccscceccaccucceceseceecass 97 message of the day ecceecceceeeeeeeeeeeeeeeeeeeeneeneeeeees 48 Modify Devices link eccececeeeeeeeeeeeeeeeeeeeeeees 133 Monitor Read Only ssssesseeenenesneeesnereereerereeen 47 monitoring mesh devices cccccceccccesccccecccseccaseccseecescecusess 128 wired COVICES cccccesccceseccsceceecccascccusecececceuaneens 130 wireless devices cccccccccecceccecceccesceccceeecaneeeceess 118 ED AOD E E E acerca 22 understanding the Ul 29 Network integration with AMP nsss 15 network settings 6 2 010 0 eee een ee ee 43 Nightly Maintenance Time setting 36 DUIS eyed ged econo e E totes E ET 64 non UTEFS charactets ccccccceeeceeeeeeeeeeeeeeeeeeeaes 38 nd i eee ee er eee eee 76 0 Open controller web UI link eee 206 Organization String see Aruba Instant 0 0 Re rr re ee 173 Index 305 P pagination records setting TESCLEIING serisinin neinna 31 pagination widget using eeeeeeeeeeeeeeeereeseeererene 31 password changing default root scseseeeeeeeeeeeene 20 PCI Compliance Default Credential Compliance 4 67 PCI Requ
73. Monitoring 802 11bg radio for AP APOO18 19bd b1d0 Issues Summary Issue Description High Noise Noise gt 80 High Channel Utilization Channel Utilization gt 75 These issues highlighted in this section can be examined in detail using the corresponding interactive graphs on the same page See the Radio Statistics Interactive Graphs section of this chapter for details 802 11 Radio Counters Summary This table appears for radios with 802 11 counters and summarizes the number of times an expected acknowledgement frame was not received the number of duplicate frames the number of frames containing Frame Check Sequence FCS errors and the number of frame packet transmission retries and failures These aggregate error counts are broken down by Current Last Hour Last Day and Last Week time frames as illustrated in Figure 84 Figure 84 802 11 Radio Counters Summary table 802 11 Radio Counters Summary frames sec Current Last Hour Last Day Last Week Unacked 0 0 0 1 Retries 0 0 0 0 Failures i i i 1 Dup Frames 0 0 0 0 FACS Errors 380 380 386 464 The frame per second rate of these and other 802 11 errors over time are tracked and compared in the 802 11 Counters graph on the same page Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 125 Radio Statistics Interactive Graphs Time series graphs for the radio are displayed across a tabbed dual pane interface to show changes recorded at
74. Neighbor 18 3 B Suspected Rogue 32 7 O Suspected Valid 0 3 Bi alid 4d 3 O unknowns 1 3 B Rog ve D 9 O Unclassified D GAs Controller C fication Suspected Neighbor Suspected Rogue 607 Valid 79 lt unknown gt 24 Rogue 17 Unclassified 12 Devices by LAN MAC Address Vendor l 4 of 11 LAN MAC Address Vendors Page iwof3 gt gt CSV Export LAN MAC Address Vendor Total 1835 10 3 3 1 4 of 11 LAN MAC Address Vendors Page iwof3 gt GB unknown 98 8 B Aruba 0 5 DO Other D 4 O Meru Networks Ine D 2 Cisco D 2 Devices by Radio MAC Address Vendor 1 3 of 14 Radio MAC Address Vendors Page lwof5 gt gt CSV Export Radio MAC Address Vendor Total Aruba 1749 Unknown Localy Administered Address 43 z 23 1 3 of 14 Radio MAC Address Vendors Page Lwof5 gt gt D Aruba 94 1 B Unknown Locally Admi 2 3 DO Other 1 3 O unknown 1 2 O Unknown 1 Ee Total number of rogues 1858 Total number of discovery events 31002 Average number of discovery events per rogue 16 69 Average signal quality 62 17 Rogue Devices 1 5 w of 1858 Rogue Devices Page 1 wof372 gt gt CSY Export Name RAPIDS Classification ThreatLevel Controller Classification Ack First Discovered First Discovery Method First Discove Aruba C8 1E 70 Suspected Rogue 5 Suspected Rogue No 13 14 2010 4 18 PM Wireless AP scan apo5 c2 2e 4 Aruba 66 E1 40 Suspected Rogue 5 Suspected Rogue No 12 28
75. Network Usage Report on page 241 for additional bandwidth information The following figures and Table 129 illustrate and describe the contents of the Capacity Planning Report 232 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Figure 167 Capacity Planning Report Detail Page Daily Capacity Planning Report for All Groups Folders and SSIDs TE XML XHTML expor wh oo a 8 of Capacity for 1 100 of the time CSV export 1 10 2011 12 00 AM to 1 11 2011 12 00 AM il Email this report Generated on 1 11 2011 8 22 PM e Print report Interfaces 1 5 w of 35 Interfaces Page iwof7 gt gt CSV Export Device Interface Group Folde Controller Time Above 8 of Capacity v Capacity Combined b s Usage While gt Threshold Combined 00 1a 1e c0 1a 64 802 11bgn aruba gui no wms Top gt aruba gt thin aps Aruba3200 15 hrs 50 mins 65 97 5000000 18 31 1372 802 11an aruba corp Top gt cor p ethersphere 1322 9 hrs 15 mins 38 54 5000000 21 80 1249 802 11an aruba corp Top gt cor p ethersphere 1322 6 hrs 40 mins 27 78 5000000 32 54 AL27 802 11an aruba corp Top gt cor p ethersphere ms3 6 hrs 35 mins 27 43 5000000 19 12 12C 802 11an aruba corp Top gt cor p ethersphere lms3 6 hrs 25 mins 26 74 5000000 26 17 1 5 w of 35 Interfaces Page iwof7 gt gt Interface Bandwidth io s a n ait Mon 00 00 Mon 06 00 Mon 12 00 Mon 18 00 Tue 00 00 Maximum Average D Avg bps for EnetO of mcollins RAP2WG 51
76. O V Mcast Rx Frame Rate frames sec 0 frames s 0 frames s v Transmitting 2 1 6 LJ Multiple Retry Rate frames sec 0 frames s 0 frames s O Y RTS Failure Rate frames sec 0 frames s 0 frames s O V RTS Success Rate frames sec 0 frames s 0 frames s o V Rx Fragment Rate frames sec 0 frames s 0 frames s O Y Tx Fragment Rate frames sec 5 6 frames s 4 3 frames s o V Tx Frame Rate frames sec 28 8 frames s 23 7 frames s Recent ARM Events Log If this radio references an active and enabled ARM profile and if your AMP is enabled as a trap host see Dell PowerConnect W AirWave 7 4 Best Practices Guide in Home gt Documentation for instructions ARM initiated events such as automatic channel changes power changes and mode changes are displayed in the ARM Events table with the original and modified values these values can be selected for filtering the results You can export the table in CSV format The columns and values are described in and illustrated in Figure 860 Figure 86 ARM Events Table Illustration ARM Events 1 10 w of 23 ARM Events Page 1wof3 gt gt Choose Columns CSV Export Time v Trap Type Previous Tx Power Current Tx Power Previous Radio Mode Current Radio Mode Previous Channel Current Channel Previous Secondary Channel Current Secondary Channel Al All Al Al Al Al Al all 1 4 2011 10 55 AM Channel Change 1 7 Above Above 1 4 2011 10
77. Portal All others are considered to be not authenticated Usage The average bandwidth consumed by the MAC address Ch BW The channel bandwidth that currently supports 802 11n users Cipher Displays WEP with keys This data is also displayed in the Client Session report in the Session Data By Client section Connection The Radio mode used by the user to associate to the AP for 802 11n clients Mode Device Type The type of device determined by AMP Setup gt Device Type Setup rules Duration The length of time the MAC address has been associated EAP Supplicant The party being authenticated in the Extensible Authentication Protocol Forward Mode Forwarding mode for the port Bridge Tunnel or Split Tunnel Goodput The ratio of the total bytes transmitted or received in the network to the total air time required for transmitting or receiving the bytes Group The group containing the AP that the user is associated with Guest User Specifies whether the user is a guest Interface The interface on the device to which the user is connected LAN Hostname The LAN hostname of the user MAC LAN IP Address The IP assigned to the user MAC AirWave gathers it from the association table of APs Location lf a value appears here the location of this user s client has been mapped on VisualRF Select the location to open a new VisualRF Floor Plan Location window MAC Address The radio MAC address of the user associated to AP
78. Primary WDS will no longer show up as Down is the radios are enabled WDS Participation Perform these steps to configure WDS participation Log in to the AP Go to the Wireless Services gt AP page Select Specified Discovery and enter the IP address of the Primary WDS device AP or WLSM l 2 3 Select Enable participation in SWAN Infrastructure 4 5 Enter the Username and Password for the WLSE server Primary or Secondary WDS Perform these steps to configure primary or secondary functions for WDS l Go to the Wireless Services gt WDS gt General Setup page 2 If the AP is the Primary or Backup WDS select Use the AP as Wireless Domain Services Select Priority set 200 for Primary 100 for Secondary Configure the Wireless Network Manager configure the IP address of WLSE If the AP is Member Only leave all options unchecked Go to the Security gt Server Manager page Enter the IP address and Shared Secret for the ACS server and select Apply Go to the Wireless Services gt WDS gt Server Group page Enter the WDS Group of AP Se oe Select the ACS server in the Priority 1 drop down menu and select Apply Configuring ACS for WDS Authentication ACS authenticates all components of the WDS and must be configured first Perform these steps to make this configuration l Login to the ACS 2 Go to the System Configuration gt ACS Certificate Setup page 3 Install a New Certificate by selectin
79. Rank a AP Device Number of Users Max Simultaneous Users Total Bandwidth MB Average Bandwidth kbps Location 1 Switch15 dev airwave com 0 0 2154332 01 199475 19 Server Room top of 2 10 51 3 110 0 0 1555354 77 144014 33 Sunnyvale 3 lab distro switch 0 0 o3047 39 69776 61 AirWave AP Lab 4 sales 24po0e corp airwave com 0 0 611772 61 56645 61 server room CORP ri 5 switch dev airwave com 0 0 609536 36 56438 55 server room rack on 6 10 51 0 11 0 0 50789 66 47027 10 Dev Lab T hp zl sw 0 0 394324 25 36511 50 8 cisco3560 poe 0 0 218693 02 20249 35 server room CORP ri 9 hp poe switch 0 0 216460 70 20042 66 server room left side 10 xlwesm make me mismatch 0 0 87071 39 8062 17 Least Utilized by Maximum Number of Simultaneous Users Rank a AP Device Number of Users Max Simultaneous Users Total Bandwidth MB Average Bandwidth kbps Location 1 Aruba200 Master really 0 0 0 00 0 00 2 Aironet Wireless Communication 38 FB BF 0 0 0 00 0 00 a bhyman rapSwn 0 0 0 00 0 00 4 id 60293 0 0 0 00 0 00 3 trorman rap wag D 0 0 00 0 00 6 clukaszewski rapSwn 0 0 0 00 0 00 T bzeno RAP 2WG D 0 0 00 0 00 B 10 51 0 9 0 0 0 00 0 00 YY 9 joeb rap2wg 0 0 0 00 0 00 10 api 5 0 0 0 00 0 00 Least Utilized by Bandwidth Rank a AP Device Number of Users Max Simultaneous Users Total Bandwidth MB Average Bandwidth kbps Location 1 Aruba200 Master really 0 0 0 00 0 00 2 khamiltton rapSwn 1 1 0 00 0 00 3 id 60293 0 0 0 00 0 00 4 bhyman rapSwn 0
80. Reset filters Choose columns Export CSV Interface Name w gigabitethernet0 0 1 corvina uplink Up gigabitethernet0 0 20 Access GEO 0 20 Down a gigabitethernet0 0 21 Access GEO 0 21 Down gigabitethernet0 0 22 Access GEO 0 22 Down a gigabitethernet0 0 3 Access Locally Authed Port Up Sw gigabitethernet0 0 5 Access Locally Authed Port Up gigabitethernet0 0 7 Access Locally Authed Port Up a gigabitethernet0 0 14 Access GEO 0 14 Down gigabitethernet0 0 0 Access a3200 1 dev airwave com uplink Up S gigabitethernet0 0 2 Access Locally Authed Port Up 1 10 of 24 Interfaces Page iwof3 gt gt Reset filters Virtual Interfaces A Edit Interfaces 1 3 v of 3 Interfaces Page lwofi Reset filters Choose columns Export CSY Interface a MAC Address Admin Status mgmt MGMT ce77x25 8 600 08 86 64 62 01 S tunnel Tunnel Interface tunnel 00 08 86 64 62 00 Up vian5l 802 10 VLAN Bipvilan 00 08 86 64 62 00 Up l 3 of 3 Interfaces Page iwofi Reset filters Name Tagged Ports Untagged Ports VLANOOOL VLANOOS1 gigabitethernet0 0 0 7 14 23 gigabitethernet0 0 0 7 14 23 VLAN4089 gigabitetherneto 0 13 gigabitetherneto 0 13 VLAN4090 gigabitethernet0 0 12 gigabitethernet0 0 12 VLAN4091 gigabitethernet0 0 11 gigabitethernet0 0 11 VLAN4092 gigabitetherneto 0 10 gigabitethernet0 0 10 VLAN4093 gigabitetherneto 0 9 gigabitetherneto 0 9 VLAN4094 gigabitethernet0 0 8 gigabitethernet0 0 8 Reports System Opera
81. Rules that you configure on the RAPIDS gt Rules page establish an important way of processing rogue devices on your network and flagging them for attention as required Such devices appear on the following pages in AirWave with additional information RAPIDS gt List Lists rogue devices as classified by rules RAPIDS gt Rules Displays the rules that classify rogue devices RAPIDS gt Overview Displays general rogue device count and statistical information System gt Triggers Displays triggers that are currently configured including any triggers that have been defined for rogue events Reports gt Definitions Allows you to run New Rogue Devices Report with custom settings VisualRF Displays physical location information for rogue devices Viewing Rogues on the RAPIDS gt List Page To view a rogue AP select the RAPIDS gt List tab and select a rogue device type from the Minimum Classification drop down menu see Figure 123 You can sort the table columns up down by selecting the column head Most columns can be filtered using the funnel icon F The active links on this page launch additional pages for RAPIDS configuration or device processing 176 Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7 4 User Guide Figure 123 RAPIDS gt List Page Illustration partial view Minimum Classification Roque amp Modify Devices 1 2 of 2 Rogue APs Pagel wofi Choose Columns CS Export
82. Setup gt Device Type Setup you can define how the Device Type displayed for users on your network is calculated from available data The first matching property is used These rules cannot be edited or deleted but only reordered or enabled You can change the priority order of rules by dragging and dropping rows as shown in Figure 30 Check or uncheck the checkbox under the Enabled column to turn device setup rules on or off Refer to Monitoring and Supporting WLAN Clients on page 196 for more information on the Device Type column that appears in Clients list tables Figure 30 AMP Setup gt Device Type Setup Page Illustration Device Type Rules Name Enabled AOS Device Type r Manufacturer Model H a os a oh OS Detail M eH Manufacturer M A Model m eh Network Interface Vendor from OUID M oe 7 Device Type Setups Save and Apply Revert Configuring Cisco WLSE and WLSE Rogue Scanning The Cisco Wireless LAN Solution Engine WLSE includes rogue scanning functions that AirWave supports This section contains the following topics and procedures and several of these sections have additional sub procedures Introduction to Cisco WLSE Configuring WLSE Initially in AirWave Configuring IOS APs for WDS Participation Configuring ACS for WDS Authentication Configuring Cisco WLSE Rogue Scanning You must enter one or more CiscoWorks WLSE hosts to be polled for discovery of Cisco devices and rogue AP information Introduction to
83. Symbol APs Error fetching existing AMP could not fetch a config for the AP Usually this is because the AMP has incorrect credentials configuration and was not able to log in ICMP Ping Failed after The device is not responding and is likely offline SNMP Get Failed SNMP Get Failed SNMP credentials and or configuration may be incorrect Verify that SNMP is enabled and that credentials and access ports are configured correctly on both the target device and in AirWave SNMP Trap AMP received an SNMP trap from the controller indicating that the AP is no longer associated to the controller Telnet Error command Telnet SSH username and password specified for that device is incorrect timed out Unexpected LAN MAC If AMP detects that the LAN MAC address of a device has changed this error message will appear Address found at this This usually indicates that a physical hardware change has occurred while reusing the same IP device s IP address Address without using the Replace Hardware feature in AirWave This error may also indicate an IP address conflict between two or more devices When an unexpected LAN MAC address is seen in a device s IP address its APs Devices gt Manage page displays the message Click Replace Hardware preferred or Reset MAC Address to reset the LAN MAC address if this device has been replaced with new hardware at the top of the page Use the Replace Hardware button at the bottom of that page in order to avoid
84. W configuration settings will have to be manually added back Up Down Status The time between Up Down SNMP polling periods for each device in the group Detailed SNMP polling Polling Period period information is available on the Groups gt Basic configuration page Note that by default most polling intervals do not match the up down period Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 71 NOTE When you first configure AirWave there is only one default group labeled Access Points If you have no other groups configured refer to Configuring Basic Group Settings on page 72 Configuring Basic Group Settings The first default device group that AirWave sets up is the Access Points group but you can use this procedure to add and configure any device group Perform these steps to configure basic group settings then continue to additional procedures to define additional settings as required l Go to the Groups gt List page Existing device groups appear on this page 2 To create a new group select Add Enter a group name and select Add The Groups gt Basic page appears To edit an existing device group select the manage wrench icon next to the group The Groups gt Basic page appears If you mouse over an existing group s wrench a popup menu allows you to select Basic Templates Security SSIDs AAA Servers Radio Dell PowerConnect W Config or Cisco WLC Config to edit
85. WLSE rogue scanning l To add a Cisco WLSE server to AirWave navigate to the AMP Setup gt WLSE page and select Add Complete the fields in this page Table 35 describes the settings and default values Table 35 AMP Setup gt WLSE Fields and Default Values Setting Default Hostname IP Address Username Password Poll for AP Discovery Pollfor Yes Rogue Discovery Last Contacted Polling Period 10 minutes Description Designates the IP address or DNS Hostname for the WLSE server which must already be configured on the Cisco WLSE server Specifies the protocol to be used when polling the WLSE Defines the port AirWave uses to communicate with the WLSE server Defines the username AirWave uses to communicate with the WLSE server The username and password must be configured the same way on the WLSE server and on AirWave The user needs permission to display faults to discover rogues and inventory API XML API to discover manageable APs As derived from a Cisco limitation only credentials with alphanumeric characters that have only letters and numbers not other symbols allow AirWave to pull the necessary XML APIs Defines the password AirWave uses to communicate with the WLSE server The username and password must be configured the same way on the WLSE server and on AirWave As derived from a Cisco limitation only credentials with alphanumeric characters that have only letters and numbers not other symbols a
86. Write mode 3 Select Yes on the Spectrum Override field for one or both radios depending on the band and channels you want it to analyze 4 Select the band that should run in spectrum If you selected the 5GHz band in the 802 1 lan Radio section choose the lower middle or upper range of channels that you want to be analyzed by this radio 5 Select Save and Apply and confirm your edit This overrides the current Mode setting for that AP ap mode or am mode After making this change you can view the Radio Role field that will appear in the Radios section of the APs Devices gt Monitor page The new role Spectrum Sensor is a link to the Spectrum Analysis page for the controller that manages this AP as illustrated in Figure 110 Figure 110 Spectrum Analysis on Controller Dashboard feet Guibas iaeia bho miter ETEEN i Leg Restos FFT gpitc Aid 2 1GHs Ki NOTE This chart is only available for AP models Dell PowerConnect WAP 105 Dell PowerConnect WAP 90 and the Dell PowerConnect WAP 130 Series To disable Spectrum mode on this individual AP after it has collected data return to the APs Devices gt Manage page for this AP and set the Spectrum Override field back to No Configuring a Controller to use the Spectrum Profile You can use AirWave to customize individual fields in the profile instance used by a particular controller without having to create new Dell AP groups and new radio profiles To do this you can set
87. a controller level override for its referenced Spectrum profile as illustrated in Figure 11 This will affect all Spectrum supported APs managed by this controller Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 149 Figure 111 Override Section of a Supported Controller s Manage Page Aruba Overrides Add New Aruba Controller Override 1 1 of 1 Aruba Controller Overrides Page iwofi Choose Columns Profile a Instance Field Value 0 Spectrum Profile defaulta Bluetooth 12 l 1 of 1 Aruba Controller Overrides Page i wof 1 Select All Unselect All Delete Perform these steps to override individual profile settings for a Dell PowerConnect W Series controller that is part of a spectrum mode Dell PowerConnect W AP group 1 wa BR ON N Select a Spectrum supported Dell PowerConnect W Series controller that is referencing a Spectrum profile and go to its APs Devices gt Manage page Set it to Manage Read Write mode Under the Dell Overrides section select Add New Dell PowerConnect W Controller Override In the Profile drop down menu select the Spectrum Profile type In the Profile Instance drop down menu select the instance of the Spectrum profile used by the controller In the Field drop down menu select the setting you would like to change such as an Age Out setting or a Spectrum Band and enter the overriding value below it Select Add to save your changes 7 To c
88. ability to view certain key statistics by mousing over such as number and type of Down devices and serve as shortcuts to frequently viewed subtabs Figure 3 illustrates the navigation bar For more details on hyperlinks tabs and subtabs see AirWave Navigation Basics on page 22 Figure 3 Navigation Bar Displaying Down Device Statistics amp New Devices 52 4 up 53 Porth 27 Mismatched 44 Rogue 2013 Users 1 Alerts 74 A Severe Alerts 67 Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 29 You can control which Top Header Stats links appear from the AMP Setup gt General page as described in Defining General AirWave Server Settings on page 35 Top Header Stats can also be customized for individual user on the Home gt User Info page There you can select the statistics to display for certain device types and override the AMP Setup page All possible display options for users are shown in Figure 4 and these fields are described in detail in Configuring Your Own User Information with the Home gt User Info Page on page 214 Figure 4 Home gt User Info Top Header Stats Display Options Top Header Stats Fitter Level For Rogue Count Suspected Rogue Customize Header Columns Yes No Stats New Devices Up Wired amp Wireless Up Wired Up Wireless Down Wired amp Wireless Down Wired Down Wireless Mismatched Rogues Users Al
89. all users currently configured in AirWave Figure 18 illustrates the contents and layout of this page Figure 18 AMP Setup gt Users Page Illustration New User Username Role Enabled Type Access Level Top Folder Name Email Address Phone Motes admin Administration Yes Administrator Top z z Select All Unselect All 44 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide 2 Select Add to create a new user select the pencil icon to edit an existing user or select a user and select Delete to remove that user from AirWave When you select Add or the edit icon the Add User page appears illustrated in Figure 19 Figure 19 AMP Setup gt Users gt Add Edit User Page Illustration Username Po Role Confirm Password es Email Address EOSO O Notes 3 Enter or edit the settings on this page Table 21 describes these settings in additional detail Table 21 AMP Setup gt Users gt Add Edit User Fields and Default Values Setting Default Description Username Sets the username as an alphanumeric string The Username is used when logging in to AirWave and appears in AirWave log files Specifies the User Role that defines the Top viewable folder type and access level of the user specified in the previous field The admin user defines user roles on the AMP Setup gt Roles page and each user in the system Is assigned to a role Password Sets the password for the user being created or edited Enter an alpha
90. an NMS manager to the APs Use these pages to make such configurations l Go to Device gt Discover gt Advanced Options 2 Select the method to bring APs into management Auto or specify via filter Inventory Reporting When new devices are managed the WLSE generates an inventory report detailing the new APs AirWave accesses the inventory report via the SOAP API to auto discover access points This is an optional step to enable another form of AP discovery in addition to AirWave CDP SNMP scanning and HTTP scanning discovery for Cisco IOS access points Perform these steps for inventory reporting l Go to Devices gt Inventory gt Run Inventory 2 Run Inventory executes immediately between WLSE polling cycles Defining Access AirWave requires System Admin access to WLSE Use these pages to make these configurations 1 Go to Administration gt User Admin 2 Configure Role and User Grouping It s much easier to generate reports or faults if APs are grouped in WLSE Use these pages to make such configurations l Go to Devices gt Group Management 2 Configure Role and User Configuring 10S APs for WDS Participation IOS APs 1100 1200 can function in three roles within SWAN Primary WDS 60 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Backup WDS WDS Member AMP monitors AP WDS role and displays this information on AP Monitoring page K NOTE APs functioning as WDS Master or
91. are automatically authorized into AP groups and folders AMP 36 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide validates the Folder and Group to ensure that both settings have been set to valid dropdown options Table 9 describes the settings and default values in this section Table 9 AMP Setup gt General gt Automatic Authorization Fields and Default Values Default Description Add New Controllers Globally add new controllers and autonomous devices to and Autonomous The New Devices list located in APs Devices gt New Devices Location l The same folder and group as the discovering device The same group and folder of their closest IP neighbor on the same subnet Choose a group and folder If you select this option enter the folder group in the Auto Authorization Group and Auto Authorization Folder fields that display NOTE This setting can be overridden in Groups gt Basic Add New Thin APs Globally add new thin APs to Location The New Devices list The same folder and group as the discovering device The same group and folder of their closest IP neighbor on the same subnet Choose a group and folder If you select this option enter the folder group in the Auto Authorization Group and Auto Authorization Folder fields that display NOTE This setting can be overridden in Groups gt Basic 3 On the AMP Setup gt General page locate the Top Header section to select the Top Header Stats to be dis
92. as shown Figure 92 Figure 92 nterface Monitoring Page for a Wired Device Helpdesk Home Groups APs Devices Users Reports System Device Setup Piaget i crepes x Hrama Hrd Interface Summary for ArubaS3500 n group n folder gt gt Switch a Total Up Down Access Up Down Distribution Up Down FF 16 11 26 l iil 1 1 0 Physical Interfaces a v of M Interfaces Page wof 3 Interface Mode Nha ora oer tonal Statu Type Y w ooabtethemet 0 1 Dstrbution d Home Helpdesk Groups EUME EE Users Reports stem Device Setup AMP Setup RAPIDS VisualRF k i n 255 List Honitor Labeda Late race Mentoring Haaage Arit Camel ane hat Ug Dha Hrarnatchad Dgmi a Acces T Access Wontoning Interface gigabitethernet 0 1 for Device Anuba53500 ba Access an A Interface Information cues Operational Status Ug Admin Status Up Last Contacted 5 24 2011 10 34 AM Access Type ethemetCemacd Desenption Hame comina uplink Access MAC Address 00 08 86 6A 62 03 Forwarding Mode Distribution Access BW In BW Out Access v of M Interfaces Page of 3 Virtual Interfaces 4 v f 3 interfaces Page w of 1 Interface a Mame MGMT Tunnel Interface tun 24 11 802 1 g VLAN ic p Show All Maximum Average vof 3Interfaces Page wofil E wi Broadcast In 25 6 kemena 16 7 frarnealas v Broadcast Out 0 frames s frames VLANs An Interface Monitoring page is comprised of three sections Interface
93. before an alert is issued for both Authentication Issues users and devices b Repeat this procedure for as many triggers and conditions as desired Refer to the start of Creating New Triggers on page 187 to create a new trigger Setting Triggers for IDS Events Perform the following steps to configure Intrusion Detection System IDS related triggers a Choose the Device IDS Events trigger type from the drop down Type menu See Figure 133 Table 113 describes condition settings for this trigger type Table 113 Device IDS Events Authentication Trigger Types and Condition Settings IDS Trigger Description Options Device IDS Events This trigger type is based on the number of IDS events has exceeded the threshold specified as Count in the Condition within the period of time specified in seconds in Duration Alerts can also be generated for traps based on name category or severity Select Add New Trigger Condition to specify the count characteristics that trigger an IDS alert Rogue Device This trigger type indicates that a device has been discovered with the specified Rogue Score Ad hoc Classified devices can be excluded automatically from this trigger by selecting Yes See Using RAPIDS and Rogue Classification on page 167 for more information on score definitions and discovery methods Once you choose this trigger type select Add New Trigger Condition to create one or more conditions A condition for this trigger enables
94. ccccceseesesessesseecsessesesseseeeeeseseeneess 146 Setting up Dell Spectrum Analysis in AirWave cccscssessscssesessessscssssessseceeseseeassesesseseeatenss 147 Spectrum Configurations and PrerequiSites ccccccsssesssssscssssessscessessesseecesseseeaseeeeeen 147 Setting up a Permanent Spectrum Dell AP Group cecseeeeeeesssssesseeessseseeseeeeeees 148 Configuring an Individual AP to run in Spectrum Mode ceeseseeseessssesesessceseeaeeees 148 Configuring a Controller to use the Spectrum Profile c cc cceseeseeessessssesseeessseseeaeeees 149 Chapter 6 Creating and Using Templates cccceccsssssssscsscscsssessssessseeseeeessssessneeseseesaeenseseneen 151 Group Templates sorprese ernennen E ENEE ANa 151 S pport d Device Templat S 5c assecivcsicsssaeseuscancoseeurapsaneertvacaceacbauadsancatonustoervonieecenaazsuntennenaes 151 Template Varia DIES a scisniesssansnecauthaestaseitadencnsensciuasitarersgedecnsasieausiatnentaeeesaeniaeevtaumoninetnasieuets 151 Viewing and Adding Templates cccccscssessescssssesecsessesessesessesecseseeseseesesassesauseeseseesesaneesanees 152 Configuring General Template Files and Variables cccccsssessescscssssesssessessseesssesesseseeasenes 155 Configuring General Templates cceccsssssessssesssscscsessesesesesssseesssesesseseeaseesesaesesaseeeeeass 156 IOS Configuration File Template c cc cccscssssesssscscssssesssessesssecaesecessesesassesesses
95. command line page CLI communication Selecting Telnet sends the data in clear text via Telnet Cisco IOS Config File The protocol AirWave uses to communicate with Cisco IOS devices Selecting SCP Communication uses the secure copy protocol for file transfers and displays the SCP Version option Selecting TFTP will use the insecure trivial file transfer protocol The SCP login and password should be entered in the Telnet username and password fields 76 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide 11 To configure settings specific to Cisco WLC locate the Cisco WLC section and adjust these settings as required Table 47 describes the settings and default values Table 47 Cisco WLC Fields and Default Values Setting Default Description SNMP Version Sets the version of SNMP used by AirWave to communicate to WLC controllers CLI Communication Telnet Sets the protocol AirWave uses to communicate with Cisco IOS devices Selecting SSH uses the secure shell for command line page CLI communication Selecting Telnet sends the data in clear text via Telnet K NOTE When configuring Cisco WLC controllers refer to Configuring Wireless Parameters for Cisco Controllers on page 95 12 To configure Proxim Avaya specific settings locate the Proxim Avaya section and adjust these settings as required Table 48 describes the settings and default values Table 48 Proxim Avaya Fields and Def
96. contents of Clients gt Client Details page Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 203 Figure 143 Clients gt Client Detail Page Illustration partial view Bice Ti remt Asociatiom 3 31 2010 10 51 AM on lt Deleted gt for 1 hr 44 mins Role employes AP Deewice kevinl 2 rap2veg S 24 2011 9 19 PM on kevinl 2 reap2veg for 13 mins Signal Quality 7 Controller RAP OPS 02 E windows OOOSOSC S Association 5 24 2011 9 06 PM Group arube corp Duration 13 mins Folder Top gt corp gt rap E windows Ti Mode 02 11g AP Device Location Intel Bandwidth Radio 802 11bg Win 7 SSID ethersphere wpe2 VLAN 2360 Mozilla 4 0 compatible MSIE 7 0 Windows NT 6 1 Trident 4 0 Ch BW Forward Mode Split Tunnel SLOC2 NET CLR 2 0 50727 NET CLR 3 5 30729 NET CLR 3 0 307 LAN IP Addrexc 169 254 140 171 LAN Hostname Unclassified E Auth Type WPA2 EAP PEAP Auth Time 13 mins Cipher AES SNMP Source Poll Show additional properties Save Open controller web UT Run a command 60 200 k 80 0 ee rete tt fl TI t 40 42 k o IE II tf IEI Ni eee ans B00 k IH _ 7 10 9 10 11 10 3 11 5 11 7 10 3710 11 10 1fil 3 11 5 11 Show All Maximum Average Show All Maximum Average M Signal Quality i 33 M Avg Bits Per Second In PE tee pea FE i yearago ey gs Alert Summary at 5 24
97. device Manage read write group settings will be applied to device 3 Complete these Device Communications and Location settings for the new device lable 72 further describes the contents of this page Settings may differ from device to device In several cases the default values from any given device derive from the Device Setup gt Communication page Table 72 Device Communication and Location Fields and Default Values Setting Default Description Name None User configurable name for the AP maximum of 20 characters IP Address None IP address of the device This field is required SNMP Port We Port AirWave uses to communicate with the AP using SNMP Community _ Taken from Device Setup gt Community string used to communicate with the AP String Confirm Communication NOTE The Community String should have RW Read Write capability New out of the box Cisco devices typically have SNMP disabled and a blank username and password combination for HTTP and Telnet Cisco Supports multiple community strings per AP Taken from Device Setup gt If you are going to manage configuration for the device this field provides Username Communication a read write user account SNMP HTTP and Telnet within the Cisco Security System for access to existing APs AirWave initially uses this Auth Password username and password combination to control the Cisco AP AirWave Confirm creates a user specified account with which to manage the AP if the U
98. devices on a floor plan Devices Delete Deployed Device Delete Surveys Remove all surveys rogue and client on floor plan Figure 194 shows additional navigation controls when viewing floor plans In the bottom left corner of the window is the Search box In the top right corner is the zoom control You can also zoom by using Ctrl your mouse wheel as well as the and keys In the bottom right corner are navigation tools related to network campus and building Figure 194 On Screen Navigation Options Type Client Transmit Power Floors Frequencies Rates TT Heetmap C utizstion L vere odem IF curet 7 stove M soe C ssn C same C deta Rate 7 Serer Coverage 7 Wired Range C Stow M 246 some Network Tree View amp gt APACSETR gt Aruba tF gt 9 Carr Ranch gt 63 China gt France gt Huawei gt Jenkins gt Korsa gt New Jersey gt Seton Austin s00 ta lerclieb 3e gt Sunnyvale gt TD Bank gt oo temp gt A PievhO 2B ry eH m Seer gt Ie iT iti CLCOCO Using the Settings in the VisualRF gt Setup Page The VisualRF gt Setup page illustrated in Figure 195 configures advanced settings for VisualRF Please reconfigure these settings very carefully because these settings can impact your server s performance as well as your location accuracy K NOTE Selecting Save will cause VisualRF to restart disrupti
99. disables the FTP server on AMP The FTP server is only used to manage Cisco Aironet 4800 APs Disabling the FTP server is recommended if you do not have any Cisco Aironet 4800 APs in the network Enable RTLS Collector Enables or disables the RTLS Collector which is used to allow Dell PowerConnect W Series controllers to send signed and encrypted RTLS real time locating system packets to VisualRF in other words AirWave becomes the acting RTLS server The RTLS server IP address must be configured on each controller This function is used for VisualRF to improve location accuracy and to locate chirping asset tags This function is supported only for Dell PowerConnect W Series Alcatel Lucent and Aruba Networks devices With selection of Yes the following additional fields appear which you should populate to match the settings configured on the controller RTLS Port Specify the port for the AirWave RTLS server RTLS Username Enter the user name used by the controller to decode RTLS messages RTLS Password Enter the RTLS server password that matches the controllers value Enables or disables the embedded mail server that is included with AirWave This field supports a Send Test Email button for testing server functionality This button prompts you with a To and From field in which you must enter valid email addresses and a button to send a test email Use embedded mail server Process user roaming Whether AMP should parse client a
100. group by selecting the corresponding pencil icon The Groups gt Basic page for that group appears Additional information about adding and editing groups is described in Configuring and Using Device Groups in AirWave on page 69 2 From the AirWave navigation pane select Templates The Templates page appears Figure 112 illustrates the Groups gt Templates configuration page and Table 89 describes the columns Figure 112 Groups gt Templates Page Illustration for a Sample Device Group Group Acme Corporation Note No template is available for Cisco Aironet 1200 IOS devices with firmware version 12 3 8 JA2 Note No template is available for Cisco Aironet 1200 IOS devices with firmware version 12 3 8 JEC Note No template is available for Cisco Aironet 1240 IOS devices with firmware version 12 4 10b JDA Note No template is available for Aruba 5000 devices with firmware version 3 3 2 10 Note No template is available for Aruba 5000 devices with firmware version 3 3 2 4 Note No template is available for Aruba 2400 devices with firmware version 3 3 2 10 Note No template is available for Symbol WS5100 devices with firmware version 3 2 0 0 040R Note No template is available for Aruba 3600 devices with firmware version 3 3 2 7 Note No template is available for Cisco Aironet 1250 IOS devices with firmware version 12 4 10b JA3 Note No template is available for Aruba 3400 devices with firmware version 3 3 2
101. groups share or do not share When a configuration differs between two groups the setting is flagged in red text for the group on the right The default setting of the Compare page is to highlight settings that differ between two groups To display settings that are similar or identical between two device groups select Show Similar Fields at the top left of the page The result may be a high volume of information Select Hide Similar Fields to return to the default display emphasizing configuration settings that differ between two groups You can change the configuration for either or both groups by selecting Edit in the corresponding column heading The appropriate configuration page appears If you make and save changes to either or both groups go back to the Groups gt List page and select Compare two groups Select the same two groups again for updated information Additional topics in this document describe the many fields that can appear on the Groups gt List gt Compare page Deleting a Group Perform the following steps to delete an existing Group from the AirWave database l Browse to the Groups gt List configuration page 2 Ensure that the Group you wish to delete is not marked as the default group AirWave does not permit you to delete the current default Group 3 Ensure that there are no devices in the Group you wish to delete AirWave does not permit you to delete a Group that still contains managed devices
102. gt lt relative url gt snapshot b423b5 4db0 891la2e0d2c 677 background jpg lt relative url gt lt pixel width gt 1151 lt pixel widtn gt lt pixel height gt 1557 lt pixel height gt lt image gt lt image type thumbnail gt lt filename gt var example snapshot b45e7a49891laf90d2c 677 thumb jpg lt filename gt lt relative url gt snapshot b45e7a49 23b5 4db0 891a2c 677 thumb jpg lt relative url gt lt pixel width gt 230 lt pixel width gt lt pixel height gt 311 lt pixel height gt lt image gt lt ap id 12615 name AP 4000M 1 gt lt x gt 118 97 lt x gt lt y gt 130 38 lt y gt lt total bandwidth gt 0 lt total bandwidth gt lt total clients gt 0 lt total clients gt 292 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide lt status gt down lt status gt lt uptime gt 0O 0 lt uptime gt lt radio index 1 phy g mac 00 20 A6 5A 63 66 beamwidth 0 0 gain 1 5 antenna orientation 0 0 mount Ceiling valid false gt lt discovering radio id 11276 index 1 dBm 85 gt lt discovering radio id 11828 index 1 dBm 93 gt lt radio gt lt ap gt lt site gt lt amp amp_site_inventory gt About VisualRF Plan Overview VisualRF Plan is a standalone Windows client that can be used for planning sites that do not yet use the AirWave service on the Web You can use VisualRF Plan to do basic planning procedures like adding a floor plan provisioning
103. information used to generate in a Port Usage Report appears in Figure 178 Figure 178 Reports gt Generated gt Port Usage Report Detail Page partial view Daily Port Usage Report for All Groups and Folders 1 13 2011 12 00 AM to 1 14 2011 12 00 AM Generated on 1 14 2011 12 45 AM Summary Sw im Total Ports Total Access Ports Total Distribution Ports 40 Unused Ports 455 77 12 Total Switches 18 6 Port Switches 1 24 Port Switches 1 26 Port Switches 10 50 Port Switches 6 Folder Summary 1 1 Saas aneimmaeee eee lwofl CSV of 6 Port Switches of 24 Port Switches 6 Port Switches of 50 Port Switches Top AN 455 77 TIY 1 l 1 of 1 Folder Summary Page oe 20 15 i 5 20 20 40 0 B0 B0 30x B0 100 Percent of Unused Ports WB Total Hurber of Switches BBG Port 24 Port M26 Port LJ 50 Port Switches 1 5 w of 18 Switches Page iwof4 gt Bk CSV Export Device a Folder Group Location Total Forts C3750 corp airwave com Access Points Cisco Catalyst 3750 26 25 25 TR Cisco2960_3 dev airwave com Access Points Cisco Catalyst 2960 server room 0 50 45 45 90 00 cisco3560 Access Points Cisco Catalyst 3560 Rackvilletown 26 25 25 96 15 cisco3560 dev airwave com Access Points Cisco Catalyst 3560 Rackvilletown 26 25 25 96 15 cisco3560 poe Access Points Cisco Catalyst 3560 Paul Gray serer room CORP rack nearest door 26 25 23 88 46 1 5 w of 18 Switches Page iwof4 gt Using t
104. links allowed on an AP This number includes the uplink to the portal as well as downlinks to other mesh APs Neighbor RSSI Specifies the number of beacons to wait before switching to a new link Smoothing Roaming Threshold Specifies the difference in cost between two paths that must be exceeded before the AP roams To switch to a new path it must have a cost that is less by at least the roaming threshold A high threshold results in fewer mesh roams Deauth Client when Yes With Yes selected clients have authentication removed are deauthenticated if the Uplink is Down uplink is lost The Security section contains settings for SSID and enabling AES encryption Table 68 Groups gt Proxim Mesh gt Security Fields and Default Values Setting Default Description SSID None Sets the SSID used by the Mesh Radio to connect to the mesh network Enable AES No Enable or disable AES encryption 3 The Mesh Cost Matrix configuration section contains settings for hop factor and maximum hops to portal RSSI factor and cut off medium occupancy factor and current medium occupancy weight Adjust these settings as required for your network Table 69 describes these settings and default values Table 69 Groups gt Proxim Mesh gt Mesh Cost Matrix Fields and Default Values Setting Default Description Hop Factor 5 Sets the factor associated with each hop when calculating the best path to the portal AP Higher factors will have more impact w
105. maximum capacity reducing the priority of RAPIDS can ensure that processing of other data such as client connections and bandwidth usage is not adversely impacted The default priority is Low You can also tune your system performance by changing group poll periods 11 Select Save when the General Server settings are complete and whenever making subsequent changes What Next Go to additional tabs in the AMP Setup section to continue additional setup configurations Complete the required configurations in this chapter before proceeding AirWave support remains available to you for any phase of AirWave installation 42 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Defining AirWave Network Settings The next step in configuring AirWave is to confirm the AirWave network settings Define these settings by navigating to the AMP Setup gt Network page Figure 17 illustrates the contents of this page Figure 17 AMP Setup gt Network Page Illustration Primary Network Interface Network Time NTP IP Address 1922214 Primary Secondary Hostname corp server com Subnet Mask 255 255 255 0 Static Routes Network a Subnet Mask Gateway Gateway 10 0 0 1 0 0 0 0 0 0 0 0 10 2 32 254 i 192 2 2 1 255 255 255 0 0 0 0 0 Primary DNS IP Address 10 1 1 0 1922220 255 255 0 0 0 0 0 0 Secondary DNS IP Address 10 1 1 0 Secondary Network Interface Enabled Yes No Perform the following steps to define the
106. not reported to AirWave after a certain interval This can help to identify lost or stolen inventory For more information about enabling this trigger refer to the section Monitoring and Supporting AirWave with the System Pages on page 183 Evaluating and Diagnosing User Status and Issues If a WLAN user reports difficulty with the wireless network the administration or Helpdesk personnel can view and process related user information from the Client Detail and Diagnostic pages This section describes these two pages as follows Evaluating User Status with the Clients gt Client Detail Page Evaluating Client Status with the Clients gt Diagnostics Page Evaluating User Status with the Clients gt Client Detail Page The Clients gt Client Detail page is a focused subtab that becomes visible when you select a specific WLAN user Access the Clients gt Client Detail page by selecting the MAC Address link for a specific user from one of the following pages Clients gt Connected Clients gt All Home gt Search page results or Search field Client results that display the user MAC address This page provides information for the wireless device signal quality and bandwidth consumption This page also provides an AP association history and current association status Finally if VisualRF is enabled in AMP Setup gt General this page provides a graphical map of the user location and facility information Figure 143 illustrates the
107. off site for more extensive backup strategies AirWave creates one data backup file each night The data backup file contains all of the device and group information as well as historical data and system files including IP address NTP information mail relay hosts and other AirWave settings Viewing and Downloading Backups To view current AirWave backup files go to the System gt Backups page Figure 160 illustrates this page Figure 160 System gt Backups Page Illustration Backups are run nightly nightly _datea001 tar gz Backup of 1071445503 bytes made 15 hrs 15 mins ago nighty _data002 tar gz Backup of 1045819243 bytes made 1 day 15 hrs 15 mins ago night _data003 tar gz Backup of 987593884 bytes made 2 days 15 hrs 15 mins ago night _data004 tar gz Backup of 1054778324 bytes made 3 days 15 hrs 15 mins ago To download a backup file select the filename URL and the File Download popup page appears Regularly save the data backup file to another machine or media This process can be automated easily with a nightly script NOTE Nightly maintenance and amp_backup scripts back up the full AMP data and save the file as nightly_data00 1 4 tar gz In previous AirWave versions the scripts created both config backup and data backup files In order to restore the AMP data it is only necessary to have most recent data backup file and AirWave no longer uses or supports the config backup file effective as of AirWave 6 3 2 and later Air
108. on page 258 e Starting VisualRF on page 258 e Basic QuickView Navigation on page 259 e Using the Settings in the VisualRF gt Setup Page on page 262 e Configuring QuickView Personal Preferences on page 266 e Increasing Location Accuracy on page 267 e Using QuickView to Assess RF Environments on page 274 e Planning and Provisioning on page 279 e Importing and Exporting in VisualRF on page 289 e VisualRF Location APIs on page 292 e About VisualRF Plan on page 293 The VisualRF module provides a real time picture of the actual radio environment of your wireless network and the ability to plan the wireless coverage of new sites To understand what is happening on your wireless network you need to know where your users and devices are located and you need to monitor the RF environment in those areas VisualRF puts this information at your fingertips through integrated mapping and location data VisualRF uses sophisticated RF fingerprinting to accurately display coverage patterns and calculate the location of every wireless device in range Moreover VisualRF does not require dedicated RF sensors or a costly additional location appliance all the necessary information is gathered from your existing wireless access points and controllers Figure 186 Example VisualRF Page Showing all networks Add New Floor Plan 1 5 of 61 Moor Pars lwof12 gt Choose columns Export CS APA
109. or broken antennas and the data link MAC layer corrupt frames driver decoding issues for the radio 802 11 Counters A line graph that displays statistics such as frame rate fragment rate retry rate duplicate frame rate and other metrics tracked by 802 11 counters Utilization Dell Displays max and average percentages on this radio for busy interfering receiving and transmitting PowerConnect W signals Special configuration on the controller is required to enable this data consult the Dell and Cisco WLC thin PowerConnect W AirWave 7 4 Best Practices Guide in Home gt Documentation for details APs on supported firmware versions only 126 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Figure 85 Radio Statistics Interactive Graphs Illustration Bandwidth and 802 11 Counters displayed Users Bandwidth Channel Noise Power 802 11 Counters Utilization Users Bandwidth Channel Noise Power 302 11 Counters Utilization Utilization on APO0018 19bd bidO Last 4 hours loall 802 11 Counters on AP0018 19bd bidO Last 4 hours Bal Receiving 0 Tue May 24 21 23 00 PDT ES S R N S a S a a a Collapse Maximum Average Show All Maximum Average busy 92 1 82 3 iv ACK Failure Rate frames sec 1 4 frames s 1 1 frames s o V Interference 90 9 81 E V Frame Check Sequence Error Rate frames sec 78 8 frames s 61 1 frames s y Receiving 0 0
110. override checkbox selected in the Global Group will appear as fields that can be set at the level of the subscriber group Any changes to a static field must be made on the Global Group The Global Groups feature can also be used without the Master Console For more information about how this feature works refer to Configuring and Using Device Groups in AirWave on page 69 Upgrading AirWave The AirWave upgrade process may change Please contact support and consult the latest AirWave release announcement for detailed instructions and changes Upgrade Instructions To upgrade Dell PowerConnect W AirWave 7 4 1 Download the latest version from download dell pew com 2 Copy the file to the AirWave root directory using WinSCP 3 On the AirWave run the following command where x x x is the latest AirWave release number start _dell_ upgrade v x x x Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 223 The version specific script will deploy all needed files update the database perform any data migrations and restart the AirWave services Backing Up AirWave AirWave creates nightly archives of all relational data statistical data and log files This occurs by default at 4 15 AM but is configurable on the AMP Setup gt General page under Nightly Maintenance Time Although AirWave only keeps the last four sets of archives the archives can be downloaded manually or automatically
111. page Monitoring Devices This section discusses various device monitoring options and includes the following sections Viewing Device Monitoring Statistics Understanding the APs Devices gt Monitor Pages for All Device Types Evaluating Radio Statistics for an AP Monitoring Data for Mesh Devices 116 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Monitoring Data for Wired Devices Routers and Switches Understanding the APs Devices gt Interfaces Page Auditing Device Configuration Using Device Folders Optional Viewing Device Monitoring Statistics You can view many useful device monitoring statistics in the APs Devices gt List page The APs Devices gt List page displays Clients and Usage interactive graphs formerly Users and Bandwidth prior to 7 4 and lists all devices that are managed or monitored by AirWave To see only the Up devices you can click the Up link in the Top Header Stats bar next to the green arrow This displays the APs Devices gt Up page with the same information but only containing active devices You can do the same with the Down and Mismatched top header stats links Use the Go to folder field to filter the list by folder or click Expand folders to show all APs Devices if you are looking at a filtered device list A lock icon in the Configuration column indicates that the device in that row is in Monitor only mode Figure 76 illustrates this page Figure 76 APs
112. page Figure 184 Defining a Report with Reports gt Definitions gt Add Button Report Restrictions Group All Groups v Folder All Folders E Device Search Filter This report will be run against Devices that match this search Report Restrictions section varies according to report type Report Start Report End Scheduling Options Schedule Yes No Report Visibility Generated Report Visibilty By Role Email Options Email Report O Yes No 2 Complete the fields described in Table 135 and any additional Report Restrictions The Report Restrictions section changes according to the report type you choose Additional information about each report type is described in Using Daily Reports on page 230 Table 135 Reports gt Definitions gt Add Page Fields Field Default Description Enter a Report Title Use a title that is a meaningful and descriptive so it may be found easily on the lists of reports that appear on either Generated or Definitions pages Specify the groups and folders to be covered in the report by choosing All Groups or All Folders or specifying Use selected groups or Use selected folders in the drop down menu Folder All Folders If Use selected groups is chosen a menu with checkboxes appears allowing you to choose the groups to include in the report Device Add a specific alpha numeric string for finding devices that match that which you entered Note Search Filter that once you ent
113. page 72 Templates This page manages templates for any device group Templates allow you to manage the configuration of Dell PowerConnect W 3Com Alcatel Lucent Aruba Networks Cisco Aironet IOS Cisco Catalyst switches Enterasys HP Nortel Symbol and Trapeze devices in a given group using a configuration file Variables in such templates configure device specific properties such as name IP address and channel Variables also define group level properties For additional information about using the Templates page refer to Chapter 6 Creating and Using Templates on page 151 Security This page defines general security settings for device groups to include RADIUS encryption and additional security settings on devices Refer to Configuring Group Security Settings on page 81 SSIDs This page sets SSIDs VLANs and related parameters in device groups Refer to Configuring Group SSIDs and VLANs on page 83 AAA Servers This page configures authentication authorization and accounting settings in support of RADIUS servers for device groups Refer to Adding and Configuring Group AAA Servers on page 80 Radio this page defines general 802 11 radio settings for device groups Refer to Configuring Radio Settings for Device Groups on page 87 Dell PowerConnect W Config This page manages ArubaOS Device Groups AP Overrides and other profiles specific to Dell PowerConnect W Series devices on the network
114. paraz nr r 8 Se tee 218 Performing Daily Administration in AirWave et n T E ra 2 a m1 p di 0S mn mE m tE a ti bh gl u a E HE Ti amp Ing M IF ters ch LL ET Oi fen FHI Ei li Faina rr i res ia maL 1A bra aiid a Deer ars eed La dah n Bik Ja Dell PowerConnect W AirWave 7 4 User Guide Table 123 System gt Performance Page Fields and Graphs Field Description System Information crus Basic Basic CPU information as reported by the operating system information as Basic CPU information as reported by the operating system by the operating system AirWave Server Hardware Guide at support del com manuals for hardware requirements System Load Average The number of jobs currently waiting to be processed Load is a rough metric that will tell you how busy a server is A typical AirWave load is around 2 3 times the number of CPU cores you have in your system A constant load of 4x to 5x is cause for concern A load above 6x is a serious issue and will probably result in AirWave becoming unusable To lower the load average try increasing a few polling periods in the Groups gt Basic page System Memory Usage The amount of RAM that is currently used broken down by usage It is normal for AirWave to have very little free RAM Linux automatically allocates all free RAM as cache and buffer If the kernel needs additional RAM for process it will dynamically take it from the cache and buffer
115. right click a campus building or network icon and select the Auto Match Planned Devices option to efficiently match planned APs to managed APs If you select this option for a campus then all planned APs in that campus are checked If used on a building then all the APs in that building are checked If used on a floor then all APs on that floor are checked Planned devices first attempt to auto match on MAC address and then by name The VisualRF MAC address checks against all of the LAN MAC addresses of a deployed AP Printing a Bill of Materials Report You can generate a Bill of Materials BOM Report from within VisualRF in Word format Follow these steps Navigate back to the Network view Right select Campus icon and select Show Bill of Materials A generating report popup appears Select options such as heatmap speed sensor coverage wired range and summary Select OK A BOM report appears in Microsoft Word as illustrated in Figure 228 A N NO 288 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Figure 228 Bill of Materials Report Illustration Bill of Materials Report Mar 24 2011 Hema 2 OO Data Rates 30e 240Mb Biso Pino Wow Bis Campus test Data Rate 36 0 Mbps Client Xmit 30mWw Total Controllers 45 Total IDFs 2 Total Racks 4 Total Switches 16 Total Ports 43 Total POE Ports 13 Total APs 19 Total AMs 9 Importing and Exporting in VisualRF Exporting a campus To export a campus
116. running wireline security software on your network it may identify your AMP as a threat which you can ignore 2 Select the Ignore button if the rogue device is to be ignored Ignored devices will not trigger alerts if they are rediscovered or reclassified 3 Select the Delete button if the rogue device is to be removed from AirWave processing Viewing Ignored Rogue Devices The RAPIDS gt List page allows you to view ignored rogues devices that have been removed from the rogue count displayed by AirWave Such devices do not trigger alerts and do not display on lists of rogue devices To display ignored rogue devices select View Ignored Rogues at the bottom left of the page Once a classification that has rogue devices is chosen from the drop down menu a detailed table displays all known information Using RAPIDS Workflow to Process Rogue Devices One suggested workflow for using RAPIDS is as follows Start from the RAPIDS gt List page Sort the devices on this page based on classification type Begin with Rogue APs working your way through the devices listed Select Modify Devices then select all devices that have an IP address and select Identify OS AirWave performs a port scan on the device and attempts to determine the operating system see Setting Up RAPIDS on page 169 You should investigate devices running an embedded Linux OS installation The OS scan can help identity false positives and isolate some devices tha
117. scan sets Defining a Scan Set explains how to create a scan set by combining networks and credentials when scanning for devices Running a Scan Set provides a procedure for running a scan set Adding Networks for SNMP HTTP Scanning The first step when enabling SNMP HTTP scanning for devices is to define the network segments to be scanned Pertorm these steps l Go to the Device Setup gt Discover page and locate the Networks section 2 In the Networks section select Add New Scan Network The Scan Network page appears as shown in Figure 67 Alternatively you can edit an existing scan network by selecting the corresponding pencil icon The New Edit Networks page also appears in this instance Figure 67 Device Setup gt Discover gt New Network Section Illustration Name Fe Subnet Mask Po 3 In the Name field provide a name for the network to be scanned for example Accounting Network 4 In the Network field define the IP network range or the first IP address on the network to be scanned One example would be 10 52 0 0 5 Enter the Subnet Mask for the network to be scanned for example 255 255 252 0 The largest subnet AirWave supports is 255 255 0 0 6 Select Add 7 Repeat these steps to add as many networks for which to enable device scanning All network segments configured in this way appear in the Network section of the Device Setup gt Discover page 8 Complete the configuration of scan creden
118. section displays custom configured alerts that were defined in the System gt Alerts page Use the Filter icon F next to certain columns AP Device Role VLAN Connection Mode and others to filter the results by one of the values under that column You can filter the list by substring match under the Username column The Clients gt Connected page includes SSID information for users and can display wired users using remote Access Point RAP devices in tunnel and split tunnel mode Figure 137 Clients gt Connected Page Illustration Partial View Folder Top 138 336 Users All Users Restore Folders Go to folder Top 18 336 Users amp Total Devices 863 Mismatched 489 Users 336 Bandwidth 15297 Kbps Users for folder Top Last 2 weeks C w Max Users fal Bandwidth for folder Top Last 2 weeks 5 16 11 5 23 11 5 o 11 5 16 11 5 23 11 Show All Maximum Average Show All Maximum Average S02 users 197 users Bi W Avg Bits Per Second In 48 8 Mbps 2 3 Mbps a v Avg Bits Per Second Gut 34 4 Mbps 6 Mbps 1 year aga year ag a A now rz a 1 3wof3Users Page iwofi Reset filters Choose columns Export CSV 1 3 of 3 Users Page iwofi1 Reset filters Alert Summary at 5 23 2011 11 10 AM Type a Last 2 Hours Last Day Total AMP Alerts 0 0 0 Incidents 0 0 24 RADIUS Authentication Issues 56 264 369 Dell PowerConnect W AirWave 7 4 User Guide Last Even
119. server with SOTI MobiControl Console 8 0x Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 207 A client device that is associated with WLAN infrastructure managed by the AMP server running 7 2 3 or later being actively managed by the SOTI MobiControl server For more information about setting up MobiControl please see http www soti net mc help In order to use SOTI MobiControl from within AirWave you must first add your MDM server and designate it as a MobiControl Adding a Mobile Device Management Server for MobiControl l To add an MDM server to AirWave navigate to AMP Setup gt MDM Server and select Add Complete the fields on this page Table 119 describes the settings and default values Table 119 AMP Setup gt MDM Server gt Add Fields and Descriptions Field Description Hostname IP The address or DNS hostname configured for your MobiControl Web Console Address Protocol Whether HTTP or HTTPS is to be used when polling the MDM server The port on which to connect to the MDM server is inferred from the protocol with HTTP AirWave will connect to port 80 of the SOTI server with HTTPS AirWave will connect to port 443 URL Context The URL context appended to the server URL to build the URL when connecting with the SOTI server For MobiControl v8 0x the default URL Context is MobiControlWeb For MobiControl v8 5x the default URL Context is MobiControl Enabled Whether t
120. template for a given device from the Detail page Select Add a Template when viewing device specific configuration information 5 You can audit the current device configuration from the Detail page Select Audit when viewing device specific information 6 You can display archived configuration about a given device from the Detail page Select Show Archived Device Configuration Figure 168 and Table 130 illustrate and describe the general Configuration Audit report and related contents 234 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Figure 168 Reports gt Generated gt Daily Configuration Audit Report Page abbreviated example Daily Configuration Audit Report for All Groups Folders and SSIDs XML XHTML export a 2 csv export Generated on 5 21 2009 2 21 AM a Email this re port 1 20 w of 360 Items Page iwot18 gt gt Print report Name a Folder Group Mismatches 11 1 3 Top gt Sunnyvale HQ Corp HQ Current Device Configuration Desired Device Configuration Location failed to fetch Not Available Mesh Role None Mesh AP 11 1 4 Top gt HQ Corp HO Current Device Configuration Desired Device Configuration Location failed to fetch Not Available Mesh Role None Mesh AP 11 1 5 Top gt HQ Corp HO Current Device Configuration Desired Device Configuration Location failed to fetch Not Available Mesh Role None Mesh AP 11 1 6 Top gt HQ Corp HO Current Device Configuration Desired D
121. the Tree icon at the top right of any view The Network Tree View window shown in Figure 215 appears on the screen 278 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Figure 218 Network Tree View Floor highlighted O F eT Network Tree View 9 APACSETR H 9 Aruba ste 9 Carr Ranch Y China van Office E Floor 2 0 9 East Office b 9 Huawei 9 Jenkins 9 Korea 0 New Jersey 9 Sunnyvale P 9 TD Bank H 0 test e O Ph AHE 3 Use the arrows to drill down into the folders to select the Campus Building or Floor Select the folder or floor plan icon to open the view you have selected The Network Tree View window will remain on the screen until you close it 2 NOTE If you prefer not to use background maps for your campus or building placements click a background and select Auto Arrange to move the campuses buildings from their placements into an alphabetically sorted list Planning and Provisioning VisualRF provides the capability to plan campuses buildings floors and access points prior to the actual access point deployment The following procedure describes the workflow e Creating a New Campus on page 279 e Creating a New Building in a Campus on page 280 e Importing a Floor Plan on page 281 e Editing a Floor Plan Image on page 282 e Provisioning Existing Access Points onto the Floor Plan on page 285 e
122. the device that generated the IDS event Desa MACs teree terorem nsen Using the Inventory Report The Inventory Report itemizes all devices and firmware versions on the network to include vendor information and graphical pie chart summaries The primary sections of this report are as follows Vendor Summary Lists the vendors for all devices or firmware on the network Firmware Version Summary Lists the firmware version for all firmware used on the network Model Summary Lists the model numbers for all devices or firmware on the network See Figure 172 for an illustration of a sample report Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 239 Figure 172 Reports gt Generated gt Inventory Report Illustration Edited View XML XHTML exp CSV export Generated on 1 10 2011 12 27 AM i Email this report Print report Daily Inventory Report for All Groups and Folders Vendor Summary Vendor Count of Total Fj Proxim 6 1 10 Router Switch 6 1 10 Enterasys 4 0 73 3Com 4 0 73 Trapeze 4 0 73 Nortel 3 0 55 Nomadix 3 0 59 0 a 70 0 LANCOM 3 0 55 Oother 1 AlcatelLLucent 2 0 37 O Symbol 4 9 APC 2 0 37 HP 3 8 D Link 1 0 18 Netgear 1 0 186 Dell 1 0 186 Juniper 1 0 18 Hirschmann 1 0 18 20 Vendors 546 100 00 Airmware Version Summary r Count of Total 3Com AP2750 7 0 4 4 0 1 0 18 3Com AP3750 7 0 4 4 0 1 0 18 3Com WX1200 7 0 4 4 0 1 0 18 Alc
123. the installer enters this information in the Dell PowerConnect W Instant user interface the device will immediately attempt to contact your AirWave server Within a few minutes the New Devices link at the top of the AMP UI will increase by one that first IAP is added as an Dell PowerConnect W Instant Virtual Controller in the APs Devices gt New page as shown in Figure 230 Figure 230 New nstant Virtual Controller on APs Devices gt New Page Illustration DOLL POWERCONNECT W SERIES AIRWAVE laa roi Aruba Networks New Devices 1 Up 84 Down 18 Mismatched 69 Rogue 1294 Users 3 I Alerts 0 Home Helpdesk Groups M use Users Reports System Device Setup AMP Setup Down Mismatched Ignored To discover more devices visit the Discover page l 1 of 1APs Devices Page 1of1 Choose Columns CSV Export EE i Device Type IP Address LANMAC Address Discovered Ol Instant Karma Aruba Instant Virtual Controller 3 7 2011 8 55 PM Verifying the Shared Secret and Adding the Device When an Dell PowerConnect W Instant device appears in the APs Devices gt New page the admin user should mouse over the value under the Type column to verify the device s Shared Secret with AMP as shown in Figure 231 Figure 231 Mouseover the Dell PowerConnect W nstant Type to Indicate Shared Secret l iwof 1APs Devices Page iwofi Choose Columns CSV Export Device Type w IPAddress LANMAC Address Discovered w P instant Ka
124. this message 2 NOTE To view the detailed status of all your down devices at once navigate to APs Devices gt Down try the Down top header stats link and look at the Detailed Status column for the list of down devices This column can be sorted using the Filter icon F 3 If the SNMP Get Failed message appears select the APs Devices gt Manage tab to go to the management page for that device 4 If visible select the View Device Credentials link in the Device Communications section of APs Devices gt Manage This displays the credentials AirWave is using unsuccessfully to communicate with the device This link can be removed from AirWave for security reasons by setting a flag in AirWave Only users with root 146 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide access to the AMP command line can show or hide this link To disable this feature please contact Dell support at support dell com Figure 108 illustrates this page Figure 108 View Device Credentials Window htt ps faire com nffa Credentials for AP HP 520 2 Community String public IF 10 51 1 228 Close Window K NOTE The View Device Credentials message may appear slightly different depending on the vendor and model 5 Ifthe credentials are incorrect return to the Device Communications area on the APs Devices gt Manage page Enter the appropriate credentials and select Apply 6 Return to the APs Devi
125. this was called Users Alerts Displays the number of non acknowledged AirWave alerts generated by user configured triggers When selected AirWave shows a detailed list of active alerts Severe Alerts When triggers are given a severity of Critical they generate Severe Alerts When a Severe Alert exists a conditional new component appears at the right of the Status field in bold red font Only users configured on the Home gt User Info page to be enabled to view critical alerts can see Severe Alerts The functionality of Severe Alerts is the same as that described above for Alerts Unlike Alerts the Severe Alerts section is hidden if there are no Severe Alerts Device Typesto You can support statistics for any combination of the following device types Include in Header Autonomous APs Stats Controllers Routers Switches Thin APs Others Refer to Configuring Your Own User Information with the Home gt User Info Page on page 214 In the Search field you can perform partial string searches on a large number of fields including the notes version secondary version radio serial number device serial number LAN MAC radio MAC and apparent IP of all the APs as well as the client MAC VPN user LAN IP VPN IP fields Entering a search string displays search in two phases Fast search results display quickly and divide the results into Clients APs Controllers and Switches and shows only basic columns relevant to eac
126. those pages as desired as illustrated in Figure 35 Figure 38 Pop up When Hovering over Wrench Icon in Groups gt List Compare two groups 1 3 of 3 Groups Page iwofi Choose Columns Name Changes E 3 Access Points Unapplied Changes Coo EEEN Zt CU Templa tes applied Changes eee Security i 3 of3G SSIDs AAA Servers Radio Aruba Config Select All EEG Cisco WLC Config 72 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Figure 39 illustrates an example Groups gt Basic page Figure 39 Groups gt Basic Page Illustration ruba corp i Missed SNMP Poll Threshold 1 100 Regulatory Domain United States kensa group configuration changes semeai iain Allow One to One NAT C Yes No Audit Configuration on Devices Toggling this will set all devices in this group to c Yes G No Monitor Only bat Groups Use Global Group C Yes No SNMP PollingPeriods Up Down Status Polling Period Sminutes Override Polling Period for Other Services Ves No AP Interface Polling Period 10 minutes Client Data Polling Period 10 minutes tid Thin AP Discovery Polling Period 15 minutes Device to Device Link Polling Period 5 minutes 802 11 Counters Polling Period 15 minutes Rogue AP and Device Location Data Polling Period Disabled zl CDP Neighbor Data Polling Period 30 minutes Routersand Switches Read ARP Table
127. to folder VPN 9 ki amp Total Devices 2 Mismatched 2 VPN Sessions 9 Folder Top 0 9 VPN Sessions gt VPN 9 i a amp a sad fs i io 1 45 a4 Show All v Avg VPN Sessions le w Max WPN Sessions a i year ago 1 597 of 9 VPN Sessions Pagel wof2 gt 200 k 600 k i M i 4 M 5 11 45 13 45 15 45 17 45 Il 1 45 3 45 ors 7 45 9 45 1i 45 13 45 15 45 17 45 Maximum Average Show All Maximum Average 33 sessions 19 sessions O w Avg Bits Per Second In for VPN Sessions 1 4 Mbps 302 5 kbps 33 sessions 19 sessions GB v Avg Bits Per Second Out for VPN Sessions 0 bps 0 bps GB v Max Bits Per Second In for VPN Sessions 1 4 Mbps 302 5 kbps GB v Max Bits Per Second Out for VPN Sessions 0 bps 0 bps hq via O1 VPN Top gt VPN VPN 1 1 day 2 hrs 58 mins 79 61 Kbps OSX 10 240 105 24 cjoseph Mozilla 5 0 Macint hg via O1 VPN Top gt VPN VPN 1 3 hrs 41 mins 29 86 Kbps OSX 10 240 104 54 hstonebraker Mozilla 5 0 Macint hq via O1 VPN Top gt VPN VPN 1 3 days amp hrs 56 mins 23 28 Kbps OSX 10 240 105 250 jziegler Mozilla 5 0 Macint hq via 01 VPN Top gt VPN VPN 1 1 hr 39 mins 18 56 Kbps OSX 10 240 104 164 ctang Mozilla 5 0 Macint hq via O1 VPN Top gt VPN VPN 1 1 hr 3 mins 1543 Kbps OSX 10 240 104 207 eparker Mozilla 5 0 Macint 157 of 9 VPN Sessions Pagelwof2 gt gt Reset filters Alert Summary at 10 24 2011 6 48 PM W T Yp AMP Alerts When a V
128. w OO 14 7E 00 14 7E InnerWireless Normal 1 min 1 20 2009 4 13 PM 202 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Table 118 Clients gt Tags Fields Field Description Name Displays the user editable name associated with the tag MAC Address Displays the MAC address of the AP that reported the tag Vendor Displays the vendor of the tag Aeroscout PanGo and Newbury display all or filter by type Battery Level Displays battery information filterable in drop down menu at the top of the column is not displayed for Aeroscout tags Chirp Interval Displays the tag chirp frequency or interval filterable from the drop down menu at the top of the column Note that the chirp interval from the RFID tag influences the battery life of active tags as well as search times If a tag chirps with very long chirp interval it may take longer time for the location engine to accurately measure x and y coordinates Last Seen Date and time the tag was last reported to AirWave Closest AP The AP that last reported the tag to the controller linked to the AP monitoring page in AirWave To edit the name of the tag or to add notes to the tag s record select the pencil icon next to the entry in the list You can then add or change the name and add notes like maternity ward inventory or Chicago warehouse as two examples The Inactive Tag trigger can be used to generate an alert if a tag is
129. 0 0 00 0 00 5 tforman rap2wg 0 0 0 00 0 00 6 clukaszewski rapSwn 0 0 0 00 0 00 T bzeno RAP 2WG 0 0 0 00 0 00 B 10 51 0 9 0 0 0 00 0 00 yY 9 joeb rap2wag 0 0 0 00 0 00 10 Aironet Wireless Communication 38 FB BF 0 0 0 00 0 00 Table 131 Reports gt Generated gt Daily Device Summary Report Unique Fields and Descriptions Description Max Simultaneous Users Displays the maximum number of users that were active on the associated device during the period of time that the report covers Total Bandwidth MB Displays the bandwidth in megabytes that the device supported during the period of time covered by the report Average Bandwidth kbps Displays the average bandwidth throughput for the device during the period of time covered by the report Using the Device Uptime Report The Device Uptime Report monitors device performance and availability on the network tracking uptime by multiple criteria to include the following Total average uptime by SNMP and ICMP Average uptime by device group Average uptime by device folder Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 237 You can use this report as the central starting point to improve uptime by multiple criteria This report covers protocol oriented device oriented or SSID oriented information This report can help to monitor and optimize the network in multiple ways It can demonstrate service parameters can establish locations
130. 0 0F 86 B1 D5 3F 00 0F CB B2 33 A4 00 11 24 C6 28 52 00 11 F5 53 AE 0F 00 13 02 1E 67 15 00 13 02 84 39 BD RADIO1 ap 00 13 02 AD 7C 3E 00 13 02 C2 39 28 00 13 02 CD F3 D5 00 13 CE 45 91 A0 00 0b 86 c1 a0 52 ap Not set Modify Devices 1 50 w of 187 Rogue Devices Pace iwof4 gt dpb_test_quest 101 guest open ops 101 open ops guest guest Classifying Rule lt user set gt Suspected Neighbor det Suspected Neighbor det lt user set gt lt user set gt Suspected Neighbor det lt user set gt lt user set gt 3 12 2009 10 25 AM 3 12 2009 10 24 AM 3 12 2009 10 24 AM 3 12 2009 10 23 AM Ack RAPIDS Classification ThreatLevel Name all All No Valid Enterasys 68 FA C3 No Suspected Neighbor 5 Tropos Net 04 0F BB No Suspected Neighbor 5 Cisco Syst A7 B9 ED No Valid Aruba Netw 88 88 32 No Valid Enterasys 27 F6 48 No Suspected Neighbor 5 SYMBOL TEC D7 64 A6 No Valid NOMADIX IN 05 02 D0 No Valid Meru Netwo B9 CC 05 Tags i Swof5Tags Page 1wof1 Name MAC Address Vendor Battery Level Chirp Interval Last Seen v All v al iv l a G 00 0C CC 5E 7F 9E Aeroscout Ltd 45 secs 00 14 7E 00 4C DC InnerWireless Normal 1 min 00 0C CC 7A 3B 8A Aeroscout Ltd 50 secs 00 14 7E 00 4C B9 InnerWireless Normal 2 mins 00 14 7E 00 4C F2 InnerWireless Normal 0 mins l Enter the keyword or text with format K Configuration a 3 a
131. 00 200 200 Primary Server Port 1645 o Confirm Primary Server Secret Secondary Server Hostname sIP Address Secondary Server Port 1612 Secondary Server Secret Confirm Secondary Server Secret 2 Select No to disable or Yes to enable TACACS or RADIUS authentication If you select Yes several new fields appear Complete the fields described in l able 25 Table 25 AMP Setup gt Authentication Fields and Default Values Field Default Description Primary Server Hostname Enter the IP address or the hostname of the primary RADIUS server IP Address Primary Server Port 1812 Enter the TCP port for the primary RADIUS server Primary Server Secret Specify and confirm the primary shared secret for the primary RADIUS server N Secondary Server Port 1812 Enter the TCP port for the secondary RADIUS server Secondary Server Secret Enter the shared secret for the secondary RADIUS server 3 Select Save to retain these configurations and continue with additional steps in the next procedure A Secondary Server A Enter the IP address or the hostname of the secondary RADIUS server Hostname IP Address A Integrating a RADIUS Accounting Server NOTE AirWave checks the local username and password before checking with the RADIUS server If the user is found locally the K local password and role apply When using RADIUS it s not necessary or recommended to define users on the AirWave server The only recommended user is the
132. 007 11 51 AM Minor O Device Up roamabout 4 102 3 2i 12 2007 10 24 AM Normal O Device Down roamabout 4102 3 ofi2 2007 10 19 AM Critical For each new alert the System gt Alerts page displays the items listed in lable 115 Table 115 System gt Alerts Fields and Default Settings Field Description Trigger Type Displays and sorts triggers by the type of trigger Trigger Summary Provides an additional summary information related to the trigger Triggering Agent Lists the name of the AP that generated the trigger Select the name to display its APs Devices gt Manage page Time Displays the date and time the trigger was generated Severity Displays the severity code associated with that trigger Responding to Alerts Once you have viewed an alert you may take one of the following courses of action Leave it in active status if it is unresolved The alert remains on the New Alerts list until you acknowledge or delete it If an alert already exists the trigger for that AP or user does not create another alert until the existing alert has been acknowledged or deleted Move the alert to the Alert Log by selecting it and selecting Acknowledge You may see all logged alerts by selecting the View logged alerts link at the top of the System gt Alerts page Select the New Alerts link to return to the list of new alerts Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 195 Delete the alert by
133. 0897 09 December 2011 Contents POTICO eae E E E essed 11 Document Organization scisncscnsieseinssine docnanniasvewsnysveasanddnassinn sntesutasaseacansunatiodaignsunspaaiianiadvaennuuniabednianys 11 Note Caution and Warning ICONS cececssssessccsscsssecsssecececsessncecsusecsesessesansessusassesessesaneesanses 12 GOM el EVE SUIS O FE ee siierchscpacaceaccees A neice ae ener 12 Chapter 1 POOU CL ON oenn set araioasoraesasoestinsavanse ouaeguestoeasaifumiaaistaneanenecteren 13 AirWave A Unified Wireless Network Command Center c cccccscssesesseesssseseesseeeesseseees 13 AirWave Management Platform ccccssesescssssssescseessescesseseseesessseesseseesessesesaseessesareeeess 13 Dell PowerConnect W Configuration ccecscssssssssssscssssssesesececseseesesecessesessssesesseseeasenss 14 NTS UGCA R E N 14 FEV e E E E A 14 Master Console and Failover ccscsssscscssssssssscscscssssesesecscseseesesececsesecaesesessesesassesesanseeasenes 15 Integrating AirWave into the Network and Organizational Hierarchy ccssseeeseeseeeeees 15 Chapter 2 Installing and Getting Started 00 eeesessesssessssescseerssesessesssssrsesseseeessesesesassesesasensetens 17 AirWave Hardware Requirements and Installation Media ccccccceseseeecsssseeesseseesereenees 17 Supported Browse ki eee ae ne ae ee ee 17 Installing Linux CentOS 5 Phase 1 ccccssccsssssssssssssssssscscscscscseeesesesesesesesecessssesnse
134. 1 e Using Export CSV for Lists and Reports on page 31 e Defining Graph Display Preferences on page 32 e Customizing the Dashboard on page 32 e Setting Severe Alert Warning Behavior on page 34 e Defining General AirWave Server Settings on page 35 e Defining AirWave Network Settings on page 43 e Creating AirWave Users on page 44 e Creating AirWave User Roles on page 46 e Configuring Login Message TACACS and RADIUS Authentication on page 48 e Enabling AirWave to Manage Your Devices on page 52 e Setting Up Device Types on page 58 e Configuring Cisco WLSE and WLSE Rogue Scanning on page 58 e Configuring ACS Servers on page 63 e Integrating AirWave with an Existing Network Management Solution NMS on page 64 e Auditing PCI Compliance on the Network on page 65 e Deploying WMS Offload on page 67 K NOTE Additional configurations of multiple types are available after basic configuration is complete Before You Begin Remember to complete the required configurations in this chapter before proceeding AirWave support remains available to you for any phase of AirWave installation Formatting the Top Header The Dell PowerConnect W AirWave 7 4 interface centers around a horizontal row of tabs with nested subtabs A row of statistics hyperlinks called Top Header Stats above the tabs represents commonly used subtabs These hyperlinks provide the
135. 2 psk aes O clients O clients E gt Avg Usage for Wired 0 bps 0 bps o V Max Clients for TestWireless 115 O clients 0 clients Pa eI 1 year ago i AA now a Type a _Last2Hours LastDay Total Last Event AMP Alerts 0 0 0 IDS Events 28 373 2824 12 15 2011 9 30 PM RADIUS Authentication Issues 0 0 0 5 e ae E Mismatched 61 7 Go to folder a own 3 E Good 19 amp z z O Up 46 7 O Unknown 18 7 Go to group 4 D Audit Disabled 0 O View Latest Reports m s 57 of 107 devices are Down 66 of 107 devices are Mismatched a a ae 5 Qe ET 2 E en oe a 1 Top gt Cisco 1 Top gt Cisco 1 0 14 15 29 30 44 45 59 60 74 Signal Quality Table 120 Home gt Overview Sections and Charts Section Description Clients This chartis a graphical summary of the number of users on the network during a period of time The time can be adjusted Select Show All to display a list of data series that this graph can display such as the user count by SSID Clear the Max Clients or Avg Clients checkbox to change the display of the graph The graph displays the maximum number of users by default To view historical graphs in a new window select the three bar icon on the upper right of the chart This adjustable chart displays bandwidth data over time To remove bandwidth in or out from the graphical display clear the check box for Avg Bits Per Second In or Out To display details for specific devices select Show All and select t
136. 2010 6 22 PM Wireless AP scan OO la le cl Aruba CO 1F 30 Suspected Neighbor 5 Suspected Neighbor No 12 28 2010 9 56 AM Wireless AP scan Fish bowl The rogue device inventories that comprise this report contain many fields described in Table 134 Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 243 Table 134 New Rogue Devices Report Fields Field Description Displays the device name as able to be determined RAPIDS Classification Displays the RAPIDS classification for the rogue device as classified by rules defined on the RAPIDS gt Rules page Refer to Using RAPIDS and Rogue Classification on page 167 for additional information Threat Level Displays the numeric threat level by which the device has been classified according to rules defined on the RAPIDS gt Rules page Refer to Using RAPIDS and Rogue Classification on page 167 for additional information a iepemtenoom 244 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Using the New Users Report The New Users Report lists all new users that have appeared on the network during the time duration defined for the report This report covers the user identifier the associated role when known device information and mote The report definition can filter on connection mode wired wireless or both Figure 176 illustrates the fields and information in the New Users Report
137. 2011 9 19 PM AMP Alerts 0 l t 0 Incidents D i R RADIUS Authentication Issues 0 0 0 Association History ARUBANETWORKS kevinl Win 7 employee kevinl 2 rapiveg ethersphere wpeZt 2360 BO2 libg 802 1ig Spit Tunne ARUBANETWORKS kevinl Win 7 employee kevinl 2 rap2wg ethersphere wpa2 2360 B02 1ibg 802 119 Split Tunnel 1 2 of 6 Past Associations Page leof3 Reset filters 5 24 2011 6 17 PM Aruba3400 2 ap70 ce e1 84 dev airwave com AP Security wisxStaAssociatedToUnsecureAP wisxTrapAPMacAddress 0 00 0B 86 CE E1 84 Mobile Device Access Control Mobile Device Access Control MDAC secures provisions and manages network access for Apple iOS and other employee owned mobile devices by enabling device fingerprinting device registration and increased device visibility Use the checkbox next to these fields to enable them in Clients gt Client Detail e Device Type e OS e OS Detail e Manufacturer To see more options select the Show additional properties link The results are illustrated in Figure 144 204 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Figure 144 Device Info section in Clients gt Client Detail after Show additional properties is selected Detail for DC 27B 61 5E 41 13 Namie Username First Seen Last Seen Device Type OS OS Detail Manufacturer Model Serial Number Phone Number Network Interface Vendor Netwo
138. 2102 GB Unknown 66 T BG Linux 33 3 B Unacknowledged 100 O Acknowledged a2 RAPIDS Changes view RAPIDS audit log Mon May 23 03 40 30 2011 admin seas config id 1 rapids rogue _bssid window 0 gt 8 Mon May 23 03 39 51 2011 admin seas_config id 1 rapids_rogue_bssid_window F gt 0 168 Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7 4 User Guide Table 93 RAPIDS gt Overview Fields and Descriptions SLE TAY Description IDS Events Displays a list of attack types for the designated folder and subfolders Field displays events from the past two hours the past 24 hours and total IDS events Names of attacks link to summary pages with more details Note AMP should be configured as the SNMP trap receiver on the controllers to receive IDS traps See the Dell PowerConnect W AirWave 7 4 Best Practices Guide in Home gt Documentation for details Device Count by A pie chart of rogue device percentages by RAPIDS classification RAPIDS Classification RAPIDS A summary list with details of the statistics depicted in the Device Count by RAPIDS Classification pie Classification chart Click the linked classification name to be taken to a filtered rogue list RAPIDS Devices by A pie chart of RAPIDS percentages by the detected operating system OS Operating System Detected operating systems represented in this summary listing Click on the linked Operating System name to see the r
139. 3 3 497 Mbps 311 3 kbps G Avg bps for Radio 2 on 1260 1 155 Mbps 74 91 kbps GD Avg bps for Radio 1 on mchristensen rap5wn 636 5 kbps 13 8 kbps GO Avg bps for Radio 1 on marora ap65 2 373 Mbps 58 72 kbps G Avg bps for Radio 1 on OO la le cO 1la 64 1 146 Mbps 602 8 kbps E Avg bps for Radio 1 on gwright rap2wg 6 722 Mbps 379 9 kbps O Avg bps for Radio 2 on damien ap105 2 651 Mbps 101 5 kbps D Avg bps for Radio 1 on dfisken rap5wn 1 243 Mbps 25 kbps G Avg bps for Radio 1 on pneelakantan rap2wg 1 913 Mbps 85 28 kbps Interfaces Vs Percent of Time Above Threshold 40 30 Interfaces 20 lt 20 20 40 40 60 60 80 gt 50 Percent of Time Above Threshold Table 129 Capacity Planning Report Fields and Contents Top Portion Field Description Displays the device type or name Displays the type of 802 11 wireless service supported by the device Displays the device group with which the device is associated Displays the folder with which the device Is associated Displays the controller with which a device operates Time Above 1 of Capacity Displays the time duration in which the device has functioned above 0 of capacity A low percentage of use in this field may indicate that a device is under used or poorly configured in relation to its capacity or in relation to user needs Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 233 Table 129 Capacity Planning Report Fields and Contents Top Po
140. 4 creating running and emailing 0 227 ELRO 08 Roe eee eer enter ene erent tener serene er 231 defining custom reports s s s 252 Device SUTI y aera 236 Device U pie ssrorekoreaires nen 237 300 emailing and exporting eeeeeeeeeeeeeeeeeeee 255 ID E ye aa E 239 nent Ory aoni S 239 Memory and CPU Utilization 0 241 Network SAG 6 scrcstaavenseeceasenutetenaeranennnesseaicest 241 New Client cccccccccccccscccsssseecesssseeeeseeuseeeeueeeeeeey 245 New Rogue Devices 242 RADIUS Authentication Issues 246 RF Health Report ee eeeeeeeeeeeeeeeeees 247 Rogue Clients 249 Rogue Containment Audit eee 250 transferring with FTP oaeee 255 restoring from backup e 224 RE Heati Re pOrt etext aaa 247 RF protect license ecccesceecceeseeeeeeeeeeeeneeeeeeeeens 147 Rogue AP Discovery Events secerneren 40 Rogue Association History table 206 rogue CLASSICAL iois 167 Rogue Client Associations table 179 rogue clients aseeseen 179 193 249 rogue scanning enabling in Groups gt Radio 00 90 273 root password changing eceeceeceeeeeeeeeeeeeeeeeeeeeeeees 20 routers and SWITCHES cee ceeceeeeeeeteeeeeeeeeeeeeeeens 130 adding with a CSV file oaeee 114 RTLS Collector amen eer nnC ee ek ote Coen ee eee are 41 Run a command menu ccccceeeeeseeeeeeeeeeeeeeeeees 206 SCAN LC CCIM NS sec otoss acces accictesnee unos sss cteoian elena 109 Dell Power
141. 4 GHz MAC Vier Errors A T Meise Average Channel Utization Member ofteers 1 ap105 A1 240364800 6 0 0 00 pt Aruba 3400 Top Access Points 2 1154 Q 123984000 9 E 1 419 00 ethersphere 1322 Top Access Points 3 2103 99100800 3 61 50 0 0 00 ethersphere 1322 Top Access Points 4 2188 60652800 6 73 50 1 308 00 ethersphere 1322 Top Access Points 5 1260 56505600 6 86 50 2 676 00 ethersphere 1322 Top Access Points 6 00 24 6c c4 ce a6 50889600 20 82 00 0 0 00 Aruba651 Top Access Points 7 Fish bowl 43632000 2 86 00 1 83 00 ethersphere 1322 Top Access Points 8 2198 34819200 4 86 50 1 4616 00 ethersphere 1322 Top Access Points 9 1242 H 32572800 2 88 00 1 188 00 ethersphere 1322 Top Access Points 10 00 0B 86 C3 65 7A 30758400 1 102 50 0 0 00 Aruba3400 Top Access Points Most Channel Changes 5 GHz Rank a e aise Avevepe Chtatecl Utiization Mmcber of Users r eps _Lecatient _ _ Cimtinlee_ a 1 00 24 6c c4 ce a6 20 0 Aruba651 Top Access Points 2 ap105 A1 18 oa 0 or ag pit Aruba 3400 Top Access Points 3 2103 14 88 00 0 672 00 ethersphere 1322 Top Access Points 4 1248 13 88 00 1 6185 00 ethersphere 1322 Top Access Points 5 1263 6 91 00 3 1493316 00 ethersphere 1322 Top Access Points 6 Fish bowl 6 90 00 4 767319 00 ethersphere 1322 Top Access Points 7 1260 5 88 00 Pa 73432 00 ethersphere 1322 Top Access Points 8 2198 4 79 00 2 44596 00 ethersphere 1322 Top Access Points
142. 4 kbps 3 6 kbps FE 1 year ago P now gS Connected Clients 1 2 w of 2 Connected Clients Page i wof 1 Reset filters Choose columns Export CSV Device Typew Rolew MAC Address SSIDw VLANw Interface ConnectionModew Forward Modew Association Time w Duration Auth Type Cipher w Auth Time Sig Qual Windows 7 authenticated 00 26 5A 80 CA E7 synergy 10 802 11an 802 11a Tunnel Encrypted 10 11 2011 9 35AM 41 mins Authenticated by device TKIP 41 mins 50 Apple Mac authenticated FS 1E DF E3 A8 BD synergy 10 802 11an 802 11a Tunnel Encrypted 10 10 2011 4 42PM 17hrs34mins Authenticated by device TKIP 17 hrs 34 mins 23 1 2 w of 2 Connected Clients Page 1 wof 1 Reset filters RF Neighbors 1 5 w of 23 AP Neighbors Page iwof5 gt gt Choose columns Export CSV AP Device a ist Radio Ch ist Radio Signal 2nd Radio Ch 2nd Radio Signal RAPIDS Classification 00 0b 86 64 f1 10 157 50 AMP AP 1341 AP01 165 30 AMP AP 1341 AP04 157 30 AMP AP 1341 AP15 AQ 165 43 AMP AP 1341 AP28 149 21 AMP AP 1 5 w of 23 AP Neighbors Page 1 wof5 gt gt Alert Summary at 10 11 2011 10 17 AM Type a Last 2 Hours LastDay Total Last Event AMP Alerts 0 0 0 IDS Events 0 0 0 RADIUS Authentication Issues 0 0 0 Recent Events view system event log Time User Event Tue Oct 11 09 57 52 2011 System Configuration verification configuration on device does not match desired configuration omitted 2 duplicate messages Sun Oct 9 23 16 28 2011 System Configu
143. 51 AM Power Change 6 3 1 4 2011 10 51 AM Channel Change 7 1 Above Above 1 4 2011 9 55 AM Channel Change 1 7 Above Above 1 4 2011 9 51 AM Power Change 6 3 1 4 2011 9 50 AM Channel Change 1 4 2011 4 38 AM Channel Change 1 4 2011 4 34 AM Power Change 6 3 Above Above Above Above m I yei Table 81 ARM Events table Columns and Values Column Description The time of the ARM event Trap Type The type of trap that delivered the change information Current ARM trap types that display in AirWave are Power Change Mode Change Channel Change Values that display in the following columns depend on the Trap Type Old value for transmit power before the Power Change event took place Previous Secondary Old secondary channel value for 40Mhz channels on 802 11n devices before the Channel Change Channel event took place Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 127 Table 81 ARM Events table Columns and Values Continued Column Description Current Secondary New secondary channel value after the change Channel Change Reason If the noise and interference cause for the change can be determined they will be displayed here Mode change reasons are not yet tracked Detected Interfering Devices Table For Dell PowerConnect W Series APs running in Spectrum mode the same non 802 11 interfering devices identified in the Issues Summary section are classifi
144. 51 medium Configuration verification configuration on device does not match desired configuration 60301 Top gt aruba Tue Jan 18 19 28 45 2011 System Device Aruba 3200 Aruba3200 3 121 Configuration verification configuration on device does not match desired configuration 60123 Top gt aruba gt arm Tue Jan 18 19 28 37 2011 System Device Symbol 7131 AP 7131N 1 Error in SNMP polling Counter length too long 5 bytes 59914 Top gt symbol gt fat aps Tue Jan 18 19 28 14 2011 System Device Aruba 651 Aruba651 Telnet SSH Error pattern match timed out 60215 Top gt aruba Table 106 Event Log Fields Column Description Time Date and time of the event User The AirWave user that triggered the event When AirWave itself is responsible System is displayed Type Displays the Type of event recorded which is one of four types as follows Device An event localized to one specific device Group A group wide event System A system wide event Alert lf a trigger is configured to report to the log an Alert type event will be logged here The event AirWave observed useful for debugging user tracking and change tracking 186 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Viewing Delivering and Responding to Triggers and Alerts This section describes triggers and alerts and contain the following topics Viewing Triggers Creating New Triggers Delivering Triggered Alerts Viewing Alerts Resp
145. 60 Home Ove view a 32 33 34 Data Set TO Wi eicoessdeteatecssneceatecevansibionnentadnutacanaate 260 Master Consolle ccccccscessssessseesseseeseseseeeeeees 221 Deyice NY DES enisinia 260 Master Console gt Groups gt Basic 293 Display Nent eee ene eee ee 260 Master Console gt Groups gt Basic Managed223 Fat Men eee er eee ree eee 261 Master Console gt Manage AMPs IP Hostname editing a floor plan image 282 999 Fabiaga ee 39 258 page sections FIOOTS csecssesssecssessseessecssecsuessucssessscsssessscsssecseeeee 260 Activity SCCtION c ccccesseseseeteseseeteeseseeeeeees 25 BEC GU CT CLC ccieca eee eaten ee eee iene reeset 260 Navigation section ccccssescssesesteseeteseeseseen 93 IG ONS EEE NA EE E ER 259 Status SCCHION oocooccoooccocooooeoooooeeeeoebeeeeecece 99 IDE reste uestniesitastnecn cucu neeeeustasuaaueaeesemecint 271 Radio Statistics cccccccsssssssssssseseeeesesssseseaees 124 importing a floor plan 281 RAPIDS gt Audit Log wiiscsesccseesisisensevenss 181 Importing and Exporting ccceeeee 289 PANA DNES ETS 176 nterferETS sisrrnicninsnideiiiinrnieredi nienean ie 261 RAPIDS gt Rogue APs Detail Score Override181 location VISE OD aenn 275 RAPIDS gt Score Override oa 180 location probability regions 270 RAPIDS gt Setup cccccccsessssessesessesesseeseseeteeen 169 Location SOLV ICE srini eiiiai 267 Reports gt Definitions cccceeeee 230 252 location training 268
146. 67 866 WiFi 4 amp M P for more information Enter Mew License Begin AMP License Key Product AWMS Professional Organization Aruba Networks Hardware ID OO 21 968 088 B2 04 APs 1000 RAPIDS Yes WisualRF Yes Signature LiDSDBOF In wlevNePoITKS2ERaAusmadSEwayohcislTCso0PCcoyjosiplsekgctavyg Trl isqPrmsOHTs3S2F3 7H2d0 6W 1 End AMF License Key Save Table 121 Home gt License Static Fields and Descriptions Field Description Displays a user definable name for AirWave The System Name can be configured from the AMP Setup gt General page Displays the organization listed on your license key Displays the DNS name assigned to AirWave IP Address Displays the static IP address assigned to AirWave The IP Address can be configured from the AMP Setup gt Network page 212 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Searching AirWave with the Home gt Search Page While the Search field at the top of every AMP page allows you to perform a quick search across a small number of common categories the Home gt Search page conducts a deep system wide search to find connected and historical clients VPN users managed devices rogue devices rogue clients groups folders and tags Search performs partial string searches on a large number of fields including the notes version secondary version radio serial number device seria
147. A start date of 6 months 3 weeks 5 days 9 hours ago and an end time of 4 months 2 weeks 1 day ago Is valid as is a start date of 5 5 2008 13 00 and an end date of 6 6 2008 9 00 Absolute times must be entered in a 24 hour format Other reports like the Inventory Report give a snapshot picture of the AirWave at the present time Schedule When you select Yes new fields display that allow you to define a specific time for report creation The report schedule setting Is distinct from the Report Start and Report End fields as these define the period of time to be covered by the report These Schedule fields establish the time that a report runs independent of report scope Current Local Time Displays for reference the time of the AirWave system Desired Start Date Time Sets the time the report runs which may often be separate from the time period covered by the report This allows you to run a report during less busy hours Occurs Select whether the report is to be run one time daily weekly monthly or annually Depending on the recurrence pattern selected you get an additional drop down menu For example if you select a recurrence of monthly you get an additional drop down menu that allows you to pick which day of the month day 1 day 2 and so forth the report should run Generated This field allows you to display the report either by user role with the report appearing in User Role Report lists on the Reports gt Generated page Vi
148. ACS Authentication For TACACS capability you must configure the IP Hostname of the TACACS server the TCP port and the server shared secret This TACACS configuration is for AirWave users and does not affect APs or users logging into APs l Go to the AMP Setup gt Authentication page This page displays current status of TACACS Figure 23 illustrates this page when neither TACACS nor RADIUS authentication is enabled in AirWave Figure 23 JACACS section AMP Setup gt Authentication TACACS Configuration S Authentication and CO yee Cie Primary Server Hostname IF Address tacacs aire com Primary Server Port 49 Primary Server Secret socceeneee Confirm Primary Server Secret seeeseerss Secondary Server Hostname sIP Address Secondary Server Port 49 Secondary Server Secret Confirm Secondary Server Secret 2 Select No to disable or Yes to enable TACACS authentication If you select Yes several new fields appear Complete the fields described in Table 24 Table 24 AMP Setup gt Authentication Fields and Default Values Field Default Description Primary Server Hostname IP N A Enter the IP address or the hostname of the primary TACACS server Address Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 49 Table 24 AMP Setup gt Authentication Fields and Default Valu
149. AMP 63 4 Select Add to finish creating the new ACS server or Save to finish editing an existing ACS server 5 The ACS server must have logging enabled for passed authentications Enable the Log to CSV Passed Authentications report option as follows Log in to the ACS server select System Configuration then in the Select frame select Logging Under Enable Logging select CSV Passed Authentications The default logging options function and support AirWave These include the two columns AirWave requires User Name and Caller ID What Next Go to additional tabs in the AMP Setup section to continue additional setup configurations Complete the required configurations in this chapter before proceeding AirWave support remains available to you for any phase of AirWave installation Integrating AirWave with an Existing Network Management Solution NMS This is an optional configuration The AMP Setup gt NMS configuration page allows AirWave to integrate with other Network Management Solution NMS consoles This configuration enables advanced and interoperable functionality as follows AirWave can forward WLAN related SNMP traps to the NMS or AirWave can send SNMPv1 or SNMPvw2 traps to the NMS AirWave can be used in conjunction with Hewlett Packard s ProCurve Manager The necessary files for either type of NMS interoperability are downloaded from the AMP Setup gt NMS page as follows For additional information conta
150. APs and generating a Bill of Materials BOM report VisualRF Plan is free to use for anyone with a Dell support account No license is required The client can be downloaded from the Dell software download center Minimum requirements Must be installed on a Windows machine with the following minimum specifications 250 MB Hard drive storage space 2 GB RAM 2 0 GHz dual core CPU K NOTE If installing VisualRF Plan on a VMWare virtual machine hosted by a Mac computer you must disable Folder Sharing Installation To install VisualRF Plan after you have downloaded it from the Dell support site l The installer will prompt you for the location of the data directory You must have access to the directory you choose for the installation 2 Choose a directory for auto backup The default is user directory 3 Follow the rest of the instructions on your installation screen Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 293 Differences between VisualRF Plan and VisualRF online Table 150 Visua RF Plan vs VisualRF Online Feature VisualRF VisualRF Plan mss O a fea femmes a feos fermen S a fee a Sn fesse 294 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Appendix A Setting Up Dell PowerConnect W Instant in AirWave This appendix describes the Dell PowerConnect W Instant access point and Virtual Controller system and how to integrate this system with AMP 7 2 2 and later The
151. APs in the device group you may wish to take advantage of this proprietary functionality To configure these settings locate the proprietary settings areas on the Groups gt Radio page and continue with the additional steps in this procedure 2 NOTE Proprietary settings are only applied to devices in the group from the specific vendor and are not configured on devices from vendors that do not support the functionality 5 To configure settings specific to the Proxim AP 600 AP 700 AP 2000 AP 4000 Avaya AP 3 4 5 6 7 8 and ProCurve 520WL locate the appropriate section of Groups gt Radio page and define the required fields Table 63 describes the settings and default values Table 63 Groups gt Radio gt Proxim AP 600 AP 700 AP 2000 AP 4000 Avaya AP 3 Avaya AP 7 AP 4 5 6 AP 8 ProCurve520WL Fields and Default Values Default Description Load Balancing If enabled this setting allows client devices associating to an AP with two radio cards to determine which card to associate with based on the load of clients on each card NOTE This feature is only available when two 802 11b wireless cards are used in an AP 2000 Interference Robustness If enabled this option will fragment packets greater than 500 bytes in size to reduce the impact of radio frequency interference on wireless data throughput Distance Between APs This setting adjusts the receiver sensitivity Reducing receiver sensitivity from its maximum may help
152. AWnwWUA which to search If searching for a MAC address enter it in colon delimited NOTE The AirWave Search utility is case insensitive when single or double quotes are not used For exact case sensitive 2 Select Search and the results display after a short moment Results support several hypertext links to additional pages and the Filter icon over some columns allow for additional filtering of search returns Search results are categorized in the following sequence Categories of search results can be customized on the Home gt User Info page to limit the scope of information returned Not all categories below may offer returns for a given search Devices Clients VPN Users Rogues and Rogue Clients Tags Folders and Groups Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 213 Accessing AirWave Documentation The Home gt Documentation page provides easy access to all relevant AirWave documentation All of the documents on this page are hosted locally by your AirWave server and can be viewed by any PDF viewer If you have any questions that are not answered by the documentation please contact Dell support at support dell com Configuring Your Own User Information with the Home gt User Info Page The Home gt User Info page displays information about the user that is logged into AirWave This page includes the authentication type local user RADIUS or TACACS and ac
153. Ack RAPIDS Classification Threat Level Name Classifying Rule Controller Classification WMS Classification AP WMS al f al all f Al al l Ho Rogue 5 HANGZHOIJ H 4o 17 CO Detected Wirelessly and on LAM Walid OO 1a le cO lade LF fe Ko Rogue 5 HANGZHOIJ H 3S2 1F 60 Detected Wirelessly and on LAM Valid O0 24 6c c8 70 b5 LF fe 1 2 of 2 Rogue OPs Page 1 wof 1 View Ignored Rogues Table 102 details the column information displayed in Figure 123 For additional information about RAPIDS rules refer to Defining RAPIDS Rules on page 172 Table 102 RAPIDS gt List Column Definitions Column Description Ack Displays whether or not the rogue device has been acknowledged Devices can be acknowledged manually or you can configure RAPIDS so that manually classifying rogues will automatically acknowledges them Additionally devices can be acknowledged by using Modify Devices link at the top of the RAPIDS gt List page Rogues should be acknowledged when the AirWave user has investigated them and determined that they are not a threat see Basic Configuration on page 169 RAPIDS Classification Displays the current RAPIDS classification This classification is determined by the rules defined on the RAPIDS gt Rules page Threat Level This field displays the numeric threat level of the device in a range from 1 to 10 The definition of threat level is configurable as described in Rogue Device T
154. AirWave on page 295 Appendix B Installing AirWave on Provides instructions for an alternative installation option on VMware ESX for VMware ESX 4 1 on page 301 Index Provides extensive citation of and links to document topics with emphasis on the AirWave UI and tasks relating to AirWave installation and operation Dell PowerConnect W AirWave 7 4 User Guide Preface 11 Note Caution and Warning Icons This document uses the following note caution and warning icons to emphasize advisories for certain actions configurations or concepts K NOTE Indicates helpful suggestions pertinent information and important things to remember A N CAUTION Indicates a risk of damage to your hardware or loss of data A N WARNING Indicates a risk of personal injury or death Contacting Support Table 2 Web Support Web Support Main Website dell com Support Website support dell com Documentation Website support dell com manuals 12 Preface Dell PowerConnect W AirWave 7 4 User Guide Chapter 1 Introduction Thank you for choosing Dell PowerConnect W AirWave AirWave makes it easy and efficient to manage your wireless network by combining industry leading functionality with an intuitive user interface enabling network administrators and helpdesk staff to support and control even the largest wireless networks in the world This User Guide provides instructions for the installation configuration and operat
155. Auth Type and Cipher columns depends on what information the server receives from the devices it is monitoring The client devices may all be similar but if the APs to which they are associated are of different models or if security is set up differently between them then different Auth Type or Cipher values may be reported to AirWave lf all APs are the same model and all are set up the same way then another reason for differing Auth Types might be the use of multiple VLANs or SSIDs One client device might authenticate on one SSID using one Auth Type and another client device might authenticate on a second SSID using a different Auth Type Displays the encryption or decryption cipher supporting the user when this information Is available The client devices may all be similar but if the APs to which they are associated are of different models or if security is set up differently between them then different Auth Type or Cipher values may be reported to AirWave Cipher Auth Time Shows how long the user has been authenticated in minutes A negative number such as 17 min indicates that the user has not authenticated for the duration displayed Signal Quality Displays the average signal quality the user experienced Usage Displays the average bandwidth consumed by the MAC address Goodput The ratio of the total bytes transmitted or received in the network to the total air time required for transmitting or receiving th
156. CI requirement AirWave introduces very detailed diagnostic information to recommend the specific action or actions required to achieve Pass status when sufficient information is available Refer to the Auditing PCI Compliance on the Network on page 65 for information about enabling PCI on the network The configurations in that section enable or disable the contents of the PCI Compliance Report that is viewable on the Reports gt Generated page Figure 177 illustrates the fields and information in a PCI Compliance Report Figure 177 Reports gt Generated gt PCI Compliance Report Illustration Example Daily PCI Compliance Report for All Groups Folders and PCI Requirements yy XHTML export 2 csv export ia Email this report Print report 1 20 2009 12 00 AM to 1 21 2009 12 00 AM Generated on 1 21 2009 12 23 AM This report covers sections of the Payment Card Industry PCI Data Security Standard DSS Version 1 2 requirements that are relevant to security in your network PCI DS5 standard requirements are available at https www pdsecuritystandards org Disclaimer The PCI Compliance Report must be completed by an authorized QSA The sole purpose of this reportis to provide IT administrators with an on demand internal audit of components which are visible to AirWave Wireless Management Suite Summary PCI Requirement a Description Status 1 1 Configuration standards for router Pass A device fails if it is in read write man
157. CSETR BLDG 1 0 Foorl 674x609ft 5 0ft 3 4 1 37 58 KB APACSETR BLDG 2 0 Foor2 674x609ft 2 0 ft 5 9 6 0 sexe fl APACSETR BLDG 3 0 Foor3 1369x811 ft 3 0ft 52 52 0 0 im B Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 257 Features Floor plan upload wizard enables direct importation of JPEG GIF PNG PDF and CAD files for floor plans Batch upload wizard enables batch uploads of multiple CAD files with corresponding walls and access points Accurate calculation of the location of all client devices laptops RFID Tags PDAs Phones using RF data from your existing APs and controllers Further improvements in accuracy can be achieved with site surveys Tree view allows you to navigate to a specific campus building or floor via a tree navigation Heatmaps depict the strength of RF coverage in each location Speed data rate view which depicts the highest possible speed at every location on a floor plan Built into the AirWave Management Platform for onscreen display of alerts and error conditions For instance an AP icon will display in red when a critical alert is active or when usage conditions exceed pre defined thresholds Location playback viewer which allows visual tracking of up to 24 hours of location history Dynamically recalculates path loss and device locations based on real time data from your wireless LAN for increased location accuracy Calibrates RF data from multiple vendors APs and across differen
158. Channel Busy Interference NumberofUsers Bandwidth bps Location 1 AP10 3 15 3 15 0 0 00 Sales Office hello Cisco4400 Top Access Points 2 AP0018 19bd bid0 1 57 1 57 0 0 00 ap lab Cisco4400 Top Access Points Most Utilized by Channel Usage 2 4 GHz Ranka Device Channel Busy Interference Number of Users Bandwidth bps Location Controller Folder Group 1 AP0018 19bd b1d0 71 65 68 90 0 0 00 ap lab Cisco4400 Top Access Points 2 AP10 64 96 62 60 0 1 00 Sales Office hello Cisco4400 Top Access Points 3 AP001d alfc ca7a 22 83 20 47 0 0 00 default location 5500 6 0 196 0 Top Access Points Most MAC Phy Errors 5 GHz ARE Ese aaa Chain AEE E O BE AN AJ ARAT CDE T TE G 1 2103 1868659200 0 672 00 ethersphere 1322 Top Access Points 2 Fish bow 534816000 oT S 4 767319 00 ethersphere 1322 Top Access Points 3 ap105 A1 471571200 18 87 00 0 0 00 pit Aruba 3400 Top Access Points 4 1153 308016000 1 92 00 8 646989 00 ethersphere 1322 Top Access Points 5 1154 Q 300326400 1 89 50 7 142587 00 ethersphere 1322 Top Access Points 6 1260 261792000 5 88 00 2 73432 00 ethersphere 1322 Top Access Points 7 2188 242697600 1 91 00 4 110898 00 ethersphere 1322 Top Access Points 8 1263 242524800 6 91 00 3 1493316 00 ethersphere 1322 Top Access Points 9 1372 233798400 2 90 00 3 233005 00 ethersphere 1322 Top Access Points 10 1350 232675200 1 87 00 6 383120 00 ethersphere 1322 Top Access Points Most MAC Phy Errors 2
159. Connect W AirWave 7 4 User Guide BG AIA SOUS r T 109 scanning defining credentials eee eeeeeeeeeeeeeeees 108 security auditing PCI compliance sessen 65 configuring ACS servers eee 63 configuring group security settings e e 81 configuring group SSIDs and VLAN 83 configuring RADIUS cecene 48 configuring TACACS eener 48 integrating NMS ee eeeeeee eee tener eeeeeeeeees 64 RAPIDS and rogue classification 167 using triggers and alerts 183 SEIVETS specifying general settings seses 35 STAAN E a 34 Shared Secret key ecceccescseceseeeeeeeeeeeeeeeeeeeeeeaeens 297 Sianal C ato cancer eee ene eR e 260 276 STE ROE sete a E 123 single sign on scseesssssseeeesssseeeeeeeee 48 49 120 121 Sm arthost cccccecccceeccceccccecceccececscccseccaccecasceenaess 255 SNMP Fetchet sce cecen bac So wisdo beanvecdouweuweecanesbikecacdvaadeaceabaxt 219 polling period eee cess eeeeeeeeeeeeeeeeeeeeeeeeeees 74 1 6 1d eee ee ene nn ee a 113 Rate Limiting for Monitored Devices 42 read write ccccccccceecccsecccsccececcecaccccancetasecsaneetaness 54 FMCOU sen sarraa 53 MAD E E A E E T 146 V3 nforMmS ccccescccscccecccccccescccscecscccaseeaseeaneess 54 Software updates ecceeceeeeeeeeeeeeeeeeeeeeeeeteeeeeeeeee 36 SOTI MobiControl caaan 207 spectrum ANALYSIS marsis a 147 SNI A D 83 INACHIVE isc sccersadcccueswbodsuwenecateveviieedateneamecureadasd ncucns 40 SSL Certific
160. Connect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 141 Figure 100 Add Virtual Interfaces Page for Wired Devices Auto Detect Interface Capacity Yes No Interface capacities will automatically be updated when the device is polled Combined Bandwidth Interface Labels C Yes No Description Include in template Shutdown Cisco Interface Type Index Tag Additional Commands vas No C Yes No Async m te a Add coa New physical and virtual interfaces are discovered using SNMP polling as described in SNMP HTTP Scanning on page 108 To refresh and reload all current interface information from a device select Import Interfaces on the bottom of the page as shown in Figure 101 Figure 101 mport Interfaces for Refresh and Reload lower portion of page Interface Nud V50 Vi51 Vi5s9 Vi50 Vil Vi59 Vi51 Vil an ae ie as oaas oyu u U U Name Null Vian50 Vansi Vlans59 Vlan50 Vlani Vlan59 Vansi Vlani 1 9 of 9 Interfaces Page 1 ofi Select All Unselect All Import Interfaces Type other k a p rop Virtual propVi irtual propVirtual propVi irtual propVirtual propVi irtual propVirtual propVirtual Catalyst VLAN Catalyst VLAN Catalyst VLAN Catalyst VLAN Catalyst VLAN Catalyst VLAN Catalyst VLAN Catalyst VLAN Interface Type Vlan50 Vlani Vlan59 Vlan51 Des
161. Contiguous APs should be set to different channels to minimize crosstalk which occurs when the signals from APs overlap and interfere with each other This RF interference negatively influences WLAN performance 802 11b s 2 4 GHz range has a total bandwidth of 80 MHz separated into 11 center channels Of these channels only 3 are non overlapping 1 6 and 11 In the United States most organizations use only these non overlapping channels Transmit Power Highest power Cisco Symbol Determines the power level of radio transmission Government Level level Proxim AP 600 regulations define the highest allowable power level for radio supported by AP 700 AP 2000 devices This setting must conform to established standards for the the radio inthe 802 11g country in which you use the device You can increase the coverage regulatory radius of the access point by increasing the Transmit Power Level domain However while this increases the zone of coverage it also makes it country more likely that the AP will interfere with neighboring APs Supported values are Cisco 100mW 50mW 30mW 20mW 5mW 1mW Symbol Full or 50mW 30mW 15mW 5mW 1mW Radio Enabled The Radio Enabled option allows you to disable the radio s ability to transmit or receive data while still maintaining Ethernet connectivity to the network AirWave will still monitor the Ethernet page and ensure the AP stays online Customers typically use this option t
162. Dell PowerConnect W AirWave 7 4 User Guide Copyright 2011 Aruba Networks Inc Aruba Networks trademarks include CO AirWaVE Aruba Networks Aruba Wireless Networks the registered Aruba the Mobile Edge Company logo and Aruba Mobility Management System Dell the DELL logo and PowerConnect are trademarks of Dell Inc All rights reserved Specifications in this manual are subject to change without notice Originated in the USA All other trademarks are the property of their respective owners Open Source Code Certain Aruba products include Open Source software code developed by third parties including software code subject to the GNU General Public License GPL GNU Lesser General Public License LGPL or other Open Source Licenses Includes software from Litech Systems Design This product includes software developed by Lars Fenneberg et al The Open Source code used can be found at this site http www arubanetworks com open_source Legal Notice The use of Aruba Networks Inc switching platforms and software by all individuals or corporations to terminate other vendors VPN client devices constitutes complete acceptance of liability by that individual or corporation for this action and indemnifies in full Aruba Networks Inc from any and all legal actions that might be taken against it with respect to infringement of copyright on behalf of those vendors Dell PowerConnect W AirWave 7 4 User Guide 051
163. Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 133 Using Device Folders Optional The devices on the APs Devices List pages include List Up Down and Mismatched fields These devices are arranged in groups called folders Folders provide a logical organization of devices unrelated to the configuration groups of the devices Using folders you can quickly view basic statistics about devices You must use folders if you want to limit the APs and devices AirWave users can see Folder views are persistent in AirWave If you select the Top folder and then select the Down link at the top of the page you are taken to all of the down devices in the folder If you want to see every down device select the Expand folders to show all devices link When the folders are expanded you see all of the devices on AirWave that satisfy the criteria of the page You also see an additional column that lists the folder containing the AP Perform the following steps to add a device folder to AirWave 1 To add a folder select the Add New Folder link at the bottom of APs Devices gt List gt Up gt Down or gt Mismatched Figure 96 illustrates the page Figure 96 Folder Creation Page Illustration Folder Folder Parent Folder Top Add __ cw 2 Enter the name of the new folder 3 Select the Parent folder 4 Select Add Once a new folder has been created devices can be moved into it using
164. Dell PowerConnect W Instant ccccccecessescteteeeesseseeeeseeseeeeeeseseseeneneeeeeeeeeen 295 Using Dell PowerConnect W Instant With AMP eeeccssssesssecseseseeseeseessseesssesesseseeaseees 295 Workflow of the Dell PowerConnect W Instant and AMP Integration Process 296 Setting up Dell PowerConnect W Instant Hardware cccccsssssseessssessseeeseseesseeeeeen 296 Required Personne kesisi iaaio aa 296 Creating your Organization String c ccessscescssssssesssscscsessessseseesesecsesesessesesaesesesaesesateees 296 The Shared Secret Key cccscssssscssssesssssscssssssesecscscseseeseesacsesecsnsececsusecassesecaesesassesesanseses 297 Entering the Organization String and AirWave Information into the IAP 297 Receiving the Virtual Controller as a New Device in AMP cecsecesssseseeeessseteeaeeees 298 Verifying the Shared Secret and Adding the DeVICC ccccsesccssssesseesecseseessseseeseeees 298 Remaining Manual Admin Tasks in AMP ccccccsesessescssssesssssseesseessssesseseeeeseeesseseseneess 299 AMP Pages with Instant Specific Fe atures cccssssscssssssesssscscssssesssececseseesssesesseseeatsnsesaeseees 299 Other Available FedtulG S ene tener ete ene ne ne re 300 Firmware Image Manageme nt c cccecsecssssssscssssesssscsssseeecseseeseseesesaesecaeseesesetsesaseesaeees 300 intrusion Detection System rsca 300 Known Issues of Dell PowerConnect W Instant Inte
165. Description Timeout 0 86400 a Sets the time in seconds that the access point waits for a response from the RADIUS server Max Retries Sets the number of times a RADIUS request is resent to a RADIUS server before failing 0 20 NOTE If a RADIUS server is not responding or appears to be responding slowly consider increasing the number of retries 4 Select Add to complete the creation of the RADIUS server or select Save if editing an existing RADIUS server The Groups gt AAA Servers page displays this new or edited server You can now reference this server on the Groups gt Security page AirWave supports reports for subsequent RADIUS Authentication These are viewable by selecting Reports gt Generated scrolling to the bottom of the page and selecting Latest RADIUS Authentication Issues Report 5 To make additional RADIUS configurations for device groups use the Groups gt Security page and continue to the next topic Configuring Group Security Settings The Groups gt Security page allows you to set security policies for APs in a device group l Select the device group for which to define security settings from the Groups gt List page 2 Go to Groups gt Security Some controls on this page interact with additional AirWave pages Figure 41 illustrates this page and Table 55 explains the fields and default values Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 81 82
166. Device OUI SCOre 2 0 0 0 ccc ccc ccc cecccccecceccecccceeceeceecees 173 Device Troubleshooting Hint 0 eee 38 Device Type Setup eeceeceeeseeesneeeeneeeeneeeeeeerenes 58 COVICES ccccccccccssccceccccescecescececcctascecescecauceetseeeueeeeeaneens 107 adding manually s es 112 Communication SEINES 53 discovering managing and troubleshooting 107 FOICETS 0 cccccccccscccseccceccccsececsccecaccecescecensceseesens 134 importing via CSV 000 eee eee eee tee eeeeeteee 115 individual support and firmware upgrades 144 WO gi Ua Seen cere re eee ee eee 101 EUS scgueet cata aecccnacecateeheavecas coos suerdsniaaeeteadi oe 137 troubleshooting a newly discovered device 146 5 01 hel 1 eee eee ee one eee ee 117 133 PHCP USING iir 139 discovery automatic AP ccccccceccceccscceccceccesccsceeceeeees 111 Discovery Events table cece eects 180 Disk Space charis sa acstecec etna teetcieeeeeeete 220 DNS Hostname Lifetime cccccecceeeceeeeeeeeeees 38 E editing interfaces ceececeseeeeeeeeeteeeeeeeteeeneeneees 131 Error fetching existing configuration 00 146 Expand folders to show all APs 117 external Ol 1 39 304 Index F L S E A E EAN 15 221 225 I EO E E 17 firewall configuring eseese 21 firmware IVE O hec kotii oser r 55 specifying minimum versions for APs 98 uploading ossia eee 55 56 firmware upgrade jobs viewing eeeceeeeeee 216 firmware u
167. Devices gt List partial view Groups Home Utea Clients Reports System RAPIDS VisualRF Mismatched Ignored Folder Top 27 458 Up Devices gt cor p 76 363 Device Setup AMP Setup Expand folders to show all APs Devices Goto folder cor p 76 363 amp Total Devices 76 Mismatched 10 Clients 169 Q Usage 3 15 Mbps VPN Sessions 0 Clients for folder corp Last 4 hours fal Usage for folder corp Last 4 hours Dull 160 3133 Bids hid Bids He aio Bias igo Bids Gia Show All Maximum Average Show All Maximum Average G w Avg Clients 169 cllents 45 clients O w Avg Bits Per Second In 1 1 Mbps 268 6 kbps 7 Avg Clients for ethersphere voip 25 clients 7 clients E v Avg Bits Per Second In for VPN Sessions 0 bps 0 bps OD Avg Clients for Wired i clients clients B Avg Bits Per Second Out 4 5 Mbps 1 2 Mbps D xv Max Clients 169 clients 45 clients G v Avg Usage for ethersphere wpa2 4 9 Mbps 1 4 Mbps Max Clients for ethersphere wpa2 139 clients 38 clients B Max Bits Per Second In for VPN Sessions 0 bps bps 3 Modify Devices 1 3 of 76 APs Devices Page lwof25 gt gt Reset filters Choose columns Export CSV Device VPN Sessions Versionw Type APs IP Address Clients Location Y Usage amp ethersphere Ims3 0 6 1 2 3 Aruba 6000 38 10 6 2 252 130 Aruba Networks 2 17 Mbps a ethersphere 1322 etherspherelms arubanetworks com 0 6 1 2 4 Aruba 6000 15 10 1 1 80 45 1322 2 87 Mbps Ozzi TEST 6 1 2 3 Aruba AP
168. Disabled OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK Disabled OK Log fvarflog airbus log fvarflogfalerts_ stats _cacher Hvar flogfalertd Hvar flogftuple_ scheduler ivar flagfat fvarflogfawnmns news fetcher Hvar flogfacs Hvar flog wise Hvar flagfasync_logger_ client fvarflag contig_verifier Hvar flog contig_pusher fyvarflog amp_cron varflog pgsql fvarflog ap_list_cacher fvarflogfap watcher fvarflogfap watcher poll now Hvar flog discovery_event_cacher fvarflogfdns_fetcher fvarflogsfdns refresh fvarflog amp_ watcher fvarflog firniware_entorcer fvarflog xterlog fvarflog quest_user_pusher fvarflagfap_ scanner fyvarflog iwapp rebuild fvarflagfme_stat_collector Hvar flagsmec_report_runner fvarflog medm lag var flog papi fyvarflog msqHancdler log Hvar flagfhttp_fetcher Hvar flog pert_collactor fvarflog persistent_tuple spaces Hvar flog maillag ivar flogfradiusfradius log fvarflagfamp_report_runner fyvarflog raque_filter Hvar flog rtls fvarflog snimp_ enabler Hvar flog snimp_fetcher fvarflog snmp_v2_fetcher fvarflog snmp_trap_handler fyarflog syncd fvarflogfexpire_wifi_tags Hvar flogftuple_ spaces Hvar flog yisualrf log fvarflagfhttod ssl error_log fvarflog wep key setter Hvar flog whitelist_collector fvarflog work_queue_clobber_logger Hvar flog nightly maintenance fvarflag systerm_audit_log Hvar flog telnet_crids Upgrade to 6 4 beta6 tmp AMP 6 4 betad upgrade log
169. Discover page 2 Select Add New Scan Set to see all scan components configured so far If you wish to create a new network or new scanning credentials you can select Add in either of these fields to create new components prior to creating a scan set 3 Select the Network s to be scanned and the Credential s to be used AirWave defines a unique scan for each Network Credential combination 4 In the Automatic Authorization section select whether to override the global setting in AMP Setup gt General and have New Devices be automatically authorized into the New Device List the same Group Folder as the discovering devices the same Group Folder as the closest IP neighbor and or a specified auto authorization group and folder 5 Select Add to create the selected scans which then appear in a list at the top of the Device Setup gt Discover page Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 109 6 To edit an existing scan select the pencil icon next to the scan on the Device Setup gt Discover page 7 When ready proceed to the next task Running a Scan Set on page 110 NOTE Scheduling an HTTP scan to run daily on your network can help you to discover rogues Some consumer APs like most D 2 Link Linksys and NetGear models do not support SNMP and are found only on the wired side with an HTTP scan These devices are discovered only if they have a valid IP address Proper crede
170. EE Arube 3400 aruba gui mo wms TESE gt ais gt thin aps changen Sik 24 456 81 F5 52 00 shankarc employee shankarc rap v g RAP OPS 02 aruba corp Top gt cor p gt rap gii 00 26 06 82 55 IFA ARUBANETWORKS marayanan employee rmnarayanan rap wg RAP OPS 02 aruba corp Top gt corp gt rap gii l 3 of 665 o Page of 2273 Session Data by User 1 2 of 171 Session Data by User Page le ofS Export CSW a Usernames toles Amoun ME O0 23 12 00 44 91 aanderson employee 3 hrs 6 mins 71 11 15 06 DB 39E 3F DD F4 07 skkkala employee 18 mins 1 03 763 O0 23 14 AC 16 F8 ARUBANETWORKS hcho employee 1hr 0 mins 13 11 28 88 1 3 of 171 Session Data by User Page 1eof57 Dell PowerConnect W AirWave 7 4 User Guide Average Signal Quality Vendor Connection Hh 50 84 Apple 802 11g 16 89 Apple 802 119 41 00 Intel B02 11g Creating Running and Emailing Reports 251 Defining Reports You can create reports in AirWave for any time period you wish to be run when you wish and distributed to recipients that you define Perform these steps to create and run custom reports Reports created with the Reports gt Definition page appear on this and on the Reports gt Generated page once defined l To create or edit a report browse to the Reports gt Definition page and select the Add button or select the pencil icon to edit an existing report definition Figure 184 illustrates one view of the Reports gt Definition
171. Global Group field under the Global Group section When the change is saved and applied the group will have a checkbox next to fields Figure 65 illustrates this configuration page Figure 65 Groups gt Basic Page for a Global Group partial view Group gauss one Selecting a checkbox allows subscriber groups to override the corresponding setting Basic Mame gauss one I Missed SNMP Poll Threshold 1 100 ja F Regulatory Domain United States l m Imezone AMP system time or Echeduling group configuration changes M plow One to One NAT yes C No l pudit Configuration on Devices ves C No When a Global Group configuration is pushed to Subscriber Groups all settings are static except for settings with the checkbox selected for fields with checkboxes selected the value or setting can be changed on the corresponding tab tor each managed group In the case of the Groups gt SSIDs configuration page override options are available only on the Add configuration page go to the Groups gt SSIDs configuration page and select Add Global templates are also configurable as part of Global Groups for more information see Creating and Using Templates on page 151 104 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Once Global Groups have been configured groups may be created or configured to subscribe to a particular Global Group Go to the Groups gt Basic configuration pa
172. Groups gt Cisco WLC Config page in AMP Navigate the tree control to the Wireless section and for each PHY navigate to RRM gt General section Figure 207 WLC RRM Configuration in AMP EHwireless Profile Thresholds for Traps HMesh Interference 0 100 10 802 11a n Clients 1 75 12 on Noise 127 to 0 dBm 70 RRM LRF Grouping Coverage 3 50 dBm 12 r TPC Utilization 0 100 80 DCA Data Rate 1 1000 Kbps 1000 M Coverage Noise Interference Rogue Monitoring Channels General Monitoring Channels Country Channels Pa Pico Cell Monitor Intervals Client Roaming Signal Measurement 60 3600 sec 300 Voice as Noise Measurement 60 3600 sec 300 EDCA Parameters Load Measurement 60 3600 sec 300 DFS 802 11h Coverage Measurement 60 3600 sec 300 High Throughput 802 11n Save and Apply Save Revert Revert All 802 11b g n t Network EHRRM LRF Grouping TPC DCA r Coverage General Review the values in the Monitor Intervals section These should be configured to a recommended setting of 180 for better accuracy Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 273 Deploying APs for Client Location Accuracy Deploying access points for client location accuracy can be different than deploying access points for capacity Follow these guidelines for best results Ensure that at least 3 radios can hear each client devices at 85 dBm or below Ensure that you deploy an access point approximatel
173. I MobiControl and AirWave on page 207 Monitoring and Supporting AirWave with the Home Pages on page 209 Supporting AirWave Servers with the Master Console on page 221 Upgrading AirWave on page 223 Backing Up AirWave on page 224 Using AirWave Failover for Backup on page 225 Logging out of AirWave on page 226 Monitoring and Supporting AirWave with the System Pages The System pages provide a centralized location for system wide AirWave data and settings Apart from Triggers Alerts and Backups pages that are described elsewhere in this chapter the remaining pages of the System section are as follows System gt Status Displays status of all AirWave services and links to their log pages Refer to Using the System gt Status Page on page 184 System gt Syslog amp Traps Displays all syslog messages and SNMP traps that AMP receives Refer to Viewing Device Events in System gt Syslog amp Traps on page 185 System gt Event Log This useful debugging tool keeps a list of recent AirWave events including APs coming up and down services restarting and most AirWave related errors as well as the user that initiated the action Refer to Using the System gt Event Log Page on page 186 System gt Triggers View and edit triggering conditions that cause AMP to send out alert notifications Refer to Viewing Delivering and Responding to Triggers and Alerts on page 187 Sy
174. If set to 38 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Table 12 AMP Setup gt General gt Device Configuration Section Fields and Default Values Continued Default Description Use Global Yes Enables Dell configuration profile settings to be globally configured and then assigned PowerConnect W to device groups If disabled settings can be defined entirely within Groups gt Dell Configuration PowerConnect W Config instead of globally NOTE Changing this setting may require importing configuration on your devices When an existing Dell PowerConnect W Series configuration setup is to be converted from global to group follow these steps Set all the devices to Monitor Only mode before setting the flag Each device Group will need to have an import performed from the Audit page of a controller in the AMP group All of the thin APs need to have their settings imported after the device group settings have finished importing If the devices were set to Monitor Only mode set them back to Managed mode 5 Locate the AMP Features section and adjust settings to enable or disable VisualRF and RAPIDS Table 13 describes these settings and default values Table 13 AMP Setup gt General gt AMP Features Fields and Default Values Setting Default Description Enable or disable the VisualRF navigation tab Display RAPIDS Enable or disable the RAPIDS navigation tab Hide setup pages from Yes Restrict access to following pa
175. Installing the CentOS software Phase I takes 10 to 20 minutes to complete This process formats the hard drive and launches Anaconda to install all necessary packages Anaconda gauges the progress of the installation Upon completion the system will prompt you to eject the installation CD and reboot the system 4 Remove the CD from the drive and store in a safe location Installing AirWave Software Phase 2 Getting Started After the reboot the GRUB screen appears l Press Enter or wait six seconds and the system automatically loads the kernel 2 When the kernel is loaded log into the server using the following credentials login root password admin 3 Start the AirWave software installation script by executing the amp install command Type amp install at the command prompt and press Enter to execute the script Step 1 Configuring Date and Time Checking for Prior Installations Date and Time The following message appears and this step ensures the proper date and time are set on the server HSS SSS SS ee Date and Time Configuration Current Time Fri Nov 21 OJr18 12 PST 2006 1 Change Date and Time 2 Change Time Zone 0 Finish Ensure that you enter the accurate date and time during this process Errors will arise later in the installation if the specified date varies significantly from the actual date especially if the specified date is in the future and it is fixed later It is recommended to configure nt
176. L9 1OtLD fxX Ku92sldt oPw VPN Server 2009 08 26 03 00 13 Never E HbnxXkYdF MOaoUIs5 d6ewexXq2 Ziv cC8QK0 nHR4F2 H FV 1 8 wof8 Aruba800 Page i wof1 Details for 10 15 76 3 in Group 10 15 76 3 and Folder Top gt 10 15 76 3 with Max of APs 32 1 lwof110 15 76 8 Page iwofi Export CSV License Qty License Used Install Date Fxpires Key E dTjudtrN QSO8tVTT2 KsZhR1 K n3r0xS 1c License Type Policy Enforcement Firewall for VPN users 2011 01 18 15 26 31 Never l iwof110 15 76 8 Page iwofi Details for Aruba3600 Master in Group aruba gui no wms and Folder Top gt aruba gt guest user with Max of APs 16 l 1 w of 1 Arubas600 Master Page iwofi1 Export CSV License Qty License Used Install Date Expires Key License Type i Policy Enforcement Firewall for VPN users 2011 02 28 13 37 04 Never E kh aiHT9 u8o0KiLF1 M fEjnjH aleOFtsu Bz7 i l 1 w of 1 Arubas3600 Master Page i wof 1 Using the Capacity Planning Report The Capacity Planning Report tracks device bandwidth capacity and throughput in device groups folders and SSIDs This report assists in analyzing device capacity and performance on the network and such analysis can help to achieve network efficiency and improved experience for users This report is based on interface level activity The information in this report can be sorted by any column header in sequential or reverse sequential order by selecting the column heading Refer also to the Using the
177. Ns for Cisco WLC DeVICES ccececsssseseeeseessssesesesesseseessesesseseeasneeeans 92 Defining and Configuring LWAPP AP Groups for Cisco DeVIC S ssssssssssserrsnas 94 Viewing and Creating Cisco AP GroupS cccccssssesssssscssssesseecseseseesesesessesecassecesaeseeasenes 94 Configuring Cisco Controller S ttingS ccccsssseseescscssssesesecesseseesesesesseseessnsesseseeaseeeeeans 94 Configuring Wireless Parameters for Cisco Controllers cccecsessssescsssseessesseeeeeesnees 95 Configuring Cisco WLC Security Parameters and FUNCTIONS c ccccsseseesseeeeeeeeeseees 95 Configuring Management Settings for Cisco WLC ou ees eseeeeeeeeeseeeeseeeeesseseeateeeeees 95 Configuring Group PIMP SettingS ccssscsssssssssscscsssssssssescseessesesecessesessesesessusesassesesaesesareess 96 Configuring Proxim Mesh Radio Se ttingS ccsscssscssssesssscscscssssssesesecsessesseecessesecassesesaeseeaseess 97 Configuring Group MAC Access Control Lists ceessesssesessesessescsesesseseeecesseseeasseseeaeseeasenes 98 Specifying Minimum Firmware Versions for APs in a Group cceeeeseessseeeeeeeseteeseeeeeeen 98 Comparing Device GroupS cecceesescscssssesscscsessssesesecsesesecseseceesesecsesesessesecaesesessusesassesesansesasensass 99 HY VU Gch CO gc tisce ccc cevau anc an ore ceeaes posta alicccuesysustvonsetacsednubiaiesrssdevesoecansacsnccaiberusenresesieaunireeviaente 100 Changing Multiple Group Configurations
178. Option Description Folder Sets the trigger to apply only to APs Devices in the specified folder or subfolders depending on the Include Subfolders option NOTE If the trigger is restricted by folder and group it only applies to the intersection of the two it only applies to APs in the group and in the folder Include Subfolders Sets the trigger to apply to all devices in the specified folder and all of the devices in folders under the specified folder Group Sets the trigger to apply only to APs Devices in the specified group NOTE If the trigger is restricted by folder and group it only applies to the intersection of the two it only applies to APs in the group and in the folder 188 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide b In addition to appearing on the System gt Alerts page the Alert Notifications settings can be configured to distribute to email or to a network management system NMS or to both If you select Email you are prompted to set the sender and recipient email addresses If you select NMS you are prompted to choose one or more of the pre defined trap destinations which are configured on the AMP Setup gt NMS page Define the Logged Alert Visibility in which you can choose how this trigger is distributed The trigger can distribute according to how is it generated triggering agent or by the role with which it is associated The Suppress Until Acknowl
179. Outline the desired probability region Double click to end the outline process Name the region select a Region Type of Location Probability and select OK Move the location probability slider to the desired level as shown on Figure 201 Very Low will decrease the probability of a device being placed in that region by 20 Very High will increase the probability of a device being placed in that region by 20 270 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Figure 201 Adding a New Location Probability Region New Region Set Location Probability Region Name Location Probability Loc Prob 1 Very i iia r High Reon Type Location Testing Planni Save region a5 exterior walls IDF Location Probability Cancel Ok 5 Optionally you can save the location region as the exterior walls 100 attenuation can be selected to force VisualRF to only place devices inside of the selected region No device will ever be placed outside of the probability region when 100 attenuation is selected 100 attenuation is only recommended for tall buildings where it is extremely unlikely that any user is located outside of the building No heat map or attenuation grid is calculated for devices outside of the 100 attenuation region Adding an IDF To add an IDF to VisualRF follow these steps l In the Edit menu select the Draw Region option 2 Outline the desired IDF r
180. P Uptime ICMP Uptime SNMP Uptime incl subfolders ICMP Uptime incl subfolders Top 21 47 47 79 21 47 47 39 Top gt 1015 76 28 100 00 100 009 100 0095 100 009 Top gt airesspace 27 789 36 15 27 78 36 15 1 3 of 24 Folders Page leofB Table 132 Reports gt Generated gt Device Uptime Report Unique Fields and Descriptions Field Description SNMP Uptime Displays the percentage of time the device was reachable via ICMP AirWave polls the device via SNMP atthe rate specified on the Groups gt Basic page ICMP Uptime Displays the percentage of time the device was reachable via ICMP If the device is reachable via SNMP it is assumed to be reachable via ICMP AirWave only pings the device if SNMP fails and then it pings at the SNMP polling interval rate Time Since Last Boot The uptime as reported by the device at the end of the time period covered by the report 238 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Using the IDS Events Report The IDS Events Report lists and tracks IDS events on the network involving APs or controller devices This report cites the number of IDS events for devices that have experienced the most instances in the prior 24 hours and provides links to support additional analysis or configuration in response K NOTE Your role must be enabled to view RAPIDS to see this report The Home gt Overview page also cites IDS events and triggers can
181. P auto discovery 802 1X authentication role and device based policy enforcement rogue detection and Adaptive Radio Management ARM Using Dell PowerConnect W Instant with AMP AMP has added centralized network management support for Dell PowerConnect W Instant in version 7 2 2 With a distributed deployment where multiple locations each have an Dell PowerConnect W Instant Virtual Controller and IAPs AMP serves as a centralized management console AMP provides all functionality for normal WLAN deployments including long term trend reporting PCI compliance configuration auditing role based administration location services RF visualization and many other features Integrating Dell PowerConnect W Instant systems into AMP is unique from the setup of any other device class due to the following considerations Discovery AMP does not discover Dell PowerConnect W Instant devices via scanning SNMP or HTTP the network Each Dell PowerConnect W Instant deployment will automatically check in to the AMP configured within the AP s user interface The first Virtual Controller for an organization will automatically appear as a new device in AMP Subsequent IAPs are discovered via the Virtual Controller just like standard controller thin AP deployments Auto provisioning The first authorized Virtual Controller requires manual authorization into AMP via shared secret to ensure security Along with the shared secret the Virtual Controller sends
182. PN username is selected a Clients gt VPN User Detail displays with current VPN sessions a user and bandwidth interactive graph and a historical VPN sessions list table Supporting RFID Tags With the Clients gt Tags Page Radio Frequency Identification RFID supports identifying and tracking wireless devices with radio waves RFID uses radio wave tags for these and additional functions Active tags have a battery and transmit signals autonomously and passive tags have no battery RFID tags often support additional and proprietary improvements to network integration battery life and other functions NOTE Guest users being pushed to large numbers of controllers may take a very long time to push The Clients gt Tags page displays a list of wireless tags such as Aeroscout PanGo and Newbury that are heard by thin APs and reported back to a controller that AirWave monitors AirWave displays the information it receives from the controller in a table on this page Figure 142 illustrates this page and Table 115 describes fields and information displayed NOTE The Vendor Battery Level and Chirp Interval columns can be filtered using the funnel icon MF Figure 142 Clients gt Tags Page Illustration Tags e CD Burner 00 14 7E 00 14 7E PanGo Networks Inc 1 23 2009 1 19PM HQ Engineering w OO 14 7E 00 14 7E InnerWireless 4 mins 1 23 2009 6 44 AM Sa Water Cooler 00 14 7E 00 14 7E Aeroscout Ltd 12 secs 1 22 2009 5 35 AM
183. Priority Ethernet 0 255 Link Priority Cellular 0 255 USB User Name USB Password Confirm USB Password USB Device Type any he USB Device Identifier USB Dial String USB Initialization String USB TTY Device Path Use DHCP O Yes No LAN IP Address Subnet Mask Gateway DNS IP Address a C e 7 ignore Os Import Settings Replace Hardware If any changes are scheduled for this AP they appear in a Scheduled Changes section at the top of the page above the other fields The linked name of the job takes you to its System gt Configuration Change Job Detail page 136 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide 2 Locate the General section for information about the AP s current status Table 82 describes the fields information and settings Table 82 APs Devices gt Manage gt General Fields and Descriptions Field Description Displays the name currently set on the device Status Displays the current status of an AP If an AP is Up then AirWave is able to ping it and fetch SNMP information from the AP If the AP is listed Down then AirWave is either unable to ping the AP or unable to read the necessary SNMP information from the device Configuration Displays the current configuration status of the AP To update the status select Audit
184. Radio Statistics page for Dell PowerConnect W Instant devices displays CPU Utilization Channel Utilization Bandwidth Power and MAC Phy Error statistics RAPIDS Since Dell PowerConnect W Instant does not support mitigation or high level rogue reporting it does not synchronize classification All rogue devices are reported and stored in the AMP for evaluation based on high level tule sets Dell PowerConnect W Instant currently does not match wireless BSSIDs to local MAC addresses within an IAP s ARP table Dell PowerConnect W Instant does not currently support IDS event notification Reports Dell PowerConnect W Instant Virtual Controllers appear as a separate device in the Device Inventory Report and most other reports that list devices K NOTE AMP does not provide a Device Uptime report for Dell PowerConnect W Instant devices Other Available Features Firmware Image Management AMP pushes firmware to the Dell PowerConnect W Instant Virtual Controller and the Virtual Controller pushes the firmware to the rest of its IAPs When using AMP to manage IAPs you can upgrade the firmware by loading the firmware onto AMP and then scheduling an upgrade from AMP Intrusion Detection System AMP automatically detects rogue IAPs irrespective of their location in the network It prevents authorized IAPs from being detected as rogue IAPs and tracks and correlates the IDS events to provide a comprehensive picture of your network s security
185. Reports gt Generated gt Port Usage 246 NIOS oser nne E E EAE 261 SYStOM E 183 INEST V Enese e E 259 262 System gt Alerts ccccccccsccsesssesesestereteseeeees 40 195 BE AUTO E E EN 259 System gt Backups 294 NANON ON S 260 System gt Configuration Change Jobs 136 216 New building aoe recone eerste psec 280 System gt Event Logs c cccccscssesesceseseeseteseenen 186 New O10 01 geen ee nee eee eee eee 279 System gt Events Log cccccccsscssescesestesteteeescen 124 OC eee eee ees eee ee 260 System gt Firmware Upgrade Jobs 216 UCL OW cei ctectechacet ns atimnnnateecinca eaieuceatennns 257 System gt Performance ccccceeeeereeeee 217 Planning and Provisioning cceeee 279 308 Index Dell PowerConnect W AirWave 7 4 User Guide Preference cc cccccescccecccesccescccscccasecesecaseeseess 266 printinge BOM as osttnsere aicacetenenorcteesnedeee 288 provisioning existing APS cee 285 Q ickViEW ses atetocnsesctactencnSeasevoteannaxeanteananns 123 259 Removing CON OT wicpectauesan dcr ceria aren cewsterecs 283 NY Sl 6 6 ee a iA 261 SEMP oe ol seen ee ee ee ee 262 Terminology sceececceseeseeeeeeeeeeeeeeeenreeeeeneeeaeens 258 Tree VICW uu cccccccucceccccccuccucccccccuccuccaecaecueesaeeaees 278 View a floor plan RF environment 277 Viewing a wireless User eceeeeeeeeeeeeeeereee 274 VisualRF Plan 293 Mired TANG eooni erent E 260
186. Rogues on the floor plan are indicated by the amp icon Tags Toggle WiFi Tags on or off Tags on the floor plan are indicated by the icon Sensors Toggle sensors on or off Sensors on the floor plan are indicated by the F icon Interferers Toggle interferers on or off Interferers on the floor plan are indicated by the Xg icon 2 NOTE Interferer indicators works for AOS customers running 6 1 or newer that have run the mgmt server type AMP command and have APs performing Spectrum analysis through hybrid scanning or dedicated spectrum monitors Floorplan Features section Regions Toggle regions on or off Surveys Toggle surveys on or off Walls Toggle walls on or off Labels Toggle labels on or off Relations section User Association Toggle line between the wireless user and AP of association Rogues Toggle lines between rogue APs and radios which hear the AP User Neighbors Toggle lines between client and radios which hear the client excluding the radio of association APs Toggle lines between APs which heard each other Tags Toggle lines between WiFi Tags and radios which hear the Tags For Tags there is no radio of association Wired Toggle lines between APs sensors and their IDF Mesh Toggle lines between Mesh portals and nodes Surveys Toggle lines between client x y to APs by client during survey Interferers Toggle lines between interferers and the radios that have discovered them For inter
187. SIDs and VLANs The Groups gt SSIDs configuration page allows you to create and edit SSIDs and VLANs that apply to a device group Perform these steps to create or edit VLANs and to set SSIDs 2 NOTE WLANs that are supported from one or more Cisco WLC controllers can be configured on the Groups gt Cisco WLC Config page Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 83 Figure 42 illustrates an example of the Groups gt SSIDs page Figure 42 Groups gt SSIDs Page Illustration Configure WLANs for a Cisco WLC on the Cisco WLC Config page Add New SSID VLAN SSID a VLANID Name Encryption Mode Enabled Primary Enabled Primary Native VLAN D _ wpa 51 wpa No Encryption wW Cc ri C fc Select All Unselect All Delete Save Save and Apply Revert NOTE AirWave reports users by radio and by SSID Graphs on the AP and controller monitoring pages display bandwidth in and K out based on SSID AirWave reports can also be run and filtered by SSID An option on the AMP Setup gt General page can age out SSIDs and their associated graphical data by default this is set to 365 days l Go to Groups gt List and select the group name for which to define SSIDs VLANS 2 Select the Groups gt SSIDs configuration page Table 56 describes the information that appears for SSIDs and VLANs that are currently configured for the device group Table 56 Groups gt SSIDs Fields and Descriptions
188. SOTI MobiControl and AirWave ccccccsecesseeeeee cece 207 Overview Of SOTI MobICOntrol cc ceeeeseeessesseseseeececseseesesesessesecassesessuseeassusesaeseeaseess 207 Prerequisites for Using MobiControl with AirWave l es 207 Adding a Mobile Device Management Server for MobiControl essc 208 Accessing MobiControl from the Clients gt Client Detail Page uu ec eseeeeeeseseeeees 208 Monitoring and Supporting AirWave with the Home PageS ccccsccscssescssseseesesseeeeeeseees 209 Monitoring AirWave with the Home gt Overview Page cccccsesssescssssssesseeessseseeateees 210 Viewing and Updating License Information ccceesssessesesseeeesseseesesseseeseeesseeeeeeess 211 Searching AirWave with the Home gt Search Page scsccssessescssssssessseseseseesseeereen 213 Accessing AirWave DoCUMEentatiON ccccccccsssssescssssessssessessescssseesesaesesaesessesessnsasseeaees 214 Configuring Your Own User Information with the Home gt User Info Page 214 Using the System gt Configuration Change Jobs Page ccccsesssesccsssseesseseseseeateees 216 Contents 7 8 Contents Chapter 9 Chapter 10 Using the System gt Firmware Upgrade Jobs Page ccssssscsssssssessscssseesseesesseseeateees 216 Using the System gt Performance Page cccccsssssscsssscsssssescssseeseseesessseecsesecsesessesaseneanees 217 Supporting AirWave Servers with the Master Console
189. Select All Unselect All a Save and Apply Revert Profile SSID Type Admin Status Encryption Mode Radio Policy Require 802 1X All 3 To add or edit SSIDs or VLANs that are dedicated to Cisco WLC devices either select the Add New SSID VLAN button or select the pencil icon for an existing SSID VLAN A new page appears comprised of four tabs as follows General Defines general administrative parameters for the Cisco WLC WLAN Security Defines encryption and RADIUS servers OoS Defines quality of service QoS parameters for the Cisco WLC WLAN Advanced Detines advanced settings that are available only with Cisco WLC devices for example AAA override coverage DHCP and DTIM period K NOTE Refer to Cisco documentation for additional information about Cisco WLC devices and related features Figure 48 Groups gt Cisco WLC Config gt WLANs gt Add New SSID VLAN gt General Tab Illustration General Security Qos Advanced Profile SSID Guest LAN C Yes No WLAN ID 1 512 Admin Status Yes No Specify Interface Name ves No Interface management ad Radio Policy all Broadcast SSID Yes No 92 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Figure 49 Groups gt Cisco WLC Config gt WLANs gt Add New SSID VLAN gt Security Tab Illustration Encryption Mode No Encryption Web Policy Authenticatio
190. Select Save when the security settings and configurations in this procedure are complete K NOTE You may need to return to the Groups gt Security configuration page to configure or reconfigure RADIUS servers 86 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide 9 Locate the RADIUS Accounting Servers area on the Groups gt SSIDs configuration page and define the settings Table 61 describes the settings and default values Table 61 Groups gt SS IDs gt Radius Accounting Servers Fields and Default Values Default Description RADIUS Accounting Server Pull down menu selects RADIUS Accounting servers previously entered on the 1 3 Cisco WLC Proxim Only Groups gt RADIUS configuration page These RADIUS servers dictate where the AP sends RADIUS Accounting packets for this SSID VLAN Accounting Profile Name Sets the Accounting Profile Name for Proxim AP 600 AP 700 AP 2000 AP 4000 Proxim Only Proxim Only Accounting Profile Index Sets the Accounting Profile Index for Proxim AP 600 AP 700 AP 2000 AP 4000 10 Select Save to retain these Security configurations for the group select Save and Apply to make the changes permanent or select Revert to discard all unapplied changes 11 Continue with additional security related procedures in this document for additional RADIUS and SSID settings for device groups as required Configuring Radio Settings for Device Groups Th
191. St EE 1 16 2011 1 59PM Unknown error SSL negotiation enterprise test 32 bit scalability 3833 0 3833 0 3833 3407210000 sa eereross0 5 1 1 1 18 2011 6 13 PM 6 Managed AMPs 8601 313 8748 242 7103 99736 34131 12440 25667150 26 Reports can be run from the Master Console to display information from multiple AirWave stations because such reports can be extremely large reports can also be run as summary only so that they generate more quickly and finish as a manageable file size The Master Console can also be used to populate group level configuration on managed AirWave installations using the Global Groups feature The Master Console offers a display of devices that are in a Down or Error state anywhere on the network This information is supported on Master Console pages that display device lists such as Home gt Overview and APs Devices gt List The Master Console and Failover servers can be configured with a Managed AMP Down trigger that generates an alert if communication is lost to a managed or watched AirWave station The Master Console or Failover server can also send email or NMS notifications about the event NOTE The license key determines if the server will behave as a Master Console or as a standard AirWave server Using the Public Portal on Master Console The Master Console also contains an optional Public Portal which allows any user to view basic group level data for each managed AirWave This feature is disabled by defau
192. Supporting WMS Offload in AirWave WMS Offload must be enabled with a six fold process and related configuration tasks as follows l Configure WLAN switches for optimal AirWave monitoring Disable debugging Ensure AirWave server is a trap receiver host Ensure proper traps are enabled 2 Configure AirWave to optimally monitor the AirWave infrastructure Enable WMS offload Configure SNMP communication Create a proper policy for monitoring AirWave infrastructure Discover the infrastructure 3 Configure device classification Set up rogue classification Set up rogue classification override Establish user classification override devices 4 Deploy ArubaOS specific monitoring features Enable remote AP and wired network monitoring View controller license information 5 Convert existing floor plans to VisualRF to include the following elements AOS RF Plan 6 Use RTLS for increasing location accuracy optional Enable RTLS service on the AirWave server Enable RTLS on ArubaOS Infrastructure Additional Information Supporting WMS Offload For additional information including detailed concepts configuration procedures restrictions ArubaOS infrastructure and AirWave version differences in support of WMS Offload refer to the Dell PowerConnect W AirWave 7 4 Best Practices Guide at support dell com manuals 68 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Chapter 4 Configuring and Using Device Groups in AirWav
193. TE This feature can affect the data performance of the access point Rogue Scanning Interval 15 minutes If rogue scanning is enabled this setting controls the frequency with which scans are conducted in minutes Frequent scans provide the greatest security but AP performance and throughput available to user devices may be impacted modestly during a rogue scan 6 To configure settings specific to Proxim 4900M locate the Proxim 4900M section and define the required fields Table 64 describes the settings and default values Table 64 Groups gt Radio gt Proxim 4900M Fields and Default Values Setting Default Description 4 9 GHz Public Safety 20 This setting specifies the channel bandwidth for the 4 9 GHz radio It is only applicable Channel Bandwidth if you are running the 802 11a 4 9 GHz radio in 4 9 GHz mode 802 11a 4 9 GHz Public 802 11a This setting specifies if the AP will run the 802 11a 4 9 GHz radio in 802 11a mode or in Safety Operational Mode 4 9 GHz mode Please note that 4 9 GHz is a licensed frequency used for public safety 7 To configure Symbol only settings locate the Symbol section and define the required fields lable 65 describes the settings and default values Table 65 Groups gt Radio gt Symbol Fields and Default Values Default Description Rogue Scanning Yes If enabled Symbol access points with 3 9 2 or later firmware in the group will passively scan for rogue access points at the specified in
194. TMP for all subscriber and base stations in the device group Subscriber stations must be in the same group as all base stations with which they might connect Perform the following steps to configure these functions l Go to the Groups gt List page and select the group for which to define PIMP settings by selecting the group name Alternatively select Add from the Groups gt List page to create a new group define a group name In either case the Monitor page appears 2 Select the PTMP tab in the AirWave navigation menu Figure 57 illustrates this page Figure 57 Groups gt PIMP Page Illustration Proxim MP 11 802 11a Radio Channel Channel Range 30 215 802 119 Radio Channel Channel Bandwidth Network Name Wireless Network Network Secret Po Confirm Network Secret fe O 3 Define the settings on this page Table 66 describes the settings and default values Table 66 Groups gt PTMP Fields and Default Values Setting Default Description 802 11a Radio Channel BB Selects the channel used for 802 11a radios by the devices in this group 802 11g Radio Channel 100 Selects the channel used for 802 11g radios by the devices in this group Defines the channel bandwidth used by the devices in this group Channel Bandwidth Network Name Wireless Network Sets the Network name with a range of length supported from two to 32 alphanumeric characters Network Secret Sets a shared password to authenticate clients to the
195. TPS and SNMP used by your primary network interface Eth0 being the most common Legacy SNMP Fetcher The number of SNMP get and walk requests per second performed by the legacy v1 and v3 Requests SNMP fetcher Legacy SNMP Fetcher The number of SNMP OIDs received per second performed by the legacy v1 and v3 SNMP Responses fetcher High Performance SNMP The number of SNMP get and walk requests per second performed by the high performance Fetcher Requests SNMP v2c fetcher High Performance SNMP The number of SNMP OIDs received per second performed by the high performance SNMP Fetcher Responses v2c fetcher Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 219 Table 123 System gt Performance Page Fields and Graphs Continued Field Description Database Statistics Top 5 Tables by row count The five largest tables in AirWave Degraded performance has been noticed for in some cases for tables over 200 000 rows Decreasing the length of time client data is stored on the AirWave page is recommended if a user client table exceeds 250 000 rows Database Table Scans The number of database table scans performed by the database Database Row Activity The number of insertions deletions and updates performed to the database Database Transaction The number of commits and rollbacks performed by the database Activity Disk Space Disk Space Pie charts that display the amount of used and fre
196. The name of the device that sent the message Will be a link if you have visibility to the device Can be empty if AMP could not correlate the source IP AP Contains a link to the APs Devices gt Monitor page for a device other than the source device that was correlated from some data contained in the message by LAN MAC BSSID or IP Address Can be blank and will only be a link if you have visibility to the device Client Displays a user s MAC address if one was found in the message Can be blank and will be a link if you have visibility to the user s AP The severity level of the event Emergency Alert Critical Bug Error Warning Notice or Info Facility Part of the syslog spec sort of the logical source of the message From controllers will always be one of local0 local7 you can configure on the controller when sending syslog messages to a particular receiver which facility you want to use in the messages Category If SNMP Trap Hardware IDS Client Security AP Security AP Status Software or Rogue Detection For Syslog messages a category is based on the process name on the controller that sent the syslog message The categorization for traps and syslog messages only works for events from an Dell controller Message The raw trap message including the AP MAC Address time sent and other information For syslogs AMP does not display the numbers at the beginning of the message that indicate the severity and facility For traps
197. This page has a fixed sorting filter of Campus gt Building gt Floor number Figure 217 Floor Plans List View Add New Floor Plan 11 14 w of 14 Floor Plans lt lt Page 3wof3 Choose columns Export CSV Sacia SENS PE Rates pl ti e TaN Default Campus Default Building 2 0 Floor 2 0 277x123 ft 0 0 0 0 16 KiB Default Campus Default Building 3 0 Floor 3 288x192 ft 5 0 ft 0 0 0 0 300 KiB Ly Default Campus Default Building 4 0 Floor 4 526x381 ft 10 0 ft 0 0 0 0 592 KB Default Campus Default Building 5 0 Atrium 400x215ft 7 0ft 4 6 3 0 1 MiB iy 11 14 w of 14Floor Plans lt lt Page 3wof3 Select All Unselect All Delete Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 277 The VisualRF gt Floor Plans page provides a snapshot of how VisualRF is performing as described in lable 145 Table 145 Floor Plans list columns Field Description Campus associated to the floor Building associated to the floor Floor number The decimal place can be used for mezzanine levels Optional name of a floor If the name is not changed it displays the name as Floor Number by default The height and width in feet of the floor plan including white space The size of the grid cells in feet The number of access points on the floor of Radios The number of radios associated with access points on the floor of Users The number of wireless users associated with access points on the floor NOTE Lo
198. Use this page as an alternative to the Device Setup gt Dell PowerConnect W Configuration page The appearance of this page varies depending on whether AMP is configured for global configuration or group configuration For additional information refer to the Dell PowerConnect W Series ArubaOS Configuration Guide at support dell com manuals Cisco WLC Config This page consolidates controller level settings from the Group Radio Security SSIDs Cisco WLC Radio and AAA Server pages into one navigation tree that is easier to navigate and has familiar layout and terminology Bulk configuration for per thin AP settings previously configured on the Group LWAPP APs tab can now be performed from Modify Devices on the APs Devices gt List page Refer to Cisco WLC Group Configuration on page 91 Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 69 PTMP This page defines settings specific to Proxim MP devices when present Refer to Configuring Group PTMP Settings on page 96 Proxim Mesh tThis page defines mesh AP settings specific to Proxim devices when present Refer to Configuring Proxim Mesh Radio Settings on page 97 MAC ACL This page defines MAC specific settings that apply to Proxim Symbol and ProCurve 520 devices when present Refer to Configuring Group MAC Access Control Lists on page 98 Firmware This page manages firmware files for many devices Specifying M
199. Using the Memory and CPU Utilization Report ccc ecssssesscscsscseeesssseeseseesesaneeeenees 241 Using the Network Usage Report cccecssesssscssssesssscssssesecseseesesecsesaeecseseeseseesesateesaeees 241 Using the New Rogue Devices Repott ccccccssssessecsssssecsessesesscsesseeesseseeseseesesateesanses 242 Using the New Users R port ccccccssssssescssssssecseseessescssssesecseseesesecsesaesessesecseseesesateesanses 245 Using the PCI Compliance Report cesssescssssssssssscscssssesssecscsesecsesesessusecassesessesesaseees 245 Using the Port Usage Report cccssssescssssessccssesssscsessesecseseesesecsesaesecsusesseseesesaseesanses 246 Using the RADIUS Authentication Issues Report cceeseessesssseseeecsessseesssesesseseeaseees 246 Using the RF Health Report ccc cssssesssscssssesecseseesseecsesaesesseseesesecsesassessesesseseesesatsesaeses 247 Using the Rogue Clients Report ccccsssssssescssssssesssscscsessesesececsesecseseseesesecassesessnsesasenss 249 Using the Rogue Containment Audit Report cece csscssescssssesecesseseesessesessesensesanereanees 250 Using the Client Session R port cccccssssssssscssssssesssecscseseesesesessesecsssesessusecassesesaeseeaseess 250 BE TMG Fe Ci OU US sparr EE E EER 252 Emailing and Exporting Reports seisccecsoiecvvessncecesnstasnnndbcasectanbnannendadenincntastdnennsisentnsnteaavedietventeriias 255 Emailing Reports in General Email Applications
200. Variables in Templates Using Substitution Variables in Templates Using AP Specific Variables Configuring General Templates Perform the following steps to configure Templates within a Group l Select a Group to configure NOTE Start with a small group of access points and placing these APs in Monitor Only mode which is read only Do this using the K Modify Devices link until you are fully familiar with the template configuration process This prevents configuration changes from being applied to the APs until you are sure you have the correct configuration specified 2 Select an AP from the Group to serve as a model AP for the others in the Group You should select a device that is configured currently with all the desired settings If any APs in the group have two radios make sure to select a model AP that has two radios and that both are configured in proper and operational fashion Go to the Groups gt Templates configuration page Select Add to add a new template Select the type of device that will be configured by this template Select the model AP from the drop down list and select Fetch now A W AirWave automatically attempts to replace some values from the configuration of that AP with variables to enable AP specific options to be set on an AP by AP basis Refer to Using Template Syntax on page 157 These variables are always encapsulated between signs On the right side of the configuration page is the Addition
201. Wave versions Running Backup on Demand To create an immediate backup l Log into the AirWave system as root 2 Run the backup script by typing amp_backup This creates a backup of the system located in alternative databackup tar gz Restoring from a Backup To restore a backup file on a new machine l Use your AirWave Installation CD to build a new machine The new machine must be running the same version as the AirWave that created the backup file 2 Copy the nightly_data00 1 4 tar gz file to the tmp directory in the new AirWave A file transfer client that supports SFTP SCP for Windows is WinSCP http winscp sourceforge net eng WinSCP allows you to transfer the nightly00 1 4 tar gz file from your local PC to the new AirWave using the secure copy protocol SCP 3 Log onto the new server as root 4 Change to the scripts directory by typing scripts 224 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide 5 Run the restore script by typing amp_restore d tmp nightly_data00 1 4 tar gz 2 NOTE Network administrators can now use the nightly backup from a 32 bit AMP to restore AMP on a 64 bit installation rather than having to create a special backup file or use the special restore script Using AirWave Failover for Backup The failover version of AirWave provides a many to one hot backup server The Failover AirWave polls the watched AMPs to verify that each is
202. You must move all devices to other Groups before deleting a Group 4 Ensure that the Group is not a Global Group which has Subscriber Groups and is not a Group that was pushed from a Master Console AirWave will not delete a Group in which either of those is true 5 Select the checkbox and select Delete Changing Multiple Group Configurations Perform the following steps to make any changes to an existing group s configuration l Browse to the Groups gt List configuration page 100 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide 2 Select the Manage link the pencil icon for the group you wish to edit The Groups gt Basic configuration page appears 3 Select the fields to be edited on the Basic configuration page or go to Radio Security VLANs or MAC ACL configuration page and edit the fields Use the Save button to store the changes prior to applying them 4 When all changes for the group are complete select the Save and Apply button to make the changes permanent Figure 62 illustrates the confirmation message that appears Figure 62 Groups gt Basic Configuration Change Confirmation Page Illustration Confirm changes Group Access Points Not Managed by MC COP Neighbor Data Polling Period 5 minutes 10 minutes Device to Device Link Polling Period 60 seconds 90 seconds Interface Error Counter Polling Period 30 minutes 15 minutes Rogue AP and Device Location D
203. a WDS Master with the following lines Sif wds_role master aaa authentication login method_wds group wds aaa group server radius wds server 10 2 25 162 auth port 1645 acct port 1646 wlccp authentication server infrastructure method_wds wlccp wds priority 200 interface BVI1 wlccp ap username wlse password 7 O95B421A1C sendifs The following example sets an AP as a WDS Master Backup with the following lines Sif wds_role backup aaa authentication login method_wds group wds aaa group server radius wds server 10 2 25 162 auth port 1645 acct port 1646 wlccp authentication server infrastructure method_wds wlccp wds priority 250 interface BVI1 wlccp ap username wlse password 7 O95B421A1C sendifts SCP Required Settings in Templates A few things must be set up before enabling SCP on the Groups gt Basic configuration page The credentials used by AirWave to login to the AP must have level 15 privileges Without them AirWave is not able to communicate with the AP via SCP The line aaa authorization exec default local must be in the APs Dell PowerConnect W AirWave 7 4 User Guide Creating and Using Templates 161 configuration file and the AP must have the SCP server enabled These three settings correspond to the following lines in the AP s configuration file username Cisco privilege 15 password 7 0802455D0A16 aaa authorization exec default local ip scp server enable The username line is a guideline and will vary
204. abitEthernet or fastEther for wired interfaces Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 121 Table 75 APs Devices gt Monitor gt Wired Interfaces Fields and Descriptions Continued Field Description Admin Status The administrator setting that determined whether the port is on or off Operational Status Displays the current status of the interface If an interface is Up then AMP is able to ping it and fetch SNMP information If the AP is listed Down then AirWave is either unable to ping the interface or unable to read the necessary SNMP information from the device Duplex mode of the link full or half Dell PowerConnect Either Active Standby which provides redundancy so that when an active interface fails the user traffic W Port Mode can failover to the standby interface or one of the forwarding modes Split Bridge Input Capacity The input capacity of the interface Output Capacity The output capacity of the interface Figure 80 illustrates the interactive graphs and Table 76 describes the graphs on this page Figure 80 nteractive Graphs for a Dell PowerConnect W Series Controller Clients on Srini65i1 Last 4 hours Ball Usage on Srini651 Last 4 hours Ball Show All Maximum Average Show All Maximum Average g w Max Clients 2 clients 2 clients a w Avg Bits Per Second In 144 7 kbps 33 1 kbps C v Avg Bits Per Second Out 877 8 kbps 128 1 kbps B verao m saag CPU Util
205. able 11 describes the settings and default values in this section Table 11 AMP Setup gt General gt Display Fields and Default Values Default Description Use fully qualified Sets AirWave to use fully qualified domain names for APs instead of the AP name For domain names example testap yourdomain com would be used instead of testap This option is supported only for Cisco 10S Dell PowerConnect W Aruba Networks and Alcatel Lucent devices Show vendor specific All Devices Displays a drop down menu that determines which Group tabs and options are device settings for viewable by default in new groups and selects the device types that use fully qualified domain names This field has three options as follows All devices When selected AirWave displays all Group tabs and setting options Only devices on this AMP When selected AirWave hides all options and tabs that do not apply to the APs and devices currently on AirWave Selected device type When selected a new field appears listing many device types This option allows you to specify the device types for which AirWave displays group settings You can override this setting Look up wireless user Yes Enables AirWave to look up the DNS for new user hostnames This setting can be hostnames turned off to troubleshoot performance issues DNS Hostname 24 hours Defines the length of time in hours for which a DNS server hostname remains valid on Lifetime AirWave after wh
206. able for use by any local group that subscribes to the global group Go to the Groups gt Template configuration page for the local group and select the pencil icon next to the global template in the list Figure 116 illustrates this page Figure 116 Groups gt Templates Edit Upper Portion Group SG aruba Aruba 3600 Name Aruba 3600 3 3 1 11 Device Type Aruba 3600 Restrict to this version Yes Template firmware version 3 3 1 11 location 9 To make template changes go to the Groups gt Template configuration page for the global group and select the pencil icon next to the template you wish to edit Note that you cannot edit the template itself from the subscriber group s Groups gt Templates tab 10 If group template variables have been defined you are able to edit the value for the group on the Groups gt Templates Add configuration page in the Group Template Variables box For Symbol devices you are also able to define the template per group of APs For more information on using templates in AirWave see the previous section of this chapter It is also possible to create local templates in a subscriber group using global groups does not mean that global templates are mandatory 166 Creating and Using Templates Dell PowerConnect W AirWave 7 4 User Guide Chapter 7 Using RAPIDS and Rogue Classification This chapter provides an overview to rogue device and IDS event detection alerting and analysis usin
207. ach AP in the group It is obviously not desirable to set the IP address hostname and channel to the same values on every AP within a Group The variables in Table 92 are substituted with values specified on each access point s APs Devices gt Manage configuration page within the AirWave User page Sometimes the running config file on the AP does not include the command for one of these variables because the value is set to the default For example when the transmission power is set to maximum the default the line power local maximum will not appear in the AP running config file although it will appear in the startup config file AirWave would typically detect and flag this variance between the running config file and startup config file as a configuration mismatch To prevent AirWave from reporting a configuration mismatch between the desired startup config file and the running config file on the AP AirWave suppresses the lines in the desired configuration when auditing the AP configuration similar to the way AirWave suppresses lines enclosed in parentheses which is explained below A list of the default values that causes lines to be suppressed when reporting configuration mismatches is shown in Table 92 Table 92 Substitution Variables in Templates Variable Meaning Command Suppressed Default hostname Name hostname hostname pe channel Channel channel channel ip address netmask IP address ip address ip_address
208. ading IOS APs The safe flag must be IOS firmware upgrade disabled on older APs for the firmware file to fit in flash memory command Email Recipients r Displays a list of email addresses that should receive alert emails if a firmware upgrade fails Sender Address None Displays the From address in the alert email Figure 107 APs Devices gt Manage Firmware Upgrades hesired Version Choose the desired firmware version to be applied to Cisco 19 5F 2B 10 51 3 128 Upload firmware files on the Device Setup Upload Firmware amp Files page Current Version 12 4 21a JAl1 Desired Version Select firmware version Firmware Upgrade Job Options Job name Firmware upgrade for Cisco 19 Use safe flag for Cisco IOS firmware upgrade command Yes No Serve firmware files from this interface 10 2 32 10 Failure Notification Options To be notified when upgrades fail and when a job is stopped enter email addresses of the form user domain Separate multiple addresses by spaces commas or semicolons Email Recipients user example com Sender Address me networks com Initiating a firmware upgrade will change the Firmware Status column for the device to Pending in APs Devices gt List You can review the status of all recent firmware upgrade jobs in System gt Firmware Upgrade Jobs Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 145 Troubleshooting a Newly Di
209. age Illustration Upload a list of devices Group Spectrum APs sa Folder Top _Choose File import_devices csv Upload The list must be in comma separated values CSV format containing the following columns 1 IP Address 2 SNMP Community String 3 Name 4 Type 5 Auth Password 6 SNMPv3 Auth Protocol 7 Privacy Password amp SNMPv3 Privacy Protocol 9 SNMPv3 Username 10 Telnet Username 11 Telnet Password 12 Enable Password 13 SNMP Port IP Address is required the others are optional Type is a case nsensitive string you can view a list of device types Download a sample file or see the example below IP Address SNMP Community String Name Type Auth Password SNMPw3 Auth Protoce l 34 64 1653 private switchi example com Router Switch nonradiance md5 priv la i 2 97 172 private switch2 example com rauter switch nonradiance sha ori 3 Select a group and folder into which to import the list of devices 4 Select Choose File and select the CSV list file on your computer 5 Select Upload to add the list of devices into AirWave Adding Universal Devices AirWave gets basic monitoring information from any device including switches routers and APs whether or not they are supported devices Entering SNMP credentials is optional If no SNMP credentials are entered AirWave will provide ICMP monitoring of universal devices This allows you to monitor key elements of the wired network infrastructure includin
210. age Network Usage All Groups Folders and SSIDs 5 20 2009 2 00 AM 5 21 2009 2 00 AM A 5 21 2009 2 24 AM yourdomain memory and cpu utilization Memory and CPU Utilization All Groups and Folders 5 20 2009 2 00 AM 5 21 2009 2 00 AM 5 21 2009 2 23 AM yourdomain inventory Inventory All Groups and Folders 5 21 2009 2 23 AM yourdomain ids event IDS Events All Groups and Folders 5 20 2009 2 00 AM 5 21 2009 2 00 AM Select All Unselect All Generated reports for other roles 1 5 w of 5Reports Page iwofi Role a Generation Time Title Type Subject Report Start Report End Admin Team 4 24 2009 9 19 AM Capacity Report From Cron Capacity Planning All Groups Folders and SSIDs 4 23 2009 12 00 AM 4 24 2009 12 00 AM g Admin Team Failed Capacity Report From Cron Capacity Planning All Groups Folders and SSIDs 4 23 2009 12 00 AM 4 24 2009 12 00 AM Partner 4 28 2009 7 15 AM PCICompliance Detailed 3wks Acme PCI Compliance Group Acme HQ 4 7 2009 7 12 AM 4 28 2009 7 12 AM Figure 164 Reports gt Generated Page with Single click Report Viewing Options Latest Capacity Planning Report Latest Configuration Audit Report Latest Custom Report Latest Device Summary Report Latest Device Uptime Report Latest IDS Events Report Latest Inventory Report Latest Memory and CPU Utilization Report Latest Network Usage Report Latest New Rogue Devices Report Latest New Users Report Latest PCI Compliance Report Latest Port Usage Report Latest RADIUS Authentication
211. agement mode and there are mismatches between the desired configuration and the configuration on the device 1 2 3 Install firewalls between any wireless networks and the cardholder data environment Pass A device passes if it can function as a stateful firewall 2 1 Always change vendor supplied defaults Fass A device fails if the usernames passwords or SNMP credentials being used by AWMS to communicate with the device are on a list of forbidden credentials The list includes common manufacturer defaults 2 1 1 Change vendor supplied defaults for wireless environments Pass A device fails if the passphrases SSIDs or other security related settings are on a list of forbidden values The list includes common manufacturer defaults 4 1 1 Use strong encryption in wireless networks Pass A device fails if the desired or actual configuration reflect that WEP is enabled or if associated users can connect with WEP Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 245 Using the Port Usage Report You can generate a wide array of port usage statistics from the Port Usage Report including each of the following e List of all the switches and ports in your network by folder e List of unused ports e List of access and distribution ports e Histogram displaying unused ports vs unused switches by type access or distribution e List of most used switches e List of most used ports A sample of the types of
212. aily Administration in AirWave 217 Figure 157 System gt Performance Page Illustration Partial Screen Tene rors it aa eee ee ee a ee d Cer ee ee ee es ee ee ay Wiel Mirae H 2 Cg aa bec Ll ot maal Erral harder iin E ef aj i a a j r ja psig pct levi DER raai h Lad dW dower arris ee ne ee TS p Disia Fliir DTF Mapki lL d EDHE HEA cee a r Me bhi WEF he ee 0 ch ee cr Se eo issii D l rere ii fit Eri coed eee EB LER mn Han LOE ke be hiji Dnm rmn aT Para mm TREET BS Se eee EET BICI ns i g E Cat M 2 oe MiGs el Ibi E T A 7H j E ibe i ria aT i La a Gir aT i HEE Be ek foes ep Bee ay es m be m bg E i ee Lm e ETTE mm LAEL J H 4F 2 ihe je eile BLS Ati FLI ILI E E Eii BVioe 2 tiim L ie HE bt Evin irah 4 E ki Bie beer fries ih i I i Bi Eire beaver beak lih en iLE has Aid wal Gre b h ae TURE ibi i ei Co en liik ibi iYi el ma MEL r oe bi ii ibi Aari od e lii ire li l aba H Haie mag na a E m le i a44 a7 amp Gat Ball ia 4 ad k E kr Ti 4 LG a Gifts Pasa Eil a I bi Li Tl bi iF ns i Ery br prem DUFF br Penn LE F a s EPD N mru BF fe Emenn laa Js E i E SL Tep 5 Tekn ey rea ami Teta Be Cont Aare a A oe Core Cee Derr 2 eerpel Ha a ae ieee at hyay ajbi a ee Faa ores HEGEE Hi Li HIE Fi H Lam ha ma Bad os ha Ere Ba Ju ka pis La Js Dar See i hei Bw ee le
213. al Variables section This section lists all available variables for your template Variables that are in use in a template are green while variables that are not yet in use are black Verify these substitutions to ensure that all of the settings that you believe should be managed on an AP by AP basis are labeled as variables in this fashion If you believe that any AP level settings are not marked correctly please contact DellAirWave support before proceeding 7 Specify the device types for the template The templates only apply to devices of the specified type Specify whether AirWave should reboot the devices after a configuration push If the Reboot Devices after Configuration Changes option is selected then AirWave instructs the AP to copy the configuration from AirWave to the startup configuration file of the AP and reboot the AP If the Reboot Devices after Configuration Changes option is not selected then AirWave instructs the AP to copy the configuration to the startup configuration file and then tell the AP to copy the startup configuration file to the running configuration file Use the reboot option when there are changes requiring reboot to take effect for example removing a new SSID from a Cisco IOS device Copying the configuration from startup configuration file to running configuration file merges the two configurations and can cause undesired configuration lines to remain active on the AP 8 Restrict the template to apply on
214. all devices and groups contained by the Top folder The top folder and its subfolders must contain all of the devices in any of the groups It can view NOTE AirWave enables user roles to be created with access to folders within multiple branches of the overall hierarchy This feature assists non administrator users who support a subset of accounts or sites within a single AirWave deployment such as help desk or IT staff User roles can be restricted to multiple folders within the overall hierarchy even if they do not share the same top level folder Non administrator users are only able to see data and users for devices within their assigned subset of folders Sets the RAPIDS privileges which are set separately from the APs Devices This field specifies the RAPIDS privileges for the role and options are as follows None Cannot view the RAPIDS tab or any Rogue APs Read Only tThe user can view the RAPIDS pages but cannot make any changes to rogue APs or perform OS scans Read Write The user may edit individual rogues classification threat levels and notes and perform OS scans Administrator Has the same privileges as the Read Write user but can also set up RAPIDS rules override scores and is the only user who can access the RAPIDS gt Setup page Sets the VisualRF privileges which are set separately from the APs Devices for this role Options are as follows Read Only tThe user can view the VisualRF pages but cannot
215. all folders defined in AirWave from the APs Devices List page See Using Device Folders Optional on page 134 Go to group This menu lists all groups defined in AirWave and enables you to display information for any or all of them Use the Groups pages to edit add or delete groups that appear in this section See Configuring and Using Device Groups in AirWave on page 69 View Latest Reports AirWave supports creating custom reports or viewing the latest daily version of any report Select any report type to display the daily version See Creating Running and Emailing Reports on page 227 Common Tasks This menu lists quick links to the most heavily used task oriented pages in AirWave to include the following Configure Alert Thresholds This link takes you to the System gt Triggers page See System gt Performance Displays basic AirWave hardware information as well as resource usage over time Refer to Using the System gt Performance Page on page 217 on page 183 Configure Default Credentials This link takes you to the Device Setup gt Communication page See Configuring Communication Settings for Discovered Devices on page 53 Discover New Devices on Your Network This link takes you to the Device Setup gt Discover page See Discovering Adding and Managing Devices on page 107 Supported Devices and Features This link displays a PDF that summarizes all supported devices and featu
216. ally zero disables 14 nee E EREE Acknowledged Alerts 0 550 days zero disables Jeo Add New Controllers and Autonomous Devices New Device ist gt Radius ARM IDS Events 0 550 days zero Location New Device List z disables 14 Add New Thin APs Location New Device List Archived Device Configurations 0 100 zero Ti disables S Topheader Cs Archive device configs even if they only have r e Stats M New Devices SHa SESE S Up Wired amp Wireless Guest Users 0 550 days zero disables 30 Up Wired i Inactive 5510s 0 550 d zero disables ja25 Up Wireless ii M Down Wired amp Wireless Inactive Interfaces 0 550 days zero disables 425 I Down Wired Interface Status Hist History 0 550 days zero Down Wireless disables a25 M Mismatched Interfering Devices 0 550 days zero disables 14 V Rogues I Clients Device Events Syslog Traps 1 31 days 2 l VPN Sessions Device Uptime 0 120 months zero disables s0 Iv Alerts Select All Unselect All a Allow firmware upgrades in monitor only mode Yes No Include device types Fat APs Simultaneous Jobs 1 20 20 M Thin APs Controllers Simultaneous Devices Per Job 1 1000 20 M Switches Failures before stopping 0 20 zero disables ft M Others ae ee oer 00 onal A F j Enable FTP server required to manage Aruba AirMesh Select All Unselect All amp Cisco WLC APs optional for FTP upgrades on i Yes G No
217. also have the option of specifying vendor name only and AirWave will automatically determine the correct type while bringing up the device If your CSV file includes make and model information AirWave will add the information provided in the CSV file as it did before It will not override what you have specified in this file in any way The CSV list must contain the following columns IP Address SNMP Community String 114 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Name Type Auth Password SNMPv3 Auth Protocol Privacy Password SNMPv3 Username Telnet Username Telnet Password Enable Password SNMP Port You can download a CSV file and customize it as you like A sample CSV file is illustrated in Figure 73 Figure 73 Sample CSV File IP Address SNMP Community String Name Type Auth Password SNMPv3 Auth Protocol Privacy Password SNMPv3 Privacy Protocol SNMPv3 Username Tel 10 34 64 163 private switchi example com Router Switch nonradiance md5 privacyi23 aes sv3user telnetuser telnetpwd enable 1i6i 10 172 97 172 private switch2 example com router switch nonradiance sha privacyi23 des user 10 70 36 172 public Cisco WLC 4012 3 Cisco 4000 WLC 10 46 111 48 l To import a CSV file go to the Device Setup gt Add page 2 Select the Import Devices via CSV link The Upload a list of devices page displays see Figure 74 Figure 74 Device Setup gt Add gt Import Devices via CSV P
218. an Organization String which automatically initializes and organizes the IAPs in AMP Unlike the traditional infrastructure of Dell PowerConnect W AirWave 7 4 User Guide Setting Up Dell PowerConnect W Instant in AirWave 295 a physical controller and thin APs Dell PowerConnect W Instant automates many tedious steps of developing a complex hierarchical structure of folders config groups templates admin users and admin roles for Dell PowerConnect W Instant Communication via HTTPS Because Dell PowerConnect W Instant devices may be deployed behind NAT enabled firewalls Virtual Controllers push data to AMP via HTTPS AMP initiates no connections to Dell PowerConnect W Instant devices via SNMP TFTP SSH and the like This enables quick remote setup without having to modify firewall rules Virtual controller listed as separate device The Virtual Controller is listed as an additional device even though it is part of the existing set of IAPs If you have 10 physical IAPs AMP will list 10 Dell PowerConnect W Instant IAPs and one Dell PowerConnect W Instant Virtual Controller You can identify the IAP acting as the Virtual Controller by their identical LAN MAC addresses in APs Devices gt List pages Device Inventory reports and any other AMP pages that list your network devices Refer to the Dell PowerConnect W Instant Data Sheet for full operational and regulatory specifications hardware capabilities antenna plots and radio details
219. an rogue devices veo C No ae Y 3 Yes No Filter IDS Events from Remote APs Yes No Classification Options Acknowledge Rogues by Default Manually Classifying Rogues Automatically Acknowledges Them C ves No Save Save and Apply Revert ves C No Table 94 RAPIDS gt Setup gt Basic Configuration Fields Default ARP IP Match Timeout RAPIDS Export Threshold Suspected Wired to Wireless MAC Address Correlation Wireless BSSID Correlation Delete Rogues not detected for 0 14 days zero disables Automatically OS scan rogue devices Description If you have routers and switches on the AMP and it s scanning them for ARP tables this can assign a rogue IP address information This timeout specifies how recent that information needs to be for the IP address to be considered valid Note that the default ARP poll period is long several hours Exported rogues will be sent to VisualRF for location calculation Discovered BSSIDs and LAN MAC addresses which are within this bitmask will be combined into one device 4 requires all but the last digit match aa bb cc dd ee fX 8 requires all but the last two digits match aa bb cc dd ee XX Similar BSSIDs will be combined into one device when they fall within this bitmask Setting this value too high may result in identifying two different physical devices as the same rogue Note When you change this value RAPIDS will not immediately combine or un com
220. anage page of a device or from the Modify Devices actions on a list of devices Firmware Server Log Name a Role Username Created Status Scheduled Start Time Total Devices Pending In Progress Completed Failed Firmware upgrade for 5500 6 0 196 0 AMP Administration admin 4 7 2011 2 57 PM Failed 1 0 0 1 0 Firmware upgrade for Cisco4400 AMP Administration admin 4 6 2011 3 07 PM Failed 1 0 0 0 1 Firmware upgrade for Cisco4400 AMP Administration admin 4 6 2011 3 12 PM Failed 1 0 0 0 1 Firmware upgrade for Cisco4400 AMP Administration admin 4 6 2011 3 22 PM Failed 1 0 0 0 1 4 Firmware Upgrade Jobs Select All Unselect All Restart Failed Jobs Cancel and Delete Jobs You can perform the following operations on this page To restart failed firmware upgrade jobs select the checkboxes next to the rows you want to restart and select the Restart Failed Jobs button To stop a pending upgrade job and remove it from the list select the Cancel and Delete Jobs button Use additional links on the page as shortcuts to the Device Setup gt Upload Firmware amp Files page or the complete raw text of the Firmware Server Log 216 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide e To view additional details about an individual upgrade job including the devices being upgraded select the name of an upgrade job from the Name column to go to the System gt Firmware Upgrade Job Detail page illu
221. ance page to ensure your server is functioning properly when you make a change to this setting Other items worth noting If this is a CAD file then the Floor Plan creation wizard will automatically inherit height and width from the drawing If this is a non CAD file then the height and width is zero CAD files are converted to a JPG with a resolution of 4096 horizontal pixels at 100 quality prior to cropping If you crop then you will lose clarity CAD files may not exceed 10 MB Metric CAD files are supported Importing GIF files for floor plans will result in blank QuickView thumbnails Sizing a Non CAD Floor Plan You should not have to resize a CAD drawing unless you see nonsensical dimensions To resize a non CAD image if you already know the dimensions follow these steps l Select the Manually Measure Floor button in the Dimensions section The pointer changes to a cross hair icon 2 Locate two points within the floor plan that you know the distance Most door jams door openings are 3 feet 3 Select and hold to establish the first point and drag your mouse to the second point and release 4 A distance dialogue box appears Enter the proper length in feet as shown in Figure 222 Figure 222 Manually Measuring a Floor Plan Size How far is the distance you ve dravm on the floorplan aon OK Cancel 5 Select OK Floor plans can be resized in VisualRF after they have been uploaded Within VisualRF yo
222. and Alerts Triggers and Alerts that are associated with rogue devices follow the classification based system described in this chapter For additional information about triggers that support rogue device detection see to Viewing Delivering and Responding to Triggers and Alerts on page 187 Reports The New Rogue Devices Report displays summary and detail information about all rogues first discovered in a given time period For more information see Using the New Rogue Devices Report on page 242 For additional security related features and functions see the following topics in this guide Configuring Group Security Settings on page 81 Configuring Cisco WLC Security Parameters and Functions on page 95 Configuring Group SSIDs and VLANs on page 83 Monitoring and Supporting AirWave with the System Pages on page 183 182 Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7 4 User Guide Chapter 8 Performing Daily Administration in AirWave Daily WLAN administration often entails network monitoring supporting WLAN and AirWave users and monitoring AirWave system operations This chapter contains the following administration procedures Monitoring and Supporting AirWave with the System Pages on page 183 Monitoring and Supporting WLAN Clients on page 196 Evaluating and Diagnosing User Status and Issues on page 203 Managing Mobile Devices with SOT
223. and Getting Started 23 Table 6 Components and Subtabs of the AirWave Navigation Continued Main Tab Description Groups The Groups pages provide information on the logical groups of devices List that have been established for efficient monitoring and configuration For Focused Subtabs additional information see Chapter 4 Configuring and Using Device Monitor Groups in AirWave on page 69 Basic NOTE Some of the focused subtabs will not appear for all groups Templates Focused subtabs are visible based on the device type field on the Groups Security gt Basic page This subtab Is the first page to appear when adding or SSIDs editing groups AAA Servers NOTE When individual device configurations are specified device level Radio settings override the Group level settings to which a device belongs Dell Config Cisco WLC Config PTMP Proxim Mesh MAC ACL Firmware Compare APs Devices The APs Devices pages provide detailed information about all authorized List APs and wireless LAN switches or controllers on the network including New all configuration and current monitoring data Up These pages interact with several additional pages in AirWave Refer to Down Chapter 5 Discovering Adding and Managing Devices on page 107 Mismatched Ignored NOTE When specified device level settings override the default Group E Subtabs level settings Monitor Manage Interfaces Audit Compliance Rogues Contained
224. and after the maintenance period is over the devices automatically revert to Monitor Only mode Maintenance windows can be set as a one time or recurring event on the APs Devices gt Manage and Groups gt Basic page You can also use the Modify Devices link to add or delete maintenance windows to multiple selected devices at once Additionally this feature can be used on Master Console to set maintenance windows for multiple AMPs To set a maintenance window for a single device in APs Devices gt Manage follow these steps l Navigate to the APs Devices gt Manage page for a device 2 At the bottom of the page locate the Maintenance Windows section 3 Select Add New AP Maintenance Window Figure 99 Add New Maintenance Window in APs Devices gt Manage page Maintenance Windows Add New AP Maintenance Window Name Duration Scheduled S Yearly maintenance 15 minutes Every January 10th at 12 30 am 4 Enter a name for the maintenance window In the Occurs field specify whether the maintenance window should occur one time or daily weekly monthly or annually Set the desired start time and the duration in minutes of the maintenance window Select Add Configuring Device Interfaces for Switches When you go to the APs Devices gt Intertaces page for a switch you can add a Virtual interface by selecting Add and entering the appropriate information in the page that then appears as shown in Figure 100 Dell Power
225. appendix contains the following topics Overview of Dell PowerConnect W Instant on page 295 Using Dell PowerConnect W Instant with AMP on page 295 Workflow of the Dell PowerConnect W Instant and AMP Integration Process on page 296 AMP Pages with Instant Specific Features on page 299 Other Available Features on page 300 Known Issues of Dell PowerConnect W Instant Integration with AirWave on page 300 Overview of Dell PowerConnect W Instant Dell PowerConnect W Instant is a system of up to 16 access points IAP 92 IAP 93 or IAP 105 per Layer 2 subnet Dell PowerConnect W Instant IAPs are controlled by a single IAP that serves a dual role as a primary Virtual Controller eliminating the need for dedicated controller hardware This system can be deployed through a simplified setup process appropriate for smaller organizations or for multiple geographically dispersed locations without an on site administrator Only the first IAP Virtual Controller you add to the network must be configured the subsequent IAPs will all inherit the necessary configuration information from the Virtual Controller Dell PowerConnect W Instant continually monitors the network to determine which IAP should function as the Virtual Controller at any time and the Virtual Controller will move from IAP to IAP as necessary without impacting network performance The Virtual Controller technology in Dell PowerConnect W Instant is capable of IA
226. ar across the navigation section if this group Is selected Uniquely identifies the group by location vendor department or any other identifier such as Accounting APs Floor 1 APs Cisco devices 802 1x APs and so forth Is Global Group If a group is designated as global it may not contain APs but it may be used as a template for other groups This column may also indicate Yes if this group has been pushed to the AMP from a Master Console Global Group Specifies which group this Subscriber Group is using as its template SSID The SSID assigned to supported device types within the group Total number of devices contained in the group including APs controllers routers or switches The number of access points within the group that are not reachable via SNMP or are no longer associated to a controller Note that thin APs are not directly polled with SNMP but are polled through the controller That controller may report that the thin AP is down or is no longer on the controller At this point AirWave classifies the device as down The number of devices within the group that are in a mismatched state The number of ignored devices in that group Clients The number of mobile users associated with all access points within the group To avoid double counting of clients clients are only listed in the group of the AP with which they are associated Note that device groups with only controllers in them report no clients
227. ar both the Primary and Secondary NTP server fields Any problem related to communication between AirWave and the NIP servers creates an entry in the event log Table 20 describes the settings and default values in more detail For more information on ensuring that AMP servers have the correct time please see http support ntp org bin view Servers NTPPoolServers Table 20 AMP Setup gt Network gt Secondary Network Fields and Default Values Setting Default Description ntp1 yourdomain com Sets the IP address or DNS name for the primary NTP server Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 43 Table 20 AMP Setup gt Network gt Secondary Network Fields and Default Values Continued Setting Default Description ntp2 yourdomain com Sets the IP address or DNS name for the secondary NTP server 3 On the AMP Setup gt Network page locate the Static Routes area This section displays network subnet mask and gateway settings that you have detined elsewhere from a command line interface K NOTE This section does not enable you to configure new routes or remove existing routes 4 Select Save when you have completed all changes on the AMP Setup gt Network page or select Revert to return to the last settings Save restarts any affected services and may temporarily disrupt your network connection What Next Go to additional tabs in the AMP Setup section to continue additional setup configurations C
228. arent when considering the diverse components within a WLAN Table 3 itemizes some example network components Table 3 Components of a WLAN Component Description Autonomous AP Standalone device which performs radio and authentication functions Thin AP Radio only device coupled with WLAN controller to perform authentication WLAN controller Used in conjunction with thin APs to coordinate authentication and roaming Network Management Systems and Event Correlation OpenView Tivoli and so forth RADIUS Authentication RADIUS authentication servers Funk FreeRADIUS ACS or IAS The flexibility of AirWave enables it to integrate seamlessly into your business hierarchy as well as your network topology AirWave facilitates various administrative roles to match each individual user s role and responsibility A Help Desk user may be given read only access to monitoring data without being permitted to make configuration changes Dell PowerConnect W AirWave 7 4 User Guide Introduction 15 A U S based network engineer may be given read write access to manage device configurations in North America but not to control devices in the rest of the world A security auditor may be given read write access to configure security policies across the entire WLAN NOC personnel may be given read only access to monitoring all devices from the Master Console 16 Introduction Dell PowerConnect W AirWave 7 4 User Guide Chapter 2 Installing an
229. ariable name cannot have any spaces or non alphanumeric characters The initial variable value entered is the default value but can be changed on a per group basis later You can also populate global template variables by uploading a CSV file see below 5 Once you have configured your global template select Add You are taken to a confirmation configuration page where you can review your changes 6 If you want to add the global template select Apply Changes Now If you do not want to add the template select Cancel and Discard Changes Canceling from the confirmation configuration page causes the template and all of the template variables to be lost 7 Once you have added a new global template you can use a CSV upload option to configure global template variables Go to the Groups gt Templates configuration page and select the CSV upload icon for the template The CSV file must contain columns for Group Name and Variable Name All fields must be completed Group Name the name of the subscriber group that you wish to update Variable Name the name of the group template variable you wish to update Variable Value the value to set For example for a global template with a variable called ssid_1 the CSV file might resemble what follows Dell PowerConnect W AirWave 7 4 User Guide Creating and Using Templates 165 Group Name ssid_l Subscriber 1 Value 0 8 Once you have defined and saved a global template it is avail
230. at support dell com Step 2 Installing AirWave Software The following message appears while AirWave software is transferred and compiled STEP 2 Installing AirWave software This will take a few minutes Press Alt F9 to see detailed messages Press Alt Fl return to this screen This step requires no user input but you can follow the instructions to monitor its progress and switch back to the installation screen Step 3 Checking the AirWave Installation After the AirWave software installation is complete the following message appears STEP 3 Checking AirWave installation Database is up AirWave is running version version number This step requires no user input Proceed to the next step as prompted to do so Step 4 Assigning an IP Address to the AirWave System While the AirWave primary network interface accepts a DHCP address initially during installation AirWave does not function when launched unless a static IP is assigned Complete these tasks to assign the static IP address The following message appears STEP 4 Assigning AirWave s address AirWave must be configured with a static IP SSS SSS See Sees Primary Network Interface Configuration SS o sessssS s4 1 IP Address XXX XXX XXX XXX 2 Netmask XXX XXX XXX XXX 3 Gateway XXX XXX XXX XXX 4 Primary DNS XXX XXX XXX XXX 5 secondary DNS XXX XXX XXX XXX Dell PowerConnect W AirWave 7 4 User Guide Installing and Getting Started 19 9 Commit Changes
231. ata Folling Period 5 minutes 10 minutes Thin AP Discovery Polling Period 2 minutes Sminutes Up Down Status Polling Period 60 seconds 90 seconds Lise MAC ACL Ho Use manual setting on each device pple Changes Mow Cancel Scheduling Options Specify numeric dates with optional 24 hour times like 4 2003 or 2003 07 04 For July 4th 2003 or 4 2003 13 00 for July 4th 2003 at 1 00 PM or specify relative times ilike tomorrow at noon or next tuesday at 4am Other input Formats may be accepted Current Local Time January 17 2011 3 39 pm PST Desired Start Date Time Schedule Select other groups to change Group Current Local Time fF 1111 January 17 2011 3 39 pm PST wss100 January 17 2011 3 39 pm PST Select All Unselect All Preview 5 AirWave displays a Configuration Change screen confirming the changes that will be applied to the group s settings 6 There are several action possibilities from within this confirmation configuration page Apply Changes Now Applies the changes immediately to access points within the group If you wish to edit multiple groups you must use the Preview button 2 NOTE You cannot apply Dell PowerConnect W Config changes to other groups If the only changes on the configuration page are to Dell PowerConnect W devices the list of groups and the preview button will not appear Schedule Schedules the changes to be applied to this group in the future Enter the de
232. ateess 126 Recent ARM Events L0g cccssssescssssesscsssesssecssseecsesecseseesesaesesseseeeeseesesaeeessnseseneess 127 Detected Interfering Devices Table ccc cssessescssssessseessesseecseseesessesesaseesseseserees 128 Active SSIES Table seeiis a E A 128 Monitoring Data for Mesh DeVICES ccsecssssessscssesssecsesseeseesesaseesseseeseseesesseeesausesensess 128 Monitoring Data for Wired Devices Routers and Switches nssssssssssesscsrenss 130 Contents 5 Understanding the APs Devices gt Interfaces Page ccscssssssscsessescssssesesseseesereseees 132 Auditing Device Configuration cccsssssessssesessssccssssesesecscsesecsssesecsesecassesecsusesassesesanseses 133 Using Device Folders Optional csssssssssscscscssscsscscssssssssescesssscseseeeeseeeensesesesetssseeeenen 134 Configuring and Managing DeVICES ccccscscssesessssccssssesesecscseseesseseesesecsesesessusesassesesansesatonss 134 Moving a Device from Monitor Only to Manage Read Write Mode ccccseeseeee 135 Configuring AP Settings crisisen E E 135 Setting a Maintenance Window for a Device ccscsseseseesescssseesseesesseseeseesesseseeaseeeeans 141 Configuring Device Interfaces for SWITCHES cccecesscssesesesecsesessesteesesseseeassesesseeeatenes 141 Individual Device Support and Firmware Upgrades ccccsescscssssessssssessseesseeceeseseees 144 Troubleshooting a Newly Discovered Down DeVICEC
233. atel Lucent AP 124 5 0 1 0 1 0 18 AlcateLLucent OAW 4308 5 0 1 0 1 0 18 APC AP7900 v3 7 0 2 0 37 Aruba 200 5 0 2 0 3 0 55 Aruba 2400 3 1 1 7 1 0 18 Aruba 2400 3 4 3 1 1 0 18 Aruba 2400 5 0 1 0 1 0 18 Aruba 3200 3 3 2 24 m 3 1 11 1 0 18 ETE mape Aruba 3200 6 0 0 1 1 0 18 Aruba 3200 6 0 1 0 1 0 18 Ache AP GS 5 0 7 0 14 7 Aruba 3400 3 3 2 24 m 3 1 12 1 0 18 O Unknown A S Aruba 3600 5 0 1 0 5 0 92 O Aruba AP 125 6 0 0 0 3 8 Aruba 3600 6 0 0 0 Fd 0 37 Aruba 6000 3 4 4 0 1 0 18 Aruba 6000 6 0 0 0 1 0 18 Aruba 620 3 4 2 5 1 0 18 Aruba 651 3 4 3 0 1 0 18 Aruba 651 6 0 0 0 1 0 18 Aruba 800 2 5 6 20 1 0 18 Aruba 800 3 3 2 19 FIPS 1 0 18 Aruba 800 5 0 2 0 2 0 37 Aruba AP 105 3 4 4 0 1 47 Aruba AP 105 5 0 1 0 2 0 37 Aruba AP 105 6 0 1 0 1 0 18 164 Versions 546 100 00 Model Summary Model Count of Total Aruba RAP 2WG Aruba AP 65 16 67 Aruba AP 125 7 51 Aruba RAF DWH 3 00 Aruba AP 70 2 93 Aruba AP 105 12 2 20 Cisco Aironet 1030 LVWAPP 9 1 65 Cisco Aironet 1000 LVWAPP 8 1 47 Aruba 3600 T 1 28 Aruba AP 61 6 1 10 Unknown 6 1 10 otter ba He Cisco Catalyst 3750 2475 3 0 92 Symbol 5131 4 0 73 Aruba RAP 2W 28 0 E Aruba AP 65 16 7 Symbol AP 100 4 0 73 O Aruba AP 125 7 5 Aruba 800 4 0 73 Aruba RAP SWN 3 7 HP ProCurve 420 3 0 55 Proxim AP 700 3 0 59 118 Models 546 100 00 240 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Usin
234. ates cccccccccescccecccecccescccscececccnseeaees 140 static IPs aSSigning seeeeereerrrerrrrrrrrererennnn 75 Static Routes cc ccccccceccecccecceccecceccceccucceccaceseeaceecens 44 switches virtual interfaces ccccccccescccescccescecscecesceeuscss 141 ODLET plo eee E E 78 90 151 a a re E E 39 185 system status VICWING s sesseesresrreereerrnsrrnrrrerrnneneo 184 Dell PowerConnect W AirWave 7 4 User Guide T Eien einen bat sta ciecasoacuuerenisatiescedeiauaciaee 49 80 configuring authentication 48 atO ANAT ra cares 48 Telnet SSH Timeout cccccccceccecceececceececcaeeeeees 54 EEO Eo A E eee ee eee eee eee eee 152 UU ae cee ctr E eee 154 165 configuring a global template ee 165 configuring Cisco IOS templates 160 configuring fOr STOUDS eceeeeeeeeeeeeeeeeteees 151 global template variables 0 0 0 eee 165 yariables 00 cccccecccceecccccecccceceeccceccecccceececceuaeeens 165 Top ws Kore s Cor ae 1 eee reer eee nee eee 29 Transmit Power Level cccccccceccccceececcaeceeeeeeees 139 UTADA YDES n 127 Taapeec ee eee ee 151 PEDO 1S race gece E A T 187 194 U UI understanding the navigation bar 0 29 Unexpected LAN MAC Address c eeeeee 146 Universal devices adding 0 0 eeceseeeeeeeeeeeeeeees 115 user account CONFIQSUTING o s 215 User Data Polling Period 00 0 eee eeeeeeee 126 Wiser Idle Wim Ot scc
235. atic IP Assignment Fields and Default Values Setting Default Description Assign Static IP Enables AirWave to statically assign IP addresses from a specified range to all devices in the Addresses to Group Devices Start IP Address Sets the first address AirWave assigns to the devices in the Group Addresses Subnet Mask Sets the subnet mask to be assigned to the devices in the Group Subnet Gateway Sets the gateway to be assigned to the devices in the Group Next IP Address Defines the next IP address queued for assignment This field is disabled for the initial Access Points group Number of Sets the number of addresses in the pool from which AirWave can assign IP addresses Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 75 8 To configure Spanning Tree Protocol on WLC devices and Proxim APs locate the Spanning Tree Protocol section on the Groups gt Basic configuration page Adjust these settings as required lable 44 describes the settings and default values Table 44 Spanning Tree Protocol Fields and Default Values Setting Default Description Spanning Tree Enables or disables Spanning Tree Protocol on Proxim APs Protocol Bridge Priority Sets the priority for the AP Values range from 0 to 65535 Lower values have higher priority The lowest value is the root of the spanning tree If all devices are at default the device with the lowest MAC address will become the root
236. ature in the AirWave database Customizing the Dashboard You can rearrange or remove widgets appearing on the Home gt Overview dashboard by selecting the Customize link to the right of this window as shown in Figure 12 Figure 12 Customize Button on the Home gt Overview Page ties Groups APs Devices Clhents Reports System Device Setup AMP Setup RAPIDS VisualRF id i ii Welcome to AMP 7 4 AirWave Management Platform AirWave Wireless The Customize workspace that appears is shown in Figure 13 Search Documentation License User Info 32 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Figure 13 Customize Overview Page Drag widgets from the Available Widgets list to the canvas on the right The title bar E a Bas will be green when the layout is valid or red when invalid Remove widgets by clicking the El icon 13 10 Teil 14 10 1 10 lii Maximum Average Show All Maximum Average 139 users 103 users OB v Avg Bits Per Second In 2 5 Mbps 1 3 Mbps JC Avg Bits Per Second Out 4 E Mbps 2 3 Mbps Oo D IDS Events D o g Incidents a Q Lt RADIUS Authentication Tues 0 0 D O Gon ii DB up CERE E Tein mar 17 BDdadit Disabled Oo Di aot devices are Down ST of 71 devices are Wisrmatthed Quick Links lg Go to folder l Goto group T i View Latest Reports Common Tasks T The Available Widgets section on the left with no gridlines holds all po
237. atus AirWave users without RAPIDS visibility enabled will not see the 11 1 PCI requirements in the PCI Compliance Report Table 38 PC Requirements and Support in AirWave Requirement Description Monitoring configuration standards for network firewall devices When Enabled PCI Requirement 1 1 establishes firewall and router configuration standards A device fails Requirement 1 1 if there are mismatches between the desired configuration and the configuration on the device When Disabled firewall router and device configurations are not checked for PCI compliance and Pass or Fail status is not reported or monitored Monitoring firewall installation between any wireless networks and the cardholder data environment When Enabled A device passes requirement 1 2 3 if it can function as a stateful firewall When Disabled firewall router and device installation are not checked for PCI compliance Monitoring the presence of vendor supplied default security settings When Enabled PCI Requirement 2 establishes the standard in which all vendor supplied default passwords are changed prior to a device s presence and operation in the network A device fails requirement 2 1 if the username passwords or SNMP credentials being used by AirWave to communicate with the device are on a list of forbidden default credentials The list includes common vendor default passwords for example When Disabled device passwords and other vendor default settings are no
238. ault Values Setting Default Description SNMP Version Sets the version of SNMP used by AirWave to communicate to the AP Enable DNS Enables the DNS client on the AP Enabling the DNS client allows you to set some values on the Client AP by hostname instead of IP address If you select Yes for this setting additional DNS fields display Primary DNS Blank Sets the IP address of the Primary DNS server server Secondary DNS Blank Sets the IP address of the Secondary DNS server server Default DNS Blank Sets the default DNS domain used by the AP domains HTTP Server Port CE Sets this port as the HTTP server port on all Proxim APs in the group Country Code United Configures AirWave to derive its time settings based on the country of location as specified in States this field 13 To configure HP ProCurve specific settings locate the HP ProCurve section and adjust these settings as required Table 49 describes the settings and default values Table 49 HP ProCurve Fields and Default Values Setting Default Description SNMP Version Sets the version of SNMP used by AirWave to communicate to the AP ProCurve XL ZWeSM CLI Telnet Sets the protocol AirWave uses to communicate with ProCurve XLWeSM devices Communication Selecting SSH will use the secure shell for command line CLI communication Selecting Telnet will send the data in clear text via telnet Controller SNMP Version Specifies the version of SNMP used by AirWave to co
239. aults for wireless environments Enabling or Disabling PCI Auditing Perform these steps to verify status and to enable or disable AirWave support for PCI 1 2 requirements enabling one or all PCI standards on AirWave enables real time information and generated reports that advise on Pass or Fail status The PCI auditing supported in AirWave is reported in Table 38 l To determine what PCI Compliance standards are enabled or disabled on AirWave navigate to the AMP Setup gt PCI Compliance page illustrated in Figure 34 66 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Figure 34 AMP Setup gt PCI Compliance Page Illustration PCI Requirement a Description Enabled S 1 1 Configuration standards for routers Yes A device fails if there are mismatches between the desired configuration and the configuration on the device 1 2 3 Install firewalls between any wireless networks and the cardholder data environment Yes A device passes if it can function as a stateful firewall 2 1 Always change vendor supplied defaults Yes A device fails if the usernames passwords or SNMP credentials being used by OV3600 to communicate with the device are on a list of forbidden credentials The list includes common manufacturer defaults w 2 1 1 Change vendor supplied defaults for wireless environments Yes A device fails if the passphrases SSIDs or other security related settings are on a list of forbidden values The list includes co
240. availability for failover scenarios The benefits of these tools include the following Provides network wide visibility even when the WLAN grows to 50 000 devices Executive Portal allows executives to view high level usage and performance data Aggregated alerts Failover Many to one failover One to one failover The Master Console and Failover servers can be configured with a Device Down trigger that generates an alert if communication is lost In addition to generating an alert the Master Console or Failover server can also send email or NMS notifications about the event Integrating AirWave into the Network and Organizational Hierarchy Dell PowerConnect W AirWave generally resides in the NOC and communicates with various components of your WLAN infrastructure In basic deployments AirWave communicates solely with indoor wireless access points and WLAN controllers over the wired network In more complex deployments AirWave seamlessly integrates and communicates with authentication servers accounting servers TACACS servers routers switches network management servers wireless IDS solutions helpdesk systems indoor wireless access points mesh devices AirWave has the flexibility to manage devices on local networks remote networks and networks using Network Address Translation NAT AirWave communicates over the air or over the wire using a variety of protocols The power performance and usability of AirWave become more app
241. ave as the AAA Client IP Address The secret should be the same value that was entered on the AMP Setup gt TACACS page 7 Select TACACS Cisco IOS in the Authenticate Using drop down menu and select submit restart NOTE AirWave checks the local username and password store before checking with the TACACS server If the user is found K locally the local password and local role apply When using TACAS it is not necessary or recommended to define users on the AirWave server The only recommended user is the backup administrator in the event that the TACAS server goes down What Next Go to additional tabs in the AMP Setup section to continue additional setup configurations Complete the required configurations in this chapter before proceeding AirWave support remains available to you for any phase of AirWave installation Configuring RADIUS Authentication and Authorization For RADIUS capability you must configure the IP Hostname of the RADIUS server the TCP port and the server shared secret Perform these steps to configuration RADIUS authentication 50 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide l Go to the AMP Setup gt Authentication page This page displays current status of RADIUS Figure 24 illustrates this page Figure 24 AMP Setup gt Authentication Page Illustration RADIUS Configuration Enable RADIUS Authentication and Authorization yes No Primary Server HostnamesIP Address 10 2
242. ave the following general parameters AirWave runs daily versions of all reports during predefined windows of time All reports can be scheduled to run in the background The daily version of any report is available instantly in the Reports gt Generated page The Inventory and the Configuration Audit reports are the only reports that don t span a period of time Instead these two reports provide a snapshot of the current state of the network Users can create all other reports over a custom time period on the Reports gt Definitions page All reports can be emailed or exported to XML format for easy data manipulation using a spreadsheet Reports gt Definitions Page Overview The Reports gt Definitions page allows you to define new reports and see the reports already defined The Definitions page includes these sections Report definitions section The Add button allows you to define a custom report using the Custom Options drag and drop interface or from any of the report types in the dropdown menu The Report Definitions table has a complete list of all saved report definitions with an option to return to each definition s table to further customize your report Add and Run allows you to create a report definition and run that report immediately Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 227 Run Now visible from the expanded Report Definitions menu allows immediate running of a cus
243. baOS controller sees evidence that a device might be on the wire it will up the confidence level If ArubaOS is completely sure that it is on the wire it gets classified as a rogue Wired Displays whether the rogue device has been discovered on one of your wired networks by polling routers switches your SNMP HTTP scans or Dell WIP information This column displays Yes or is blank if wired information was not detected Detecting APs Displays the number of AP devices that have wirelessly detected the rogue device A designation of heard implies the device was heard over the air Location If the rogue has been placed in VisualRF this column will display the name of the floor plan the rogue is on as a link to the VisualRF Floor Plan View page SSID Displays the most recent SSID that was heard from the rogue device Dell PowerConnect W AirWave 7 4 User Guide Using RAPIDS and Rogue Classification 177 al Table 102 RAPIDS gt List Column Definitions Continued Column Description Displays the strongest signal strength detected for the rogue device RSSI Displays Received Signal Strength Indication RSSI designation a measure of the power presentin a received radio signal Network Type Displays the type of network in which the rogue is present for example Ad hoc This type of network usually indicates that the rogue is a laptop that attempts to create a network with neighboring laptops and is less likely to be a threa
244. backup admin in case the RADIUS server goes down Optionally you can configure RADIUS server accounting on AMP Setup gt RADIUS Accounting This capability is not required for basic AirWave operation but can increase the user friendliness of AirWave administration in large networks Figure 25 illustrates the settings of this optional configuration interface Perform the following steps and configurations to enable AirWave to receive accounting records from a separate RADIUS server Figure 25 illustrates the display of RADIUS accounting clients already configured and Figure 26 illustrates the Add RADIUS Accounting Client page Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 51 Figure 25 AMP Setup gt RADIUS Accounting Page Illustration p Add New RADIUS Accounting Client Import CSW IP Network Nickname C amp 10 0 0 0 8 test fC 10 11 0 0 16 offsite_network Check All Uncheck All Delete Figure 26 AMP Setup gt RADIUS gt Add RADIUS Accounting Client Page Illustration heiii ee SY Example Network entry 10 0 0 0 8 Nickname Po Shared Secret Confirm Shared Secret l To specify the RADIUS authentication server or network browse to the AMP Setup gt RADIUS Accounting page and select Add illustrated in Figure 26 and provide the information in lable 26 2 Select Add then complete the following fields Table 26 AMP Setup gt Radius Accounting Fields and Default Values S
245. based on the username being set in this case Cisco and the password and encoding type in this case 0802455DO0A16 and 7 respectively These values can be set on a group wide level using Templates and TFTP Once these lines are set SCP can be enabled on the Groups gt Basic configuration page without problems Supporting Multiple Radio Types via a Single lOS Template Some lines in an IOS configuration file should only apply to 802 1 1g vs 802 11b For instance lines related to speed rates that mention rates above 11 0Mb s do not work for 802 11b radios that cannot support these speeds Use the SIF variable value sENDIF construct to allow a single IOS configuration template to configure APs with different radio types within the same Group as illustrated below interface DotilRadiod SIF radio_type g speed basic 1 0 basic 2 0 basic 5 5 6 0 9 0 11 0 12 0 18 0 24 0 36 0 48 0 54 0 SENDIFS SIF radio_type b speed basic 1 0 2 0 5 5 11 0 SENDIFS SIF radio_type g power local cck CCK_POWER power local ofdm sOFDM_POWER S SENDIF S Configuring Single and Dual Radio APs via a Single IOS Template To configure single and dual radio APs using the same IOS config template you can use the interface variable within the ZIF construct The below example illustrates this usage SIF interface Dotl1lRadiol interface Dot11Radiol bridge group 1 bridge group 1 block unknown source bridge group 1 spanning disabled bridge group 1 s
246. be configured for IDS events Refer to Setting Triggers for IDS Events on page 193 for additional information Selecting the AP device or controller name takes you to the APs Devices gt List page Figure 171 and Table 133 illustrate and describe the Reports gt Generated gt IDS Events Detail page Figure 171 Reports gt Generated gt IDS Events Report Illustration IDS event yesterday for All Groups and Folders XML XHTML 5 20 2009 2 00 AM to 5 21 2009 2 00 AM a Generated on 5 21 2009 2 23 AM 2 CSV export ia Email this report Top IDS Events by AP Print report AP Total Events First Event Most Recent Event idhasoft ap70 2 2 5 20 2009 11 06 PM 5 20 2009 11 06 PM Top IDS Events by Controller Controller Total Events a First Event Most Recent Event RAP Local 2 5 20 2009 11 06 PM 5 20 2009 11 06 PM 1 2 of 2 Items Page iwof1 Attack Attacker AP Controller Radio Channel SNR Precedence Time Nul Probe Response OO 1A 70 77 9C CF idhasoft ap70 2 RAP Local 802 11bg 4 5 20 2009 11 06 PM Nul Probe Response OO 1LA 70 77 9C CF idhasoft ap70 2 RAP Local 802 11bg 4 5 20 2009 11 06 PM Table 133 Reports gt Generated gt IDS Events Detail Unique Fields and Descriptions Field Description Displays the name or label for the IDS event Controllers This column lists the controllers for which IDS events have occurred in the prior 24 hours and provides a link to the APs Devices gt Monitor page for each Displays the MAC address of
247. bine rogue records Changes will occur during subsequent processing of discovery events This value cannot be larger than the rogue discovery event expiration 14 configured on the AMP Setup page unless that value is set to 0 Whether to scan the operating system of rogues Enabling this feature will cause RAPIDS to perform an OS scan when it gets in IP address for a rogue device The OS scan will be run when a rogue gets an IP address for the first time or if the IP address changes Table 95 RAPIDS gt Setup gt Classification Options Fields Default Description Sets RAPIDS to acknowledge rogue devices upon initial detection prior to their classification Acknowledge Rogues by Default Manually Classifying Rogues Automatically Acknowledges them device receives a manual classification Defines whether acknowledgement happens automatically whenever a rogue 170 Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7 4 User Guide Filtered rogues are dropped from the system before they are processed through the rules engine This can speed up overall performance but will eliminate all visibility into these types of devices Table 96 RAPIDS gt Setup gt Filtering Options Field Default Description Ignore Ad hoc rogues No Filters rogues according to ad hoc status Ignore Rogues by Signal Filters rogues according to signal strength Since anything below the established Strength threshold will be ign
248. bor Unclassified Suspected Roque Detected on WLAN wt Rogue From the APs Devices gt Rogues Contained page you can see the containment status information as shown in Figure 120 K NOTE The Rogue Containment device tab is only present for devices that support containment Figure 120 Rogue Containment Status Page Rogue Containment Status 1 5 of 5 Rogue BSSIDs Page iwofi1 Choose Columns Export to CSV Rogue a BSSID Containment State Desired Containment State Classifying Rule Location Cisco 9F 75 90 00 10 45 9F 75 90 Not Contained Contained Manual Classification Override Enterasys 36 50 18 00 01 F4 36 5C 18 Contained Not Contained Signal strength gt 75 dBm Enterasys 37 44 C3 00 01 F4 37 44 C3 Contained Not Contained Signal strength gt 75 dBm Locally Ad 71 BA 90 02 20 46 71 BA 90 Contained Not Contained Signal strength gt 75 dBm Locally Ad 71 BA 90 02 20 A6 71 BA 91 Contained Not Contained Signal strength gt 75 dBm 1 5 w of 5 Rogue BSSIDs Page iwofi Additional Settings Additional RAPIDS settings such as role filtering and performance tuning are available in the following locations Use the AMP Setup gt Roles gt Add Edit Role Page to define the ability to use RAPIDS by user role Refer to Creating AirWave User Roles on page 46 Use the AMP Setup gt General gt Performance Tuning page to define the processing priority of RAPIDS in relation to AirWave as a whole see Table 18 on page 42
249. bor lines ignored in location calculation High Quality Background Image you can disable to increase rendering speed Label Transparency Figure 196 QuickView Preferences Page Illustration General preferences selected Preferences Configure preferences for General Geert h Enable Auto Refresh every Aps minutes Ww Show Scale Users Overkys Hide neighbor fines ignored in Grid Lines 7 High Quality Background Image Label Transparency gt 70 Reset To Defaults APs select from the Configure Preferences drop down menu BW select the kbps threshold for normal green high yellow and excessive red of Users select the number of users threshold for normal green high yellow and excessive red of Uptime for the last 24 hours for normal green and excessive red Radio Status display red or green depending on the status of the radios within the AP AP Status display red or green in relation to up down status of AP Icon Size select the size of the AP icon display on the floor plan Show Channel in Label Show Transmit Power in Label Users select from the Configure Preferences drop down menu BW select the kbps threshold for normal green high yellow and excessive red Signal Strength select the dBm client threshold between excellent and poor Icon Size select the size of the client device icon display on the floor plan Overlays select display type for Heatmaps Speed Sensor Voice and Ch Uti
250. bps Number of users by time period average bandwidth in and out Figure 174 illustrates the Reports gt Detail page for the Daily Network Usage Figure 174 Reports gt Generated gt Network Usage Report Illustration Daily Network Usage Report for All Groups Folders and SSIDs 5 XML XHTML export CSV export 1 13 2011 12 00 AM to 1 14 2011 12 00 AM Email this report Generated on 1 14 2011 12 46 AM Print report Bandwidth Usage 20 M 10 M 0 Thu 00 00 Thu 06 00 Thu 12 00 Thu 18 00 Fri 00 00 Maximum Average E Bits Per Second In 5 584 Mbps 781 1 kbps G Max Bits Per Second In 5 584 Mbps 781 1 kbps E Bits Per Second Out 23 65 Mbps 2 83 Mbps m Max Bits Per Second Out 23 65 Mbps 2 83 Mbps Number of Users 200 150 100 50 Thu 00 00 Thu 06 00 Thu 12 00 Thu 18 00 Fri 00 00 Maximum Average E Avg Users 153 58 O Max Users 153 58 Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 241 Using the New Rogue Devices Report The New Rogue Devices Report summarizes rogue device information including the following categories of information Rogue devices by RAPIDS classification described in Using RAPIDS and Rogue Classification on page 167 Top rogue devices by number of discovering APs Top rogue devices by signal strength Graphical summary of rogue devices by LAN MAC address vendor Graphical summary of rogue devices by radio MAC address vendor Text based table summary of rogue devi
251. cating users consumes significant VisualRF resources A floor with hundreds or thousands of clients can take a long time to process of Rogues The number of rogue devices heard by access points on the floor This number reflects the filters configured on the VisualRF gt Setup This means that while APs on the floor might hear more rogue devices they are being filtered because of weak signal they havent been heard recently or they are ad hoc File Size The floor plan background or image reported in kilobytes The larger the file the longer it will take to render in the canvas Original Floor Plan A link to download the original image background file Viewing a Network Campus Building s RF Environment To view floors from a geographical perspective l Navigate to the VisualRF gt Floor Plans page 2 Click on each network campus or building successively to drill down further until you reach the floor plan This navigation provides information in each view as follows Network View Contains all campuses within your WLAN Campus View All buildings within a campus Building View All floors within a building Floor Plan View All devices access points clients and rogues within the floor Viewing Campuses Buildings or Floors from a Tree View As an alternative to using QuickView you can use the Tree View to view floors from a hierarchical tree as follows l Navigate to the VisualRF gt Floor Plans page 2 Select
252. cation A device gets classified by the first rule to which it complies even if it conforms to additional rules later in the sequence To create a new tule select the Add button next to New RAPIDS Classification Rule to launch the RAPIDS Classification Rule page see Figure 122 Figure 122 Classification Rule Page Rule name ee Classification Threat Level Enabled Yes No Detected on WLAN 174 Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7 4 User Guide Fill in the settings described in lable 100 then select an option from the drop down menu Table 101 defines the drop down menu options that are at the bottom left of the RAPIDS Classification Rule dialog box see Figure 122 Once all rule settings are defined select Add The new rule automatically appears in the RAPIDS gt Rules page Table 101 Properties Drop Down Menu Option Description Wireless Properties Detected on WLAN Detected on WLAN WLAN Classifies based on how the rogue is detected onthe wireless LAN 00 based on how the Classifies based on how the rogue is detected onthe wireless LAN 00 is detected on the wireless LAN Detecting AP Count Classifies based on the number of managed devices that can hear the rogue Enter a numeric value and select At Least or At Most Encryption Classifies based on the rogue matching a specified encryption method Note that you can select for no encryption with a rule that say
253. cation C yes No Session Timeout 0 65535 sec HP ProCurve 420 fo MAC Address Format Proxim AP 600 AP 700 AP only 2000 AP 4000 Avaya AP 3 Avaya AP 7 AP 4 5 6 AP Single Dash 8 ProCurve520WL v2 1 0 and higher only Cisco TKIP amp Yes O No Authorization Lifetime 900 43200 sec 1800 Cisco MIC C MMH Disabled Primary RADIUS Server Reattempt Period 0 120 fo min 0 Save Save and Apply Revert Table 55 Groups gt Security Page Fields and Default Values Setting Default Description VLANs Section VLAN Tagging and Multiple Enabled This field enables support for VLANs and multiple SSIDs on the wireless network If SSIDs this setting is enabled define additional VLANs and SSIDs on the Groups gt SSIDs page Refer to Configuring Group SSIDs and VLANs on page 83 Management VLAN ID Untagged This setting sets the ID for the management VLAN when VLANs are enabled in AirWave This setting is supported only for the following devices Proxim AP 600 AP 700 AP 2000 AP 4000 Avaya AP 3 Avaya AP 7 AP 4 5 6 AP 8 ProCurve520WL General Section If enabled the APs in the Group do not broadcast their SSIDs NOTE Creating a closed network will make it more difficult for intruders to detect your wireless network Create Closed Network communicating with other client devices on the wireless network NOTE This option may also be identified as PSPF Publicly Secure Packet Forwarding which can be us
254. cation Controller Folder Group 1 1394 74 50 1 1 10138 00 ethersphere 1322 Top Access Points 2 2198 79 00 4 2 44596 00 ethersphere 1322 Top Access Points 3 1310 86 00 1 15 2439711 00 ethersphere 1322 Top Access Points 4 1350 87 00 1 6 383120 00 ethersphere 1322 Top Access Points 5 ap105 A1 87 00 18 0 0 00 pit Aruba 3400 Top Access Points 6 00 24 6c c8 70 b5 87 50 1 0 0 00 Aruba3200 3 121 Top Access Points 7 00 1a 1e c0 1a dc 87 50 1 0 0 00 Aruba3200 3 121 Top Access Points 8 1260 88 00 5 2 73432 00 ethersphere 1322 Top Access Points 9 1242 H 88 00 3 8 2098072 00 ethersphere 1322 Top Access Points 10 1248 88 00 13 1 6185 00 ethersphere 1322 Top Access Points Most Noise 2 4 GHz 1 1350 1 0 ethersphere 1322 Top Access Points 2 2103 rS 3 0 ethersphere 1322 Top Access Points 3 1154 Q 71 50 9 1 419 00 ethersphere 1322 Top Access Points 4 2188 73 50 6 1 308 00 ethersphere 1322 Top Access Points 5 RADIOS 73 50 a 0 0 00 rfs7000 primary Top Access Points 6 00 1a 1e c0 6c 46 77 00 16 0 0 00 Aruba3600 US Top Access Points iz APOOlid aifc ca7a_ 77 50 Fi 25 20 0 0 00 default location 5500 6 0 196 0 Top Access Points 8 1372 81 50 5 0 0 00 ethersphere 1322 Top Access Points 9 00 1a 1e c0 2b 34 81 50 0 0 00 Aruba3200 3 121 Top Access Points 10 00 1a 1e c1 52 0e_ 82 00 1 1 2064 00 Aruba651 Top Access Points Most Utilized by Channel Usage 5 GHz Ranka Device
255. cation Issues Page iwof89 gt Event User MAC Address RADIUS Server XML XHTML export S csv export ia Email this report Print report Device Client authentication failed for 00 21 5C 85 BD 0B Client authentication failed for 00 21 5C 85 BD 0B Client authentication failed for 00 21 5C 85 BD 0B Client authentication failed for 00 21 5C 85 BD 0B Client authentication failed for 00 21 5C 85 BD 0B Client authentication failed for 00 21 5C 85 BD 0B Using the RF Health Report O71 SC 001 SC 00 21 5C 00 21 5C 00 21 5C 00 271 5C 00 21 5C 00 21 5C O71 SC 001 SC 00 21 5C 00 271 5C 1 20 2009 11 59 PM 1 20 2009 11 59 PM 1 20 2009 11 58 PM 1 20 2009 11 58 PM 1 20 2009 11 57 PM 1 20 2009 11 57 PM alrespace 1 alrespace 1 alrespace 1 a alrespace 1 alrespace 1 alrespace 1 x The RF Health Report tracks the top AP radio issues by noise MAC Phy errors channel changes transmit power changes mode changes and interfering devices the last two apply only if there are ARM events This report assists in pinpointing the most problematic devices on your network and lists the top 10 devices by problem type Problematic APs are displayed in two separate lists Problem Radios lists grouped by radio frequency A device will make it into the list if it violates two or more thresholds For more on the thresholds that indicate problems refer to Evaluating Radio Statistics for an AP on page 124 Oth
256. cccccsesescsssssssecssseseeseseessseeesnees 221 Using the Public Portal on Master Console cccccccsssssescssssesscecsessesessssecseseesesanenssnees 221 Adding a Managed AMP with the Master Console ceessssesscssesessessscsessesseesesseeeees 222 Using Global Groups with Master Console uu ccecsccsscssesssssscssssssssseeecsesesseseeesanenssnees 223 Upgradmg AIT VV AV E isss a aeiaaeeao 223 NOPE FACE a UCO e teeters 223 Ele OVUM NUE N YO A A E N 224 Viewing and Downloading Backup ccccssesssesseseeecssseeseesesesseeesseseeseseesesaseesseseeeneess 224 Running Backup on Demand ccccesscsseseeecsessesesseseeseeecsesecseseesesaeeesauseeseseesesaeeesausaeeneess 224 Restoring from a Backup esensnsnsnsnsnennnnenenenensrsrnnnrnrninanarararunnrnnnrunnnsnsnnnnannnnnnnnnnrnnnnnnnnnnnno 224 Using AirWave Failover for Backup ccccccsssscssesssscssssesesscseeseeecseseeseseesesausecsaseeseseesesanesanses 225 Navigation Section of AirWave Failover ccccccssscssssscssssssesecscssseesseesessesecassesessesesatenes 225 Adding Watched AirWave Stations ccccssssssescssssssesssscscsesecssseceesesecsssesessesesassesesaeseees 225 Logging out of AlrWave uu ccccsesssscssssesssscssssseecseseesesecsesaesecsesesseseesesausecausessesessesaesesausesensatees 226 Creating Running and Emailing Reports ccssescssesesssseesssssssesssesecesseseeesesersesen 22 Overview of AirWave Reports ssssastssdeicons
257. ce counts Detailed and text based table of rogue devices discovered only wirelessly with extensive device parameters and hyperlink interoperability to additional AirWave pages Detailed and text based table of all rogue devices supporting all discovery methods with extensive device parameters and hyperlink interoperability to additional AirWave pages Detailed and text based table of discovery events pertaining to the discovery of rogue devices with extensive parameters and hyperlink interoperability to additional AirWave pages This report is not run by default but is available after you define it Refer to Figure 175 for a sample illustration of this report 242 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Figure 175 Reports gt Generated gt New Rogue Devices Report Illustration New Rogue Devices Report for All Groups and Folders F XML XHTML export Rogues with classifications between Suspected Valid and Contained Rogue Zz sinless 12 11 2010 9 18 PM to 1 11 2011 9 18 PM Email this report Generated on 1 11 2011 9 24 PM Print report Devices by RAPIDS Classificatio Devices by Controller Classification RAPIDS Classification Total Controller Classification Total Suspected Rogue 151 Suspected Neighbor 1119 Suspected Neighbor 340 Suspected Rogue 507 Suspected Valid 6 Valid 79 lt unknown gt 24 Rogue 17 Unclassified 12 B Suspected Rogue 81 4 O Suspected Neighbor 50 2 O Suspected
258. ces For example the ntp clock period setting is almost never identical in the running config file and the startup config file You can use directives such as Dell PowerConnect W AirWave 7 4 User Guide Creating and Using Templates 157 lt ignore_and_do_not_push gt to customize the template to keep AirWave from reporting mismatches for this type of variance AirWave provides two types of directives that can be used within a template to control how AirWave constructs the startup config file to send to each AP and whether it reports variances between the running config file and the startup config file as configuration mismatches Lines enclosed in lt push_and_exclude gt are included in the AP startup config file but AirWave ignores them when verifying configurations Lines enclosed in lt ignore_and_do_not_push gt cause AirWave to ignore those lines during configuration verification Ignore_and_do_not_push Command The ignore and do not push directive should typically be used when a value cannot be configured on the device but always appears in the running config file Lines enclosed in the ignore and do not push directive will not be included in the startup config file that is copied to each AP When AirWave is comparing the running contfig file to the startup config file for configuration verification it will ignore any lines in the running config file that start with the text within the directive Lines belonging to an ignored and unp
259. ces gt List page to see if the device appears with a Status of Up Setting up Dell Spectrum Analysis in AirWave The spectrum analysis software modules on supported Dell PowerConnect W Series AP models can examine the radio frequency RF environment in which the Wi Fi network is operating identify interference and classify its sources The spectrum analyzer is used in conjunction with Adaptive Radio Management ARM technology While the spectrum analyzer identifies and classifies Wi Fi and non Wi Fi sources of interference ARM automatically ensures that APs serving clients will stay clear of interference Individual APs or groups of APs can be converted to dedicated spectrum monitors through the dot la and dotl 1g radio profiles of that AP or AP group or through a special spectrum override profile Each 802 11la and 802 11g radio profile references a spectrum profile which identities the spectrum band the radio will monitor and analyze and defines the default ageout times for each monitored device type By default an 802 1 la radio profile references a spectrum profile named default a which configures the radio to monitor the upper channels of the 5 GHz radio band and an 802 11 radio profile references a spectrum profile named default g which configures the radio to monitor all channels the 2 4 GHz radio band Most interference will occur in the 2 4 GHz radio band For more information about Spectrum analysis and ARM technology re
260. ces gt Manage page to include H REAP certificates radio settings and network settings Table 54 describes many of the possible fields NOTE For complete listing and discussion of settings applicable only to Dell PowerConnect W devices see the Dell PowerConnect W Configuration Guide in Home gt Documentation Table 84 APs Devices gt Manage Additional Settings Setting Default Device Type Description Mesh Role Mesh AP Mesh Devices Drop down menu specifies the mesh role for the AP as shown Mesh AP The AP will act like a mesh client It will use other APs as its uplink to the network Portal AP The AP will become a portal AP It will use a wired connection as its uplink to the network and serve it over the radio to other APs None The AP will act like a standard AP It will not perform meshing functions 138 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Table 84 APs Devices gt Manage Additional Settings Continued Setting Default Device Type Description Mesh Mobility Static Mesh Devices Select Static if the AP is static as in the case of a device mounted on a light pole or in the ceiling Select Roaming if the AP is mobile Two examples would be an AP mounted in a police car or utility truck Receive Antenna Diversity Cisco Drop down menu for the receive antenna provides three options Diversity Device will use the antenna that receives the best signal
261. cess level This page enables customization some of the information displayed in AirWave and is the place to change your password The logged in users can customize the information displayed in the AirWave header Figure 153 illustrates the Home gt User Info page and Table 122 lists the fields Figure 153 Home gt User Info Page Illustration admin is logged in as a local database user with role AMP Administration and Administrator access to RAPIDS Name Admin New Password PO Confirm New Password PO Email Address admin mycompany com Phone O Notes Filter Level For Rogue Count Valid M Customize Header Columns Yes No Stats MV New Devices V Up Wired amp Wireless Iv Up Wired IV Up Wireless V Down Wired amp Wireless MV Down Wired V Down Wireless IM Mismatched V Roques V Clients IV VPN Sessions Vv Alerts V Severe Alerts Select All Unselect All Severe Alert Threshold Major M Include Device Types V Fat APs IM Thin APs M Controllers V Switches V Others Select All Unselect All Customize Search yes No Search Preferences IM APs Devices V Clients Connected IV Clients Historical IV VPN Sessions Connected IV VPN Sessions Historical IM Rogue Clients I Folders Groups Iv Tags MV Rogues Select All Unselect All Default Number of Records per List Allrecords Reset List Preferences Reset Customize Columns for Other Roles C Yes No Console Ref
262. cess this information from the Clients gt Client Detail page by selecting the QuickView thumbnail located next to the Current Association section of this page as shown in Figure 211 Figure 211 QuickView thumbnail in Clients gt Client Detail Username dkurose AP Device 1394 Role employee Controller ethersphere 1322 Signal Quality Group 1322 Test Controller Association Time 3 24 2011 Folder Top gt Sunnyvale HQ gt 2 26 PM 1322 Test controller Duration 4 mins Device Location Connection Mode 802 11n Radio 802 11bgn 2 4GHz Bandwidth Channel Bandwidth HT20 SSID ethersphere WLAN 66 voip LAN IP Address 0 0 0 0 LAN Hostname VPN IP Address VPN Hostname Last Placed 3 24 2011 2 26 PM Auth Type WPA EAP Auth Time 4 mins PEAP Pell E a ass ee eel M a a ces E a es le ol This view is focused on the wireless user enabling you quick resolution of a user s issues and therefore disables most RF objects by default e Users only the user in focus is displayed e APs only the access point in which the focus client is associated with is displayed e Radios the heatmap represents only the radio to which the client in focus is associated e Rogues all rogues are off Client Rogue Surveys all surveys are off e Walls all walls are displayed e Lines client to AP of association e Labels all labels are disabled Tracking Location History Select a client icon in the Floor Plan and select D
263. cesseseeasenes 68 Configuring and Using Device Groups in AirWave ccssscssssessssssescssessesseseceeseenees 69 AirWave Groups Overview ccccssesesssscsessssesssesscsesesscseseceesesecsesecassesesansesessusesassesessusesatsuseeansesaees 70 Viewing All Defined Device Grou ceesessescessssesssecscseseeseseceesesecsesesessuseeassesesaesesasenss 71 Configuring Basic Group Settings cccessesescssssesssscscscsscsesesecsessssesesecesseseesesecessusesaseesesanseeasenes 72 Dell PowerConnect W AirWave 7 4 User Guide Chapter 5 Dell PowerConnect W AirWave 7 4 User Guide Adding and Configuring Group AAA S rvelrS ccccsssescssssessesescsessssesesecscseseesssecesseesasseseeaeseees 80 Configuring Group Security SettINGS cc eccssssesessssssessesesecsssesssesesesesseseesssesessesesassesesseseeasenss 81 Configuring Group SSIDS and VLANS ou ecessssesessescssssesesecscseseseesesececseseeassesessusesassusesanseeasenes 83 Configuring Radio Settings for Device GroupS c cccsesessesescsessesesseecsesessesseecesseseeassesesseseeaseees 87 Cisco WLC Group Configuration cceessssscssssssssecscsessesesesecseseseesesececsesesaesecessusesassesesanseeaseees 91 Accessing Cisco WLC Configuration cccscsccssssesssssscssseesseececsesessssecessesesassecesaesesasenes 91 Navigating Cisco WLC Configuration ccccecscssssssssssscsssssessecesseseessesessesesassesessnseeasenes 91 Configuring WLA
264. ch as 5th Floor APs usage or security policies such as Guest Access APs function such as Manufacturing APs or any other appropriate variable Devices within a group may be from different vendors or hardware models All devices within a Group share certain basic configuration settings Typical group configuration variables include basic settings SSID SNMP polling interval and so forth security settings VLANs WEP 802 1x ACLs and so forth and some radio settings data rates fragmentation threshold RTS threshold DTIM preamble and so forth When configuration changes are applied at a group level they are assigned automatically to every device within that group Such changes must be applied with every device in Managed mode Monitor mode is the more common mode A N CAUTION Always review the Audit page before pushing configuration to a device or group Individual device settings such as device name RF channel selection RF transmission power antenna settings and so forth typically should not be managed at a group level and must be individually configured for optimal performance Individual AP settings are configured on the APs Devices gt Manage page You can create as many different groups as required Administrators usually establish groups that range in size from five to 100 wireless devices 70 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Group co
265. client are tracked in the Rogue Association History table which is located under the Association History table in Clients gt Client Detail 206 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Figure 148 Rogue Association History table in Clients gt Client Detail Rogue Association History 1 3 w of 5 Past Rogue Assodations Page lwof gt Choose columns Export CSV Rogue AP SSID BSSID First Heard Last Heard Location Signal SNR Connection Mode ChBW Channel Aruba 97 33 F0 fynel 00 1A 1E 97 33 F0 8 30 2011 10 25 AM 8 30 2011 10 25 AM 71 15 802 1in 5 GHz HT40 44 Aruba 80 86 00 RSN2OfficeWLAN 00 24 6C 80 B6 08 9 1 2011 12 24 PM 9 1 2011 12 24 PM 802 11n 5 GHz HT40 40 Aruba 80 86 00 RSN2OfficeWLAN 00 24 6C 80 B6 08 9 1 2011 1 54 PM 9 1 2011 1 54 PM 80 12 802 1in 5 GHz HT40 48 1 3 of 5 Fast Rogue Assodations Page iwof gt gt Evaluating Client Status with the Clients gt Diagnostics Page The Clients gt Diagnostics page is accessible from the Clients gt Client Detail page You can also search for a user and select the associated MAC address from the search results This page provides an overview of a WLAN user s general status and connectivity on the network as illustrated in Figure 149 Figure 149 Clients gt Diagnostics Page Illustration Client Networ AP ontrollet 60 FB 42 2A C0 84 ARUBA VISITOR AL21 ethersphere Ims3 it by me qn eS E es 88 good me
266. clilb2 6 9 12 18 24 36 48 54 mcs Ny AA yg ie gol Sy ee y ILS channel power indoor channel Stransmit_power schannel_attribute enhanced beacon table on channel scan Dell PowerConnect W AirWave 7 4 User Guide Configuring a Global Template Global templates allow AirWave users to define a single template in a global group that can be used to manage APs in subscriber groups They turn settings like group RADIUS servers and encryption keys into variables that can be configured on a per group basis Perform the following steps to create a global template or to view or edit an existing global template l Go to the Group gt Templates configuration page for the global group that owns it 2 Select Add to add a new template or select the pencil icon next to an existing template to edit it 3 Examine the configurations illustrated in Figure 114 Figure 114 Group gt Templates gt Add Page Illustration Aruba 800 4 Use the drop down menu to select a device from which to build the global template and select Fetch The menus are populated with all devices that are contained in any group that subscribes to the global group The fetched configuration populates the template field Global template variables can be configured with the Add button in the Template Variables box illustrated in Figure 115 Figure 115 7emplate Variables Illustration perro Variable Name Variable Value Delete ee ee The v
267. create guest users for visitors at the front desk Add Cancel 3 The newly created login information should be provided to the person or people who will be responsible for creating guest access users 4 The next step in creating a guest access user is to navigate to the Clients gt Guest Users tab From this tab you can add new guest users you can edit existing users and you can repair guest user errors This page displays a list of guest users and data to include the expiration date the SSID for Cisco WLC and other information Figure 139 illustrates this page and Table 117 describes the information Figure 139 Clients gt Guest Users Page Illustration Guest Users Repair quest user errors Add New Guest User l 4 of 4 Guest Users Page iwofil Username Enabled Email Company Name Sponsor Name Expiration Profile Status rajnngw Yes viranc airess com Airess viranc Never Error Failed to Configure zZerkxmm Yes bob Never Error Failed to Configure bobo No bobo nowhere com arus networks arus 5 27 2009 12 00 AM User Expired a jestwrqg Yes Oriol 6 5 2009 12 00 PM User Expired m Select All Unselect All Table 117 Clients gt Guest Users Fields Field Description Repair Guest User Sets AirWave to attempt to push the guest user again in an attempt to repair any errors in the Status Errors column Add New Add New Guest User User Adds a new guest user to a controller
268. cription Interface Labels Mud Vi50 No Vi51 No Vi59 No Vi50 No Vil No ViIS9 No Vi51 No Vil No You can view details for each interface on a wired device from its individual interface page as well For details see Understanding the APs Devices gt Interfaces Page on page 132 You can configure interface settings individually or in groups For individual settings select the pencil icon next the interface name in AP Devices gt Interfaces This takes you to the Interfaces Monitoring and Configuration window which has a slightly different appearance depending on whether you are configuring a physical or virtual interface as shown in Figure 102 and Figure 103 142 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Figure 102 Physical Interfaces Monitoring and Configuration Sections Auto Detect Interface Capacity Yes No Interface capacities will automatically be updated when the device is polled Combined Bandwidth Yes No Interface Labels Fa0 11 Mode Auto v Description FastEthernet0 11 Shutdown Yes No Interface Type FastEthernet IEEE 802 3 Switchport Access VLAN 51 Switchport Mode Dynamic Auto i Switchport Trunk Native VLAN Switchport Trunk Allowed VLANs all Switchport Trunk Pruning VLANs Switchport Trunk Encapsulation Negotiate Speed Auto v Additional C
269. ct Add to create a new override or select the pencil icon next to an existing override to edit that override The Score Override add or edit page appears Figure 126 Figure 126 Add Edit Score Override Page Score Override T MAC addres O Prefix Score 4 OUI manufacturer block contains SOHO access points 4 OUI manufacturer block contains SOHO access points 0000000000 3 OUI manufacturer block contains enterprise access points 2 OUI manufacturer block contains wireless cients WiFi tags or scanners 1 Any device on the network not categorized with a higher score Table 103 RAPIDS gt Add Edit Score Override Page Fields Field Description MAC Address Prefix Use this field to define the OUI prefix to be re scored Use this field to set the score that a device with the specified MAC address prefix will receive 3 Enter in the six digit MAC prefix for which to define a score and select the desired score Once the new score has been saved all detected devices with that prefix receive the new score 4 Select Add to create the new override or select Save to retain changes to an existing override The new or revised override appears on the RAPIDS gt Score Override page 5 To remove any override select that override in the checkbox and select Delete Using the Audit Log The Audit Log is a record of any changes made to the RAPIDS rules setup page and manual changes to specific rogues This allows you to see how s
270. ct Dell support at support dell com Perform these steps to configure NMS support in AirWave l Go to AMP Setup gt NMS 2 Select Add to integrate a new NMS server or select the pencil icon to edit an existing server Provide the information described in lable 37 Table 37 AMP Setup gt NMS Integration Add Edit Fields and Default Values Setting Default Description Hostname None Cites the DNS name or the IP address of the NMS Port 162 Sets the port AirWave uses to communicate with the NMS NOTE AirWave generally communicates via SNMP traps on port 162 comers ewe S cornine annene 3 The NMS Integration Add Edit page includes the Netcool OMNIbus Integration link to information and instructions The IBM Tivoli Netcool OMNIbus operations management software enables automated event correlation and additional features resulting in optimized network uptime 4 The NMS Integration Add Edit page includes the HP ProCurve Manager Integration link Select this link for additional information zip file download and brief instructions for installation with AirWave Select Add to finish creating the NMS server or Save to configure an existing NMS server 64 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide What Next Go to additional tabs in the AMP Setup section to continue additional setup configurations Complete the required configurations in this chapter before proceeding AirWave support remains available to
271. ct W section and adjust these settings as required Table 51 describes the settings and default values of this section Table 51 Dell Fields and Default Values Setting Default Description SNMP Version The version of SNMP used by AirWave to communicate to the AP Offload WMS Configures commands previously documented in the Dell PowerConnect W AirWave 7 4 Best Database Practices Guide at support dell com manuals When enabled this feature allows AirWave to display historical information for WLAN switches Changing the setting to Yes pushes commands via SSH to all WLAN switches in Monitor Only mode without rebooting the controller The command can be pushed to controllers in manage mode also without rebooting the controller if the Allow WMS Offload setting on AMP Setup gt General is changed to Yes Dell PowerConnect This setting selects whether you d like to configure your Dell PowerConnect W Series devices W GUI Config using the Groups gt Dell PowerConnect W Config method either global or group or using Templates Ignore Rogues Configures whether to turn off RAPIDS rogue classification and rogue reporting for RAPs in Discovered by this group Remote APs 16 To configure settings for 3Com Enterasys Nortel or Trapeze devices locate the 3 Com Enterasys Nortel Trapeze section and define the version of SNMP to be supported 17 To configure support for routers and switches in the group locate the Routers and Switches section a
272. ctysvnmaeashcanetpidtasannadseastetesradiaratanadiotnnaiees 291 Sample Upload Instruction XML File s sssenensnnensnennsnensnnnnensnsnnnnensrnnnnersnnnrersnnnrnnersnns 291 Common Importation Problems ccssseesssscsessescscsessesesecesseseeseeecesseseeassesessnseeasenes 291 Importing from a Dell PowerConnect W Series Controller ceeeeeeeeeeeeeeen 291 Pre Conversion Checklist ccccesssscessscessscecseseesesesecscsesecseseceesesecaesesecsusesatsesesaeseees 291 Process on CONTONE ecien a 291 Process on AMP saesiexiscnidandivacsbeesg giak a 292 Dell PowerConnect W AirWave 7 4 User Guide Contents 9 10 Contents Appendix A Appendix B VisualRF Location APIS cccccccccsscccecccccscccccsecccsceecccccecccceseuceenueescueececauseseeneuesensaeseeaseeeneneeesears 292 Sample Device Location RESPONSEC ccscscscscsssscsssesscsessesseeseeseseeaesesessesesassesesseseeaseneeeass 292 Sample Site Inventory RESPONSEC cceccscescscssssseseceeseseesesesecsesesaesesesaesesaesesesaesesaseeeeeans 292 PADOUL VisualR F Pla Mcssiiiecusznvsersiassannadbinesshseiannesinwneathas ta aaa a eaea 293 OVENI a E a E EE 293 Minimum regui ORIG TIES vai sovsistschovresacervncadennapecs eieaa aaas Aaaa A 293 a O oa A A E E E 293 Differences between VisualRF Plan and VisualRF online cccseseeeseseeeseeeeeeen 294 Setting Up Dell PowerConnect W Instant in AirWave 1 00 cccceseseeseeecseeeteeseseeeees 295 Overview of
273. d Auth Password Taken from Device Setup gt SNMPv3 authentication password Communication NOTE SNMPv3 supports three security levels 1 no authentication and no encryption 2 authentication and no encryption and 3 authentication and encryption AirWave currently only supports authentication and encryption Privacy Taken from Device Setup gt SNMPv3 privacy password Password Communication NOTE SNMPv3 supports three security levels 1 no authentication and no encryption 2 authentication and no encryption and 3 authentication and encryption AirWave currently only supports authentication and encryption 4 In the Location field select the appropriate group and folder for the device 5 At the bottom of the page select either the Monitor Only or Management read write radio button The choice depends on whether or not you wish to overwrite the Group settings for the device being added For more information and a detailed procedure see Authorizing Devices to AirWave from APs Devices gt New Page on page I11 2 NOTE If you select Manage read write AirWave overwrites existing device settings with the Group settings Place newly discovered devices in Monitor read only mode to enable auditing of actual settings instead of Group Policy settings 6 Select Add to finish adding the devices to the network Adding Multiple Devices from a CSV File You can add devices in bulk from a CSV file to AirWave Here you
274. d configure and monitor devices to include setting AP discovery parameters performing firmware management defining VLANs and so forth For additional information refer to Enabling AirWave to Manage Your Devices on page 52 The AMP Setup pages provide all information relating to the configuration of AirWave itself and its connection to your network This page entails several processes configurations or tools in AirWave For additional information start with Configuring AMP on page 29 NOTE Some AMP Setup pages may not be visible depending on the role of the logged in user set in AirWave The RAPIDS pages provide all information relating to rogue access points including methods of discovery and lists of discovered and possible rogues For additional information refer to Using RAPIDS and Rogue Classification on page 167 NOTE The RAPIDS pages may not be visible to the logged in user depending on their role set in AirWave VisualRF pages provide graphical access to floor plans client location and RF visualization for floors buildings and campuses that host your network Refer to Chapter 10 Using VisualRF on page 257 gt License page and might not be visible on your AirWave view Activity Section The Activity section displays all detailed configuration and monitoring information and is where you implement changes Help Links in the Ul The Help link is available on every page within AirWav
275. d Getting Started This chapter contains information and procedures for installing and launching Dell PowerConnectW AirWave and includes the following topics AirWave Hardware Requirements and Installation Media on page 17 Supported Browsers on page 17 Installing Linux CentOS 5 Phase 1 on page 18 Installing AirWave Software Phase 2 on page 18 Configuring and Mapping Port Usage for AirWave on page 21 AirWave Navigation Basics on page 22 Getting Started with AirWave on page 28 NOTE AirWave does not support downgrading to older versions Significant data could be lost or compromised in such a downgrade In unusual circumstances requiring that you return to an earlier version of AirWave we recommend you perform a fresh installation of the earlier AirWave version and then restore data from a pre upgrade backup AirWave Hardware Requirements and Installation Media The AirWave installation CD includes all software including the Linux OS required to complete the installation of AirWave AirWave supports any hardware that is Red Hat Enterprise Linux 5 certified By default all installs are based on a 64 bit operating system AirWave hardware requirements vary by version As additional features are added to AirWave increased hardware resources become necessary For the most recent hardware requirements refer to the Dell PowerConnect W Server Sizing Guide at support dell com manuals AirWave
276. d to assign an external TFTP server on a per group basis on the Device Setup gt Upload Firmware amp Files configuration page you can enter the IP address in the Firmware Upgrade Options field on the top of this configuration page Once you have defined your first group you can configure that group to be the default group on your network When AirWave discovers new devices that need to be assigned to a management group the default group appears at the top of all drop down menus and lists Newly discovered devices are place automatically in the default group if AirWave is set to Automatically Monitor Manage New Devices on the AirWave configuration page Browse to the Groups gt List configuration page From the list of groups check the Default radio button next to the desired default group to make it the default Comparing Device Groups You can compare two existing device groups with a detailed line item comparison Group comparison allows several levels of analysis to include the following compare performance bandwidth consumption or troubleshooting metrics between two groups debug one device group against the settings of a similar and better performing device group use one group as a model by which to fine tune configurations for additional device groups This topic presumes that at least two device groups are at least partly configured in AirWave each with saved configurations Perform the following steps to compare two existing
277. d when auto provisioning access points onto a floor plan 280 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Table 146 New Building Fields and Descriptions Continued Field Description Desired Speed Speed will determine the new access points when auto provisioning Building or Campus address optional Figure 220 Create New Building Window Create New Building Name Campus East Longitude Latitude Distance between Ia floors ft aii Attenuation F floors dBm u s Gagi Tii a ee o Address 3 Select OK to save A new Building icon will appear in the middle of the canvas 4 Drag the Building icon to the appropriate location on the map background K NOTE QuickView automatically saves background map images campus locations building locations and building types 5 Add appropriate geographical background or upload a personalized image by right clicking on the background Set Map allows you to browse with the included maps Custom launches the image upload wizard documented in Importing a Floor Plan on page 281 6 To change building types right click the Building icon 7 Select proper building type 8 Select the newly created Building icon from the previous step You are redirected to a blank canvas without a background You are now ready to import your floor plan Importing a Floor Plan The following steps show how to import a floor plan background image file
278. de Table 73 APs Devices gt Monitor gt Device Info Fields and Default Values Continued Field Description Quick Links Open controller web UI A drop down menu that allows you to jump to the controller s Ul in a new window NOTE For Dell PowerConnect W Series controllers if Single Sign On is enabled for your role in this AMP and you have access to this controller you will not have to enter the credentials for this controller again after selecting this link Run a command A drop down menu with a list of CLI commands you can run directly from the APs Devices gt Monitor page APs For controllers displays the number of APs managed by this device at the time of the last polling Clients Displays the total number of users associated to the device or its APs regardless of which radio they are associated to at the time of the last polling Usage Combined bandwidth through the device at time of polling This field is only available for mesh APs To see an example of mesh monitoring see Monitoring Data for Mesh Devices on page 128 Table 74 describes the information in the Radio table for APs Table 74 APs Devices gt Monitor gt Radio Fields and Descriptions Field Description Index The number of the radio used to distinguish radios that may be of the same type on a device Name The Radio type 802 11a b g n as a link to the Radio Statistics page for that radio MAC Address The MAC address of the corresponding rad
279. describes the settings and default values Table 31 Device Setup gt Communication gt Symbol 4131 and Cisco Aironet OS SNMP Initialization Fields and Default Values Setting Default Description Do Not Modity Yes When selected specifies that AirWave not modify any SNMP settings If SNMP is not already SNMP Settings initialized on the Symbol Nomadix and Cisco IOS APs AirWave is not able to manage them Enable read write When selected and when on networks where the Symbol Nomadix and Cisco IOS APs do SNMP not have SNMP initialized this setting enables SNMP so the devices can be managed by AirWave 54 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Loading Device Firmware Onto AirWave optional Overview of the Device Setup gt Upload Firmware amp Files Page AirWave enables automated firmware distribution to the devices on your network Once you have downloaded the firmware files from the vendor you can upload this firmware to AirWave for distribution to devices via the Device Setup gt Upload Firmware amp Files page This page lists all firmware files on AirWave with file information This page also enables you to add new firmware files to delete firmware files and to add New Web Auth Bundle files The following additional pages support firmware file information Firmware files uploaded to AirWave appear as options in the drop down menus on the Group gt Firmware page and on individual APs Devices gt
280. device groups l Z From the Groups gt List page select Compare two groups Two drop down menus appear Select the two groups to compare to each other in the drop down menus and select Compare The Compare page appears displaying some or many configuration categories Figure 6l illustrates this page Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 99 Figure 61 Comparing Two Devices Groups on the Groups gt List gt Compare Page Partial View Comparing group HQ RemoteAP to group Outdoor Show Similar Fields HQ RemoteAP edit Outdoor ecit 802 11 Counters Polling Period 30 minutes m 15 minutes Allow One to One NAT No Yes Bridge Forward Delay 15 op 16 Bridge Hello Time 2 4 Bridge Maximum Age 20 22 Bridge Priority 32708 32760 Cisco IOS CLI Communication Telnet ae SSH Cisco 10S Config File Communication TFIP m SCP Device Bandwidth Polling Period 10 minutes a 5 minutes Device to Device Link Poling Period 15 minutes m 30 minutes NTP Polling Interval 386400 a 3600 NTP Server 1 empty string 10 2 25 162 Override Polling Period for Other Services Yes a No Read ARP Table 4 hours 8 hours Read Bridge Forwarding Table 4 hours i 8 hours Read CDP Table for Device Discovery 4 hours 8 hours 3 Note the following factors when using the Compare page The Compare page can be very long or very abbreviated depending on how many configurations the device
281. dge forward country code us aap iprtilter list no port 3333 plz aap ipfilter list no port 3333 tcp plz deny tcp src start ip 0 0 0 0 src end ip 255 255 255 255 dst start ip 0 0 0 0 dst end ip 255 255 255 255 dst start port 3333 dst end port 3334 rule 1 Sredundancy_config logging buffered 4 logging console 4 snmp server engineid netsnmp 6b8b45674b30 176 snmp server location t location snmp server contact contact snmp server sysname shostname s snmp server manager v2 Dell PowerConnect W AirWave 7 4 User Guide Creating and Using Templates 163 snmp server Manager v3 snmp server user snmptrap v3 encrypted auth md5 Oxlaa491f4ca7c55df0F5780lbece9044c snmp server user snmpmanager v3 encrypted auth md5 Oxlaa491f4ca7c55df0f5780lbece9044c snmp server user snmpoperator v3 encrypted auth md5 0xb03blebfa0e3q402f50e2blc092ab7c9f A sample Symbol Smart RF template is provided below for reference radio radio_index radio mac radio_mac if radio_type 11a radio Sradio_index coverage rate 18 sendift s Sif radio_type llan radio Sradio_index coverage rate 18 Ssendift s Sif radio_type 11b radio radio_index coverage rate 5p5 sendift s Sif radio_type 1lbg radio Sradio_index coverage rate 6 sendift s Sif radio_type l1lbgn radio Sradio_index coverage rate 18 Sendifs A sample Symbol thin AP template is provided below for reference and for the formatting of if statements radio add radio_inde radio
282. does not appear if Guest User Configuration is disabled in AMP Setup gt General What Next Go to additional tabs in the AMP Setup section to continue additional setup configurations Complete the required configurations in this chapter before proceeding AirWave support remains available to you for any phase of AirWave configuration Configuring Login Message TACACS and RADIUS Authentication As of 7 3 AMP uses session based authentication with a configurable login message and idle timeout As an option you can set AirWave to use an external user database to simplify password management for AirWave administrators and users This section contains the tollowing procedures to be followed in AMP Setup gt Authentication Setting Up Login Configuration Options Setting Up Login Configuration Options Configuring RADIUS Authentication and Authorization Integrating a RADIUS Accounting Server Setting Up Login Configuration Options Administrators can optionally configure AMP s user idle timeout or a message of the day that appears when a user first logs in as shown in Figure 22 Figure 22 Login configuration field and results in AMP Login page AMP User Idle Timeout 10 240 min fizo Welcome to AirWave Management Platform Login message tate The AMP m a restricted access system Please direct al mgquiries to the IT department Ai rWave Usenam Password Log In 48 Configuring AMP Dell PowerConnect W AirWave
283. does not change the configuration of the device N CAUTION Put devices in Monitor Only mode when they are added to a newly established device group This avoids overwriting any important existing configuration settings Once you have added several devices to the Group and verified that no unexpected or undesired configuration changes will be made to the devices you can begin to put the devices in Manage Read Write mode using the APs Devices gt Manage or the Modify these devices link on any list page Perform the following steps to add a newly discovered device to a group l Browse to the APs Devices gt New page The APs Devices gt New page displays all newly discovered devices the related controller when known applicable and the device vendor model LAN MAC Address IP Address and the date time of discovery 2 Select the group and folder to which the device will be added from the drop down menu the default group appears at the top of the Group listing Devices cannot be added to a Global Group groups designated as Global Groups cannot contain access points 3 Select either the Monitor Only or the Manage Read Write radio button and select Add At this point you can go to the APs Devices gt List page and select the folder s to which you have assigned one or more devices to verify that your device has been properly assigned If you wish to assign a device to the Ignored page or delete it entirely from AirWave go to step 4
284. e Sets the number of days AirWave retains location history for Wi Fi tags Defines the number of days AirWave stores Rogue Discovery Events The longer you store discovery event records the more hard disk space you require Defines the number of days AirWave stores Reports Large numbers of reports over 1000 can cause the Reports gt Generated page to be slow to respond Defines automatically acknowledged alerts as the number of days AirWave retains alerts that have been automatically acknowledged Setting this value to 0 disables this function and alerts will never expire or be deleted from the database Defines the number of days AirWave retains information about acknowledged alerts Large numbers of Alerts over 2000 can cause the System gt Alerts page to be slow to respond Defines the number of days AirWave retains information about RADIUS ARM and IDS events Setting this value to 0 disables this function and the information will never expire or be deleted from the database Sets whether to archive device configurations even if the device only has rogue classifications Sets the number of days that AirWave is to support any guest user A value of 0 disables this function and guest users will never expire or be deleted from the AirWave database Sets the number of days AirWave retains historical information after AirWave last saw a client on a specific SSID Setting this value to 0 disables this function and inacti
285. e This chapter describes the deployment of device groups within AirWave The section below describes the pages or focused subtabs available on the Groups tab Note that the available subtabs can vary significantly from one device group to another one or more subtabs may not appear depending on the Default Group display option selected on the AMP Setup gt General page and the types of devices you add to AMP Figure 36 Subtabs under the Group tab Home Helpdesk Bei APs Devices Users Reports System Device Setup AMP Setup RAPIDS VisualRF List Monitor ji Templates Securih SSIDs AAA Servers Radio Aruba Config Cisco WLC Config Proxim Mesh MAC ACL Firmware List This page is the default page in the Groups section of AirWave It lists all groups currently configured in AirWave and provides the foundation for all group level configurations See Viewing All Defined Device Groups on page 71 Monitor This page displays client and bandwidth usage information lists devices in a given group provides an Alert Summary table for monitoring alerts for the group and provides a detailed Audit Log for group level activity Basic This page appears when you create a new group on the Groups gt List page Once you define a group name AirWave displays the Basic page from which you configure many group level settings This page remains available for any device group configured in AirWave Refer to Configuring Basic Group Settings on
286. e Notes Provides a free form text field to describe device information 3 Review and provide the following information in the Settings area Devices with dual radios display radio specific settings in the Slot A and Slot B area If a device is dual radio capable but only has one device installed AirWave manages that device as if it were a single slot device NOTE Devices from different vendors have different RF settings and capabilities The fields in the Settings section of the APs K Devices gt Manage page are context sensitive and only present the information relevant for the particular device vendor and model Table 83 describes field settings default values and information for the Settings section of this page Table 83 APs Devices gt Manage gt Settings Fields and Default Values Setting Default Device Type Description User configurable name for the device max 20 characters ne Domain Name IOS Field populated upon initial device discovery or upon refreshing settings Enable this option from AMP Setup gt Network page to display this field on the APs Devices gt Manage page with fully qualified domain names for IOS APs This field is used in conjunction with Domain variable in 10S templates Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 137 Table 83 APs Devices gt Manage gt Settings Fields and Default Values Continued Setting Default Device Type Descripti
287. e Cisco4400 Status Up OK Configuration Mismatched More Details Last Contacted 10 19 2011 2 54 PM Type Cisco 4400 WLC Firmware 4 2 209 0 Bootloader 4 0 217 0 Group Access Points Folder Top Management Mode Monitor Only Firmware Upgrades Manage Read Write Enable Planned Maintenance Mode C Yes No 3 Select Manage Read Write on the Management Mode field 4 Select Save and Apply then Confirm Edit on the confirmation page to retain these settings and to push configuration to the device 5 For device configuration changes that require the device to reboot use the Schedule function to push the changes at a time when WLAN users will not be affected 6 To move multiple devices into managed mode at once use the Modify Devices link on an AP list page For more information refer to Modifying Multiple Devices on page 101 NOTE Use the Enable Planned Maintenance Mode field in APs Devices gt Manage gt General to put this device into planned maintenance During the maintenance mode no AP Down triggers will be deployed on these devices Users will not be able to K delete folders that contain devices in Planned Maintenance The devices in Planned Maintenance will show the Up status but will not be tracked in historical graphs and logs as Up You can set multiple devices into Planned Maintenance Mode in the Modify Devices link on an AP list page Configuring AP Settings l Browse to the APs Devices
288. e When selected this launches the AirWave User Guide PDF Discover Add Communication Dell Configuration if global Dell Configuration is enabled Upload Firmware amp Files General Network Users Roles Guest Users Authentication MDM Server Device Type Setup WLSE ACS NMS RADIUS Accounting PCI Compliance Overview List IDS Events Setup Rules Score Override Audit Log Floor Plans Setup Import Audit Log NOTE Adobe Reader must be installed to view the settings and default values in the PDF help file Common List Settings All of the lists in AirWave have some common options All lists are paginated with a configurable number of items per page Selecting the Records Per Page dropdown menu which usually looks like a range such as 1 20 on Dell PowerConnect W AirWave 7 4 User Guide Installing and Getting Started 25 the upper left hand side of a list table enables you select or enter the number of rows that appear at a time in the list The next down arrow displays a dropdown menu that allows you to select the exact page you would like to view as shown in Figure 1 The Choose Columns option illustrated on Figure 1 allows you to configure the columns that are presented in the list and the order in which they are presented To disable a column clear its checkbox To reorder the columns drag a row to the appropriate new position When you are satisfied with the enabled columns and their order se
289. e and Queens Store from subfolder3 Rwo subfolders under San Francisco Sunset Store and SOMA Store from subfolder3 298 Setting Up Dell PowerConnect W Instant in AirWave Dell PowerConnect W AirWave 7 4 User Guide Remaining Manual Admin Tasks in AMP The Admin will then complete the following tasks in AMP l Enable the newly created Admin User Role in AMP Setup gt Roles as shown in Figure 232 Figure 232 Enable Admin User Role in AMP Setup gt Roles Home Helpdesk Groups APs Devices Users Reports System Device Setup BAe General Network Users Guest Users Authentication MDM Server WLSE ACS NMS RADIUS Accountin Days R Role Name Acme Admin Enabled Yes C No Type i Manager ial AP Device Access Level Manage Read Write Top Folder Acme ial RAPIDS Read Only ial VisualRF Read Write ial Helpdesk Yes No 2 In Groups gt Template for the newly created Acme group verify the first Virtual Controller s auto created template NOTE The auto created template is most useful if the first Virtual Controller for the top level Organization String is fully configured on site before it is pointed at AMP in the Virtual Controller s Ul 3 Evaluate approve or ignore incoming Virtual Controllers with a different top level Organization String and or Shared Secret in the APs Devices gt New list Subsequent IAPs are auto authorized if they have an Organization Shared Secret key that matches the Shared Secret ke
290. e 1322 Top Access Points 8 Fish bowl 3 6 90 00 4 767319 00 ethersphere 1322 Top Access Points 9 ap65 c2 2e 4a 2 2 104 50 0 0 00 chicken fingers Aruba2400 Top Access Points 10 1242 H 1 1 88 00 8 2098072 00 ethersphere 1322 Top Access Points Most Transmit Power Changes 2 4 GHz Tesssiatt Pinter T Average Chases Utiization Maabarf istes Sendatdth hel _ Lecettes r Feller Grong 1 00 24 6c c4 ce a6 29 20 0 Aruba651 Top Access Points 2 00 1a 1e c1 52 0e 13 1 7 1 Syy 00 Aruba651 Top Access Points 3 1249 10 8 90 50 1 56 00 ethersphere 1322 Top Access Points 4 1248 8 4 90 50 0 65 00 ethersphere 1322 Top Access Points 5 00 1a 1e c0 6c 46 7 16 77 00 0 0 00 Aruba3600 US Top Access Points 6 1394 5 1 83 50 0 0 00 ethersphere 1322 Top Access Points FZ 1350 5 1 53 00 0 0 00 ethersphere 1322 Top Access Points 8 ap105 A1 5 6 86 50 0 0 00 pit Aruba 3400 Top Access Points 9 1260 3 6 86 50 2 676 00 ethersphere 1322 Top Access Points 10 2188 3 6 73 50 1 308 00 ethersphere 1322 Top Access Points Least Utilized by Channel Usage 5 GHz Interference Number of Users _ 3 AP0018 19bd b1d0 1 57 1 57 0 0 00 ap lab Cisco4400 Top Access Points 2 AP10 3 15 3 15 0 0 00 Sales Office helo Cisco4400 Top Access Points Least Utilized by Channel Usage 2 4 GHz NumberofUsers Bandwidth bps Location Controller Folder Group i AP001d alfc ca7a 22 83 20 47 0 0 00 default location 5500 6 0 196 0 Top Acce
291. e 37 Choose Columns link cceeeeeeeeeeeeeeeeeeneens 30 Uae ete cne cee ese E eae cetera 123 Cisco AG eee ee eee ee 50 OUI E 69 151 162 configuring IOS templates 157 160 Dynamic AP Management in AMP 141 IO eane 50 60 69 76 137 151 160 safe flag in firmware upgrade nsss 145 Wireless Domain Services 58 IVY E O E 57 69 77 MESE er nes ah aamaciamanceraenwadeseassetenins 58 267 Cisco Discovery Protocol og B geen ne E 111 Client Transmit Power see VisualRF 260 comparing device QIOUPS eeceeceeeeeseeeeeeeeteeeeeeeees 99 configuration change jobs viewing eesse 216 configuration change jobs viewing seee 136 Configuration Compliance chatt eee 211 Connected Users table 0 0 ceececeeceeeeeeeeeeeeeees 132 Containment managing rogue AP 171 CSV File adding multiple devices with 114 Index 303 Current Association cccccceccecceccececceccaccaceeeeaeeeces 206 D dashboard customizing display ceeeeeeseseeeeeeeneeeeeeeees 32 date and time conii girini ec re eee vne nr erent leer eee 18 Deauthenticate Client c ccccccscccesccesceseeeeeess 206 Dell PowerConnect Overrides 0 c0cecceeeeeees 150 Dell PowerConnect W GUI Config ee 140 Dell PowerConnect W Instant 0065 295 300 Detected Interfering Devices ieee 128 Device Events cccccceccecceccececceccccecceccuccecsueeecass 40
292. e Groups gt Radio configuration page allows you to specify detailed RF related settings for devices in a particular group 2 NOTE If you have existing deployed devices you may want to use the current RF settings on those devices as a guide for configuring the settings in your default Group Perform the following steps to define RF related radio settings for groups l Go to the Groups gt List page and select the group for which to define radio settings by selecting the group name Alternatively select Add from the Groups gt List page to create a new group define a group name In either case the Monitor page appears 2 Go to the Groups gt Radio page Figure 44 illustrates this page Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 87 Figure 44 Groups gt Radio Page Illustration Group Aruba HQ Radio Settings Proxim AP 600 AP 700 AP 2000 AP 4000 Avaya AP 3 Avaya AP 7 AP 4 5 6 ProCurve520WL Allow Automatic Channel Selection 2 4 GHz C Yes No Load Balancing C Yes No Allow Automatic Channel Selection 5 GHz C yes No Interference Robustness C Yes No Allow Automatic Channel Selection 4 9 GHz c G Public Safety Yes No Distance Between APs Large 802 11b Data Rates Mbps 1 0 Optional 802 11g Operational Mode 802 11b only 2 0 Required_ 802 11abg Operational Mode 8302 11b 802 119 Li Optional v l 802 11b Transmit Rate Auto Fallback
293. e SolarWinds used for the IP Address firmware upgrade This option displays when the user selects the Use an external firmware file option Firmware Filename Enter the name of the firmware file that needs to be uploaded Ensure that the firmware file is in the TFTP root directory If you are using a non external server you select Choose File to find your local copy of the file NOTE Additional fields may appear for multiple device types AirWave prompts you for additional firmware information as K required For example Intel and Symbol distribute their firmware in two separate files an image file and an HTML file Both files must be uploaded to AirWave for the firmware to be distributed successfully via AirWave 6 Select Add to import the firmware file To delete a firmware file that has already been uploaded to AirWave return to the Device Setup gt Upload Firmware amp Files page select the checkbox for the firmware file and select Delete Go NOTE A firmware file may not be deleted if it is the desired version for a group Use the Group gt Firmware page to investigate this potential setting and status Using Web Auth Bundles in AirWave Web authentication bundles are configuration files that support Cisco WLC wireless LAN controllers This procedure requires that you have local or network access to a Web Auth configuration file for Cisco WLC devices Perform these steps to add or edit Web Auth bundles in AirWave l G
294. e Type Displays the template that applies to APs or devices of the specified type If vendor Any Model is selected the template applies to all models from that vendor that do not have a version specific template defined If there are two templates that might apply to a device the template with the most restrictions takes precedence Status Displays the status of the template Fetch Date Sets the date that the template was originally fetched from a device 152 Creating and Using Templates Dell PowerConnect W AirWave 7 4 User Guide Table 89 Groups gt Templates Fields and Default Values Continued Description Version Designates that the template only applies to APs running the version of firmware specified If the restriction is Restriction None then the template applies to all the devices of the specified type in the group If there are two templates that might apply to a device the template with the most restrictions takes precedence If there is a template that matches a devices firmware it will be used instead of a template that does not have a version restriction 3 To create a new template and add it to the AirWave template inventory go to the Groups gt List page and select the group name and the Details page appears Select Templates then Add 4 Complete the configurations illustrated in Figure 113 and the settings described in Table 90 Dell PowerConnect W AirWave 7 4 User Guide Creating and Using Templates
295. e bytes Location Displays the QuickView box allows users to view features including heatmap for a device and location history for a user Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 123 Table 77 APs Devices gt Monitor gt Connected Clients Fields and Default Values Continued Description LAN IP Displays the IP assigned to the user MAC This information is not always available AirWave can gather it Addresses from the ARP cache of switches discovered by AirWave As of AMP 7 4 this column can accommodate multiple IP addresses for a client if it has both IPv4 and IPv6 LAN Hostnames The DNS hostname s broadcast by the client As of 7 4 this column can accommodate multiple hostnames for a client if it has both IPv4 and Pv6 The Recent Events area lists the most recent events specific to the device This information also appears on the System gt Events Log page refer to Using the System gt Event Log Page on page 186 Table 78 describes the fields in this page that display in the Recent Events table Table 78 APs Devices gt Monitor gt Recent Events Fields and Default Values Field Description Displays the day and time the event was recorded User Displays the user that triggered the event Configuration changes are logged as the AirWave user that submitted them Automated AirWave events are logged as the System user Event Displays a short text description of the ev
296. e controller Manage rogue AP If disabled AMP will display the desired containment settings but will not push containment in monitor only them to devices This may result in mismatches in device classifications This mode can be useful for administrators that want to see what RAPIDS would push to the controller without making any changes to their network If enabled AMP will push the desired containment settings to the controllers in Monitor Only mode as well as the devices in Managed mode Maximum number of APs to 3 Sets the maximum number of APs that will contain a rogue on Cisco WLC contain a rogue controllers l Navigate to the RAPIDS gt Setup page 2 From the Containment Options section select Yes in the Manage rogue AP containment field Once this is done the Contained Rogue classification will appear as an option in the classification drop down menu as shown in Figure 119 Additionally once this option been enabled the option to manage contained APs in Monitor Only mode becomes available Containment in Monitor Only mode means configuration changes will still be pushed to the controller even though it is in monitor only mode Dell PowerConnect W AirWave 7 4 User Guide Using RAPIDS and Rogue Classification 171 Figure 119 RAPIDS gt Classification Rule Menu with Containment RAPIDS Classification Rule Classification Unclassified iw Valid Threat Level Suspected valid Neighbor Enabled Suspected Neigh
297. e drop down menu See Figure 133 Table 108 itemizes and describes device trigger options and condition settings Table 108 Device Trigger Types Option Description Device Down This is the default type whenever configuring a new trigger This type of trigger activates when an authorized monitored AP has failed to respond to SNMP queries from AirWave To set the conditions for this trigger type select Add in the Conditions section Complete the conditions with the Option Condition and Value drop down menus The conditions establish the device type Multiple conditions can apply to this type of trigger The Device Down trigger can be configured to send alerts for thin APs when the controller is down this behavior is turned off by default Triggers with the Minutes Down condition enabled will compare the amount of time an AP has been down to the value in minutes set for the condition When the Limit by number of down events is enabled you can set the number of down events that activate the trigger as well as the duration of the time window to be measured AMP will then count the number of times that the device has gone from Up to Down in the specified span of time and display this in the Device Down alert Device Up This trigger type activates when an authorized previously down AP is now responding to SNMP queries To set the conditions for this trigger type select Add in the Conditions section Configuration This trigger type activates whe
298. e hard drive space for each partition If a drive reaches over 80 full you may want to lower the Historical Data Retention settings on the AMP Setup gt General page or consider additional drive space There are several initial steps that you can take to troubleshoot AirWave performance problems including slow page loads and timeout errors Initial troubleshooting steps would include the following Increasing the polling period settings on the Groups gt Basic page Increasing the polling period time for groups with routers and switches Adding additional memory to the server Please consult the sizing information in the latest edition of the Dell PowerConnect W AirWave 7 4 Server Sizing Guide or contact Dell support at support del com for the latest recommendations 220 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide K Supporting AirWave Servers with the Master Console The Master Console MC is used to monitor multiple AirWave stations from one central location The Master Console is designed for customers running multiple AirWave servers Once an AirWave station has been added to the MC it will be polled for basic AirWave information Much like the normal Home gt Overview page the Master Console Home gt Overview page provides summary statistics for the entire network at a glance Figure 158 illustrates the Overview page Figure 158 Master Console Home gt Overview Page Illustrat
299. e same top level folder Non admin users are only able to see data and users for devices within their assigned subset of folders Perform the following steps to view add edit or delete user roles l Go to the AMP Setup gt Roles page This page displays all roles currently configured in AirWave Figure 20 illustrates the contents and layout of this page Figure 20 AMP Setup gt Roles Page Illustration Add New Role Name a Enabled Type _ Access Level Top Folder Visible Groups RAPIDS VisualRF Helpdesk C Myrole Yes Guest Access Sponsor Top None Read Only No Administration Yes Administrator Top All Read Write Read Write Yes Read Only Monitoring amp Auditing Yes AP Device Manager Audit Read Only Top All None Read Only No Select All Unselect All 2 Select Add to create a new role select the pencil icon to edit an existing role or select a checkbox and select Delete to remove that role from AirWave When you select Add or the edit icon the Add Edit Role page appears illustrated in Figure 21 Figure 21 AMP Setup gt Roles gt Add Edit Role Page Illustration Role Name PO Enabled yes No Type AP Device Manager AP Device Access Level Monitor Read Only f Top Folder Top Z RAPIDS Noe J VisualRF ReadOnly Helpdesk C Yes No Guest User Preferences Allow creation of Guest Users yes No Allow accounts with no expiration ves No Allow sponsor to change sponsorshi
300. ecurity SNMP settings C Create and use a specified user Enterasys RoamAbout AP2000 Edit View Enterasys RoamAbout AP3000 AP4102 Edit View Symbol 4131 Intel 2011B Cisco Aironet IOS and Nomadix AG2000w SNMP Initialization Enterasys RoamAbout R2 Edit View Upon authorization into read write manage mode AMP can enable read write SNMP on a device using ee Edit Viev telnet commands for Cisco IOS and Nomadix devices and using the web interface for Symbol 4131 Intel dt scl 2011B devices HP ProCurve 420 Edit View Do not modify SNMP settings e ne HP ProCurve 520WL Edit View aes esclaless SN HP ProCurve 530 Edit View ae eae Perform the following steps to define the default credentials and SNMP settings for the wireless network l On the Device Setup gt Communication page locate the Default Credentials area Enter the credentials for each device model on your network The default credentials are assigned to all newly discovered APs The Edit button edits the default credentials for newly discovered devices To modify the credentials for existing devices use the APs Devices gt Manage page or the Modify Devices link on the APs Devices gt List page NOTE Community strings and shared secrets must have read write access for AirWave to configure the devices Without read write access AirWave may be able to monitor the devices but cannot apply any configuration changes 2 Browse to the Device Setup gt Communication page locate the SNMP Se
301. ed Configuration AMP server 3 When finished select Add to return to the Managed AMPs list page 222 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Using Global Groups with Master Console To push configurations to managed groups using the AirWave Global Groups feature follow these steps l Navigate to the Master Console s Groups gt List page 2 Select Add to add a new group or select the name of the group to edit settings for an existing group 3 Select the Duplicate icon to create a new group with identical configuration to an existing group Groups created on the Master Console will act as Global Groups or groups with master configurations that can be pushed out to subscriber groups on managed AMPs Global groups are visible to all users so they cannot contain APs which can be restricted based on user role 4 Selecting the name of an existing group on the Master Console loads the subtabs for Basic Security SSIDs AAA Servers Templates Radio Cisco WLC Contig Proxim Mesh and MAC ACL pages if such pages and configurations are active for the devices in that group These subtabs contain the same fields as the group subtabs on a monitored AirWave but each field also has a checkbox The Master Console can also configure global templates that can be used in subscriber groups The process is the same as described in the Chapter 6 Creating and Using Templates except that the
302. ed in the Detected Interfering Devices table along with the timestamp of its last detection the start and end channels of the interference the signal to noise ratio and the percentage of time the interference takes place as illustrated in Figure 87 This table can be exported to CSV format and the displayed columns can be moved or hidden as needed Figure 87 Detected Interfering Devices Table Illustration 1 7 w of 7 Interfering Devices Page iwofi1 Choose Columns CSV Export Device Type Last Seen Start Channel End Channel SNR Duty Cycle Cordless Base Freg Hopper 1 14 2011 3 31 PM 1 6o 5 KBox Freg Hopper 1 14 2011 3 17 PM 1 14 63 5 Cordless Phone Freq Hopper 1 14 2011 2 10 PM 1 14 80 5 Generic Freq Hopper 1 14 2011 3 52 PM 1 14 fa 5 Video Device Fixed Freq 1 14 2011 9 25 AM 10 13 T2 99 Possible device types tor the Detected Interfering Devices table are Wi Fi Microwave Bluetooth Generic Fixed Freq Cordless Phone Fixed Freq Video Device Fixed Freq Audio Device Fixed Freq Generic Freq Hopper Cordless Phone Freq Hopper XBox Freq Hopper Microwave Inverter Cordless Base Freq Hopper Unknown Active BSSIDs Table The Active BSSIDs table maps the BSSIDs on a radio with the SSID it broadcasts to the network as illustrated in Figure 88 This table appears only for Dell PowerConnect W Series AP radios Figure 88 Active BSSIDs Table Illustration BSSID SSID 00 14 1E 86 04 60 aruba ap 00 14 1E 86 04 61 3600 wpa _psk Monito
303. ed settings ee ele Import unreferenced Aruba profiles from selected e eterenced Profiles devices Reboot selected devices Reboot Reprovision selected Aruba devices Reprovision Firmware Upgrade firmware for selected devices Upgrade Firmware Cancel firmware upgrade for selected devices Cancel Upgrade Ignore Delete Ignore selected devices that may be down for i gnore maintenance Delete selected devices from AMP Delete 3 Select one or more devices that are to share the configurations Select the checkbox for each device to modify 4 In the Modify Multiple Devices section select any button or use any drop down menu for the supported changes Any action you take applies to all selected devices Each action you take will direct you to a new configuration page or prompt you with a confirmation page to confirm your changes 102 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide 5 You are taken to a confirmation configuration page that allows you to schedule the change for a time in the future Enter a start date and time in the scheduling field and select when the change should occur from the drop down menu one time is the default but you may select recurring options for many of the actions Scheduled jobs can be viewed and edited in the System gt Configuration Change Jobs tab 6 Using the neighbor lists AirWave is able to optimize channel selection for APs Se
304. edged setting defines whether the trigger requires manual and administrative acknowledgement to gain visibility If No a new alert will be created every time the trigger criteria are met If Yes an alert will only be received the first time the criteria is met A new alert for the device is not created until the initial one is acknowledged 3 In the Trigger section choose the desired trigger Type and Severity Figure 133 illustrates some of the supported trigger types Severity levels are indicated in the email alerts The alert summary information at the top of the AirWave screen can be configured to separately display severe alerts Refer to Configuring Your Own User Information with the Home gt User Info Page on page 214 for more details Figure 133 System gt Triggers gt Add Trigger Type Drop down Menu nents Configuraton Mismatch en Controller is Devre Chent Count AP Usage Devre Resources Devre Ewent Conditions Device Uplink Status nterfaces Haadros Radio Down Type Minutes Down 202 11 Frame Counters 602 11 QoS Counters mitin Interface Usage T Condition Channel Utikeaton New Device Discovered Trigger Restrictio Cents Once you have selected a trigger type the Add Trigger page changes In many cases you must configure at least one Condition setting Conditions settings and default values vary according to trigger type Triggers with conditions can be configured to fire if any criteria match as we
305. eeatenss 157 Device Configuration File on APs Devices gt Audit Configuration Page 157 Using TSI ECV MLA serenan in saas E AEEA EAE EEE NAER 157 Using Directives to Eliminate Reporting of Configuration Mismatches 8 157 Ignore_and_do_not_push Command cceeessesccssssesesececseseeaeececseseeaesesessnseeatenss 158 Push_and_ exclude Command cecesessescscssssesesececseseesesececsesecaesesessesecassesesanseeasenes 158 Using Conditional Variables in Templates ccccccsssssssssscsssssssescssseseessseeesesesaseeeeeas 158 Using Substitution Variables in Templates ccecccssssesssssessssesssecesssseesseesessesesaseeeeeas 159 Using AP Specific Variables cccccssssssssescscssssesssesscsessesssesessesecassesessesesassesesaeseeaseneeeass 160 Configuring Cisco 10S Templates 0 0 0 ccccsccssssesssscscssscsesececscsesseseseseesesecsesesessusecassesessnsesasenes 160 Applying Startup Contig Files cssessessssesssssscssssesssesscsesecsssesessesecassesesaesecassesesaeeeasenss 161 WDS Settings in Templates ce eeseessessssesseecscseseesesesecsesecsesesessesesassesesaesesaseesesansesasenes 161 SCP Required Settings in Templates ccccsssssssscscssssesssssseseseesseesesseseesseesesseseeaseeeeeans 161 Supporting Multiple Radio Types via a Single IOS Template ccc eeceeeseee cece 162 Configuring Single and Dual Radio APs via a Single 10S Template cece 162 Configuring Ci
306. eeeee 32 33 34 Group SNMP Polling Period 0 0 0 74 USEL Groups gt Basic 73 74 75 76 77 78 79 104 CCAD soosis a 44 Groups gt Cisco WLC Config ieee 91 Groups gt Dell PowerConnect W Config 69 Groups gt Firmwate ecccceseeeeeeeeeeereeeeneee 99 Groups gt Lc yee eee Ore er cree re eer eer 71 V Groups gt MAC ACL 98 7 l l Groups gt Proxim Mesh cssccsssssssseseesssseesssseeeee 97 vendor specific device settings 38 Groups PIMP semina 96 View Device Credentials link c eee 146 Groups gt Radio ee ee 88 Virtualicontioller sce Dell Power omnect We nani Groups gt Security 81 Groups gt SSIDS cccsccsessessssesessessssestssentsseeeesen 83 TS WOU E airar sect ane eeee eee 14 25 Groups gt Templates 152 154 165 166 adding exterior walls n se 268 lE C A 25 API e E 292 IE CO ra seeecesesseseesesseseesessesceseesesecseaseseeseaeseereareees 209 Auto Arrange feature ieee 279 Home gt License 211 212 Auto Match Planned Devices 1eee 288 Home gt Managed AMPS c ssssssesseseeeeeees 222 AUtOPIOVISIONINE nsennennseneenneeneinsinsrnrrnreree nne 286 Home gt Overview c c cccsccssesesessesesesereseeeee 210 checking signal strength ssisssrssiecisissrniess 276 Home gt Search O EE EA 213 client SUTVEYS nsssenesnnnennnnnnnennnnnnnnenennnnnnnnnnnnennnnn 269 Home gt Uset Nio a 34 214 Client Transmit Powet cc ccccceeeeeeeeeees 2
307. eees 17 Heatmap see VisualRF Historical Data Retention ccccccceseeerteeeeeees 40 host name assigning host name eeeeeeseeeeeeeeeneeeeeeneees 20 HP ProCutve we ccc ccecccceccccescccececeeeecaeeeenaees 77 79 151 PTE L1G G i serere eiri 54 IAP see Aruba Instant PI SEEN SS in cette E 54 IDo By 1 e E T 195 VOTO CES EE E EEE E TE 195 Interface Monitoring page seese 132 Interfering Devices sssssrsnissisrsysnusaveeioniais 40 l termet O40 0 ol aap nee eee ee eee 17 IP address adding and assigning eeceeceeseeseeeeeeeeseeeeeeeees 19 a 006 1 cae ee ee 222 L MCC MSCS E E E E A A A O 120 Linux CentOS 5 PDS CANNING orison 18 ayer 172211 6 6 5 eee eee 28 Logging out of AirWave 0 0 ce ceeeeeeteeeenteeeteeee 226 Login message CONfIQ UTING eee eeeeeeeeeeeeeeees 49 logs ARM Pe VC reos 127 ASVING NOG COT ss ch sepiuceccushersiensncavensscidnendteagunlibencs 185 audit oo eeeeeccccccceceeeeeeeeeeeeeeeeeeeeeeeeeeeeeeseeeedeeeeeeeeeeeeens 39 config_pushet aces erveresresiateasasteatcanetee 185 33508 e E E eee 185 SLON re eee 39 Dell PowerConnect W AirWave 7 4 User Guide MAC Phy CrrOTS ee reer ene eaaa 126 Maintenance windOws scsccceeeeeeeees 79 103 141 Manage Read Write eeeeeeeeseeeeeeeeeeeeeeeees 47 Managed AMPs LOLE T T e N A E A A A 222 Master Console 15 221 Public Portal 221 Master Console and Failover ccccccceeeeeeeeeess 15
308. eeneesasavanes 18 Installing AirWave Software Phase 2 cccccccccscssssssssssssssescscscscscsesesesssececesesecessesesesesesnsecesanaees 18 Getting eel he eects cece pss tc one vataosat ae EE A ENE 18 Step 1 Configuring Date and Time Checking for Prior Installations cesses 18 Bi VGH NE oa EEE I EE 18 Previous AirWave Installations c cc cccssessecssesseecssssesssscsesseeesseseesesessesaseesaeseseeeess 19 Step 2 Installing Air Wave Software csccssssssesssecssssssesesececseseesesesesseseeasesesseseeaseeeeeens 19 Step 3 Checking the AirWave Installation ccecsssssssesssscscsessesseeceseseesseesesseseeateneeeen 19 Step 4 Assigning an IP Address to the AirWave System ccccsecssscsscsseecssseeseseeeeseees 19 Step 5 Naming the AirWave Network Administration System sssssssccccccrssss 20 Step 6 Assigning a Host Name to AirWave cccccscscssesssssscssssssesseesssseseesseesssseseeateneeean 20 Step 7 Changing the Default Root PaSSWOM ccccceseseseescscsessesseesecssseeseeesesseseeateneeees 20 Completing the 1S Cal AMO rissin a EE at 21 Configuring and Mapping Port Usage for AirWave ccccccscsesessescscssssesssssessesessesesessesesasenes 21 AirWave Navigation BaSiCs cccccssscssssesssscssssssscsssseessessssesecseseeseseesesassesauseeseseesesassesauseeseseeoes 22 SSO CCO EE A 22 Navigation Sec UON ee E E 23 ACI SOC O e E E A itadens 25 Hem Hanksin Ne Uian E E T EE 25 Gommon Hst Se
309. eful for enhanced security on public wireless networks Communication Block All Inter client E If enabled this setting blocks client devices associated with an AP from EAP Options Section WEP Key Rotation Interval 300 Sets the frequency at which the Wired Equivalent Privacy WEP keys are rotated in the device group being configured The supported range is from 0 to 10 000 000 seconds RADIUS Authentication Servers Section RADIUS Authentication Not selected Defines one or more RADIUS Authentication servers to be supported in this device Server 1 4 group Select up to four RADIUS authentication servers from the four drop down menus Dell PowerConnect W AirWave 7 4 User Guide Table 55 Groups gt Security Page Fields and Default Values Continued Default Description Authentication Profile AMP For Proxim devices only this field sets the name of the authentication profile to be Name Defined supported in this device group Server 1 Authentication Profile For Proxim devices only this field sets the name of the authentication profile index Index to be supported in this device group RADIUS Accounting Servers Section RADIUS Accounting Server Not selected Defines one or more RADIUS Accounting servers to be supported in this device 1 4 group Select up to four RADIUS accounting servers from the four drop down menus Authentication Profile For Proxim devices only this field sets the name of the accounting prof
310. egion Double click to end the outline process 3 Name the region select a Region Type of IDF and select OK as shown in Figure 202 Figure 202 Adding a new IDF Region New Region Region Name IDF Region Region Type J Location Testing a IDF J Location Probability prp Ok Now that the IDF is defined you will see a green IDF icon on your floor plan Double click that icon to navigate into the IDF l Add a rack to the IDF by selecting the Add Empty Rack icon and dragging it to the background 2 To add a planned device select the Add Planned Device icon to view the Manually Provision Rack Gear menu Select the device type in the Type menu and then find the device you want to add Drag it into the rack at the appropriate location 3 To add a wired device that is currently being monitored by AMP select Add Deployed Device 4 Locate the device to be added 5 Drag the device to the appropriate location in the rack as shown in Figure 203 Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 271 Figure 203 Provisioning Devices IDF Edit Devices a i ae ae Editing Locked Add Deployed Device Add Planned Device Add Empty Rack Manually Provision Rack Gear X Type Aruba Controllers S gt gt Aruba 200 Aruba 620 Aruba 650 Aruba200 1 Aruba 651 Aruba 800 Aruba 2400 ee SS F Ana 3200 Aruba 3400 Aruba 3600
311. elected devices for current user count and bandwidth data overrides default poll settings for the group Polling numerous devices may create a temporary performance load on your AirWave server Audit selected devices Fetches the current configuration from the device and compares it to the desired AirWave configuration The audit action updates the Configuration Status NOTE In versions of AirWave previous to 7 3 the Audit button appeared on Groups gt List for groups with audit disabled Now if a group has audit disabled for its devices AirWave doesnt show the Audit button in the Modify devices list Takes you to the Reports gt Definitions page where you can define or run a custom report for selected devices For more details and a procedure see Using Custom Reports on page 231 Run report on selected devices Update the credentials AMP Update changes the credentials AirWave uses to communicate with the device It does not uses to communicate with change the credentials on the AP these devices Add Maintenance Window Automate the manual action of putting the selected devices into Manage mode at once so that changes can be applied and after the maintenance period Is over the devices automatically revert to Monitor Only mode Maintenance windows can be set as a one time or recurring event Delete all Maintenance Deletes all maintenance windows set for these devices Windows Import settings from selected Audit updates a nu
312. emplate can be fetched from a model device using the Cisco IOS device procedure described in Configuring Cisco IOS Templates on page 160 Cisco IOS template directives such as ignore_and_do_not_push can also be applied to Symbol templates Certain parameters such as hostname and location are turned into variables with the tags so that device specific values can be read from the individual manage pages and inserted into the template They are listed in Available Variable boxes on the right hand side of the template fields Certain settings have integrated variables including ap license and adoption preference id The radio preamble has been template integrated as well An option on the Group gt Templates page reboots the device after pushing a configuration to it A sample Symbol controller partial template is included below for reference l configuration of RFS4000 version 4 2 1 0 005R I version 1 4 aaa authentication login default local none service prompt crash info I network element id RFS4000 I username admin password 1 5baa6le4c9b93f3f0682250b6cf8331b7ee68fd8 username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931 I l access list 100 permit ip 192 168 0 0 24 any rule precedence 10 I spanning tree mst cisco interoperability enable spanning tree mst configuration name My Name I ip dns Server Llorward wwan auth type chap no bridge multiple spanning tree enable bri
313. ent Evaluating Radio Statistics for an AP The APs Devices gt Monitor gt Radio Statistics page contains useful data for pinpointing network issues at the AP radio level for Dell APs and Cisco WLC thin APs firmware 4 2 or greater To see radio statistics details navigate to the APs Devices gt Monitoring page for a supported AP and select the linked radio under the Name column in the Radios list table as illustrated in Figure 81 Figure 81 Links to the Radio Statistics page on APs Devices gt Monitoring for an AP MAC Address Users BW Kbps Channel Tx Power Antenna Type Active 5SIDs OO 1TA 1E 85 54 70 Internal o OOMATESS 54 650 Internal Overview of the Radio Statistics Page The Radio Statistics page displays transmit and receive statistics about the communication quality of individual radios Depending on the AP assigned group profiles and recent activity on this radio this data gives visibility into recent and historical changes in the network fetches real time statistics from the AP s controller indicates actively interfering devices requires Dell PowerConnect W Series APs set to Spectrum mode and summarizes major issues Viewing Real Time ARM Statistics Dell AP Groups that have the Adaptive Radio Management ARM feature enabled continuously optimize each AP to use the best channel and transmission power settings available An AP configured with ARM will automatically adjust to a better c
314. er Info Page on page 214 The table below describes these elements in further detail Table 5 Status Section Components of the AirWave GUI Field Description New Devices The number of wireless APs or wireless LAN controllers that have been discovered by AirWave but not yet managed by network administrators When selected AirWave directs you to a page that displays a detailed list of devices awaiting authorization Up The number of managed authorized devices that are currently responding to AirWave requests When selected AirWave shows a detailed list of all Up devices Down The number of managed authorized devices that are not currently responding to AirWave SNMP requests When selected AirWave shows a detailed list of all Down devices Mismatched The total number of Mismatched devices A device is considered mismatched when the desired configuration in AirWave does not match the actual device configuration read from the device Rogue The number of devices that have been classified by the RAPIDS rules engine above the threshold defined on the Home gt User Info page 22 Installing and Getting Started Dell PowerConnect W AirWave 7 4 User Guide Table 5 Status Section Components of the AirWave GUI Continued Field Description Clients The number of wireless users currently associated to the wireless network via all the APs managed by AirWave When selected AirWave shows a list of users that are associated Prior to AMP 7 4
315. er a search string new or deleted devices that match the search string will automatically be included or excluded in all future reports generated until you delete or change the search string For certain reports such as New User and Client Session will allow you to search devices associated with a specific user or device Filter by All Device Filter this report by device type By selecting the second option Use selected device types you device type Types can select the checkboxes next to the specific device types you want to filter on Access Points such as campus APs remote APs and different types of Mesh APs Controllers Master Local Standby and Virtual Switches amp Routers and Universal amp Custom Devices All SSIDs This field displays for most report types When this field appears and when you select Use Selected IDs a new list of SSIDs displays Check select the specific SSIDs to be included in the report 252 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Table 135 Reports gt Definitions gt Add Page Fields Continued Default Description Report Start Blank These fields establish the time period to be covered by the report These fields are supported for Report End most report types When these fields do not appear the report provides a snapshot of current status rather than information covering a period of time Times can be entered in relative or absolute form
316. er lists grouped by radio frequency include Most Noise Most Least Utilized by Channel Usage Most MAC Phy Errors Most Channel Changes Most Transmit Power Changes If an RF Health Report has not been generated before you can create it by following the instructions on the Defining Reports section of this chapter Figure 180 illustrates a sample RF Health Report Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 247 Figure 180 Reports gt Detail gt Daily RF Health Report Page Illustration Daily RF Health Report for All Groups and Folders Z XML XHTML export CSV export aia Email this report p Print report 1 4 2011 12 00 AM to 1 5 2011 12 00 AM Generated on 1 5 2011 12 36 AM Problem 5 GHz Radios Device 9 a a a a a Setcsficing Devioxs_ amp 1394 1 74 50 10138 00 ethersphere 1322 Top Access Points 2198 4 79 00 S 44596 00 ethersphere 1322 Top Access Points Problem 2 4 GHz Radios OO 1a 1e c0 6c 46 16 7 0 4579200 0 Aruba3600 US Top Access Points 1154 Q 9 1 0 123984000 1 ni 00 ethersphere 1322 Top Access Points 1350 1 5 0 53 00 345600 0 0 00 ethersphere 1322 Top Access Points 2103 3 1 0 61 50 99100800 0 0 00 ethersphere 1322 Top Access Points 2188 6 3 0 73 50 60652800 i 308 00 ethersphere 1322 Top Access Points Most Noise 5 GHz Ranka Device Average Noise ChannelChanges Average Channel Utilization Number of Users Bandwidth bps Lo
317. erts Severe Alerts You can also set the severity level of critical alerts displayed for a user role For details including a description of what constitutes a severe alert see Setting Severe Alert Warning Behavior on page 34 Customizing Columns in Lists Customize the columns for any list table selecting Choose Columns as shown in Figure 5 Use the up down arrows to change the order in which the column heads appear Figure 5 Choose Columns Dropdown List 20 records per page Y of 5Users Page iwofi Choose Columns Username Role MAC Address AP iSave Cancel tion SSID 00 22 FA BA B7 62 Ciscc muirtesti200 00 24 2C 05 BB C3 Cisco Username t muirtest1200 00 1C B3 05 44 1E Roar Role t RoamAbout De 00 23 12 DF D8 F5 Ciscc a muirtest1200 g z 00 22 41 0C 40 39 ag 2 M MAC Address T 1 5 wof 5Users Page 1 wof1 AP Device t Location t Alert Summary at 10 30 2009 2 19 PM ccm I Type a Last 2 Hours VLAN t Event Incidents 0 AP Radio t ana L M Connection Mode fT RADIUS Authentication Issues 0 i Ch BW t For more information on the universal list elements see Common List Settings on page 25 You can also control which column heads appear for each user role by selecting Yes in the Customize Header Columns field in Home gt User Info as also appears in Figure 4 This exposes the Choose Columns for Roles dropdown menu in all tables shown in Figure 6 The first column shows the user roles that were cust
318. es Continued Field Default Description Primary Server Port soo Enter the port for the primary TACACS server Primary Server Secret Specify and confirm the primary shared secret for the primary TACACS server Secondary Server Hostname IP Enter the IP address or hostname of the secondary TACACS server Address Secondary Server Port soo Enter the port for the secondary TACACS server Secondary Server Secret va Enter the shared secret for the secondary TACACS server Select Save and continue with additional steps 4 To configure Cisco ACS to work with AirWave you must define a new service named AMP that uses https on the ACS server The AMP https service is added to the TACACS Cisco interface under the Interface Configuration tab Select a checkbox for a new service Enter AMP in the service column and https in the protocol column Select Save 5 Edit the existing groups or users in TACACS to use the AMP service and define a role for the group or user The role defined on the Group Setup page in ACS must match the exact name of the role defined on the AMP Setup gt Roles page The defined role should use the following format role lt name_of_AMP_role gt One example is as follows role DormMonitoring As with routers and switches AirWave does not need to know usernames 6 AirWave also needs to be configured as an AAA client On the Network Configuration page select Add Entry Enter the IP address of AirW
319. es discrepancies between access point containment Report status specified in AMP compared to containment status identified by the controller at report run time Using the Client Yes Yes Summarizes user data by radio mode SSID and VLAN as well Session Report as lists all sessions 254 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Emailing and Exporting Reports This section describes three ways in which distribute reports from AirWave Emailing Reports in General Email Applications Emailing Reports to Smarthost Exporting Reports to XML or CSV Emailing Reports in General Email Applications Perform these steps to set up email distribution of reports in AirWave All reports contain a link to export the report to an XML file and a text box where you may specify email addresses separated by commas to which reports are sent Select Email This Report to email the report to the address specified in the text box above the button Additional information about email based report generation is described in Defining Reports on page 252 and in Emailing Reports to Smarthost on page 255 Emailing Reports to Smarthost AirWave uses Postfix to deliver alerts and reports via email because it provides a high level of security and locally queues email until delivery If AirWave sits behind a firewall which prevents it from sending email directly to the specified recipient use the following p
320. es the campus in alphabetical order across the background 6 Drag the new Campus icon to the appropriate location on the map background K NOTE QuickView automatically saves background map images campus locations building locations and building types Creating a New Building in a Campus 1 Select the newly created Campus icon from the previous step When the blank campus area opens select the Add New Building icon 2 When the New Building window appears enter the following information Table 146 New Building Fields and Descriptions Field Description Name of the building located on an existing campus Lists all campuses configured on your AMP Longitude amp Latitude These fields are used to represent a building on Google Earth Distance between The normal distance between floors in the building This value can be overridden as each floor is floors created but this is the default value for every new floor added to the system This data element can be imported or exported to external planning tools like Ekahau It is not currently utilized by AirWave Attenuation between Enter the attenuation loss in decibels between floors This value can be overridden as each floor is floors created but this is the default value for every new floor added to the system This data element can be imported or exported to external planning tools like Ekahau It is not currently utilized by AirWave Client Transmit Power This value is use
321. esesiecsssssiseghinsscnntssadusyieavcavislbatestuemusesandatesiniuiseusesitesanecvioes 227 Reports gt Definitions Page Overview cessssccssssesssesscssssssseeseesesecsesesessesecassesesanseeatenes 227 Reports gt Generated Page OVErvieW ccscscssscssssesssssscssssesssessssesessssesesseseesssesesseseeatenss 229 Using Daily REDOTIS ee ee a er ee ee ia ieii 230 Viewing Generated REPorts ccccsssessssescssssssessescsesessesesececsesecsesececsesecassesessesesassnsesanseses 230 Using Custom Reports ccseisiccsetcisenetesatiesscesvescs caadentsedivansagusasausionssysnscaendindunessvedirecnstdacsacetniets 231 Using the Dell License Repofrt ensnenononnnenennenenennnsnnnnnnnnrnnnannrnnnnnnnnnnnnsnsnsnnnnnnnnnnnrnrnnnnsnsnnns 232 Using the Capacity Planning Re port cccscsssssssssssssssssssesssesecseseesesesessusesassesessesesaseees 232 Using the Configuration Audit Report c ccc cccscsssscsssscssssssesseseeseseesesensessesecsesessesaneneanses 234 Using the Device Summary REPOFt ceesesseecscssssesssecscseseesesececsesecsesesesseseesseesesaeseeateess 236 Using the Device Uptime Report ccccccssesesscssssessescsessesecseseesesecsesaesessesesseseesesansesaeses 237 Using the IDS Events Report esenensnnensnennensnennnnensrnnerunurnnnansrnnnnenunnnrarunsnnnnnnnnnernnnnnnnnnnnno 239 Using the Inventory Report ccccsssesssscssssesecseseessesssessesesseseeseseesesaesesaesesseseesesansesanees 239
322. esseseees 185 Using the System gt Event Log Page ssecssssssssssscscsssseseseceesesecsssesessusecassesesaeseeatenes 186 Viewing Delivering and Responding to Triggers and Alerts aanse 187 Vena E A E A E 187 Creating New TriggOrS sty cecsscenteatsvtectenassaitiaesuncetahantiatdiesaitaarsanennieaaastinassnininienens 187 Setting Triggers for D VICES cccessessescsesssseseesscseseeseseceesssecaesesesseseeassesesaeseeaseneeeass 190 Setting Triggers for Interfaces ANd RadiOS cccccsscseessssscsscecssseeeessesesseeessneeeeneen 191 Setting Triggers for DISCOVENY css satiszoncantanpinensssesdasesovecneisesaseatcrgeansesteasesidysinevatsiuabetane 191 Setting Triggers TOF CHGIIES sscacacssrsnstzsparccivaptiasecusvinsidstranatetedusiancavic onsets 192 Setting Triggers for RADIUS Authentication Issues c ccccsseeeeeeseseseeseeeeeeen 193 Setting Triggers for IDS EVents cescssesessescscssssesseesecssseeseseseesesecassesesseseeaseneeeans 193 Setting Triggers for AirWave Health ccc ccccsssssssssssssssesssecsseseesseesssseseeaseeeeees 194 Delivering BIGOT CUA ICU US iccecsrasscasssepvsssisnsanecusneceucsouisardonsrnutiateubexeomecnusesiaeautenee 194 ENTIE Sed E Soaceanesvoanen A A EE E E 194 Responding to PNT LS 2 corte sreseascdua eusevana exssiossgpu eisai truanee aunciarhanin ate aiiendscus tn cn um basae aitai aai 195 Monitoring and Supporting WLAN Clients ccecssssesssscssssssssesesesseseseesssesessesecassesesanseees
323. etrics from all the APs that hear for client placement the client or rogue device VisualRF builds a fingerprint location for all clients with similar transmit power capability All subsequent clients that fall within the deviation is placed on the same location fingerprint or x y coordinates Example AP 1 hears client at 72 and AP 2 hears client 1 at 64 VisualRF calculates the client s location to be at coordinates 100 200 Client2 is heard by AP 1 at 71 and AP 2 at 65 VisualRF will use the average of the difference in signals AP 1 72 and 71 to see if the client matches a pre calculated location fingerprint 1 1 differences in signals 2 of APs 1 which falls within the deviation of 2 hence the client would be located at 100 200 Sets the maximum number of rogues AMP will place on a Floor Use this filter in combination with the RAPIDS Export Threshold configured on the RAPIDS gt Setup page to intelligently control the number of rogue devices displayed per floor NOTE Increasing this value could increase the load on the server and the clutter on the screen Maximum Rogue APs per Floor Plan 264 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide To tune the frequency for calculating device locations within the VisualRF UL navigate to the Location Calculation Timer Settings section as described in Table 142 Table 141 Location Calculation Timer Settings Section of VisualRF gt Setup Default Descri
324. etting Default Description Nickname None Sets a user defined name for the authentication server IP Network Cites the IP address or DNS Hostname for the authentication server if you only want to accept packets from one device To accept packets from an entire network enter the IP Netmask of the network for example 10 51 0 0 24 Shared Secret Sets the Shared Secret that is used to establish communication between AirWave and the Confirm RADIUS authentication server What Next Go to additional subtabs in AMP Setup to continue additional setup configurations Complete the required configurations in this chapter before proceeding AirWave support remains available to you for any phase of AirWave installation Enabling AirWave to Manage Your Devices Once AirWave is installed and active on the network the next task is to define the basic settings that allow AirWave to communicate with and manage your devices Device specific firmware files are often required or are highly desirable Furthermore the use of Web Auth bundles is advantageous for deployment of Cisco WLC wireless LAN controllers when they are present on the network This section contains the following procedures Configuring Communication Settings for Discovered Devices Loading Device Firmware Onto AirWave optional Overview of the Device Setup gt Upload Firmware amp Files Page Loading Firmware Files to AirWave 52 Configuring AMP Dell PowerConnect W AirWave
325. every polling interval over time Clients and Usage data are polled based on the AP s group s User Data Polling Period Channel Noise and Power are based on AP Interface Polling Period 802 11 Counters data are based on the AP s group s 802 11 Counters Polling Period You can adjust the attributes of these graphs as follows Drag the horizontal slider under the graphs to move the scope of all graphs between one year ago and the current time Drag the vertical slider between graphs to change the relative width of each The Show All link displays all of the available data series The bar graph icon on the upper right hand corner of each graph opens a new window and displays all data series for the selected graph over the last two hours last day last week last month and last year in one page The graphs that display depend on the AP and or its controller Select the checkbox next to any metric to remove its data from the graph Select Collapse to remove unchecked metrics from the legend and Show All to restore them The two graph panes enable simultaneous display of two different information sets as detailed in Table 80 Radio Statistics Interactive Graphs Descriptions Graph Title Description Clients A line graph that displays the maximum users associated to the corresponding radio at polling intervals over the time range set in the slider Select Show All for other metrics such as average users and max users for various individual de
326. evice Configuration Location failed to fetch Not Available Mesh Role None Mesh AP 1210 5 Top gt HQ gt Lab sai Template Actual aaa accounting network acct methods start stop group rad acct Actual aaa authentication login eap methods group rad eap Actual aaa authentication login eap methods4 group rad eap Actual aaa authentication login mac methods local Actual aaa authorization exec default local Actual aaa cache profile admin cache Actual all Actual aaa group server radius dummy Actual aaa group server radius rad acct Actual aaa group server radius rad admin Actual cache authentication profile admin_cache Actual cache authorization profile admin_cache Actual cache expiry 1 Actual aaa group server radius rad eap Actual aaa group server radius rad eap4 Actual server 10 2 25 180 auth port 1645 acet port 1646 Actual server 10 2 25 180 auth port 1812 acct port 1813 a g mi LAJA Airwave _Cisco_LWAPP Top gt Sunnyvale HQ gt HQ Cisco LWAPP Research Lab Current Device Desired Device Configuration Configuration 802 11a Channel Assignment Method Automatic Static 802 112 Coverage Measurement 180 300 802 114 DCA Channel 165 Disabled Enabled 802 112 DCA Channel 190 Disabled Enabled 802 11a DCA Channel 196 Disabled Enabled 02 11a DTPC Support Enabled Disabled 802 1128 Data Fragmentation 2340 2337 Threshold 802 112 Global Default Transmit I 5 Power Level 802 114 Load Measurement 60 300 802 112 Noise Measurement 180 300 802 114 Power Leve
327. f Users 18 00 18 20 Average 18 20 H Click on a graph for history The Public Portal supports configuration of the iPhone interface This can be configured using the Master Console AirWave page See Defining General AirWave Server Settings on page 35 Adding a Managed AMP with the Master Console Perform the following steps to add a managed AirWave console l Navigate to the Home gt Managed AMPs page 2 Select the pencil icon to edit or reconfigure an existing AirWave console or select Add New Managed AMP to create a new AirWave console The Managed AMP page appears Complete the settings on this page as described in Table 124 Table 124 Managed AMP Fields and Default Values Field Default Description Hostname IP Address Enter the IP address or Hostname of the AirWave server to be managed Polling Enabled Enables or disables the Master Console polling of managed AirWave server Polling Period Determines how frequently the Master Console polls the managed AirWave server Username N A The username used by the Master Console to login to the managed AirWave server The user needs to be an AP Device Manager or AirWave Administrator Password N A The password used by the Master Console to login to the managed AMP Confirm Password HTTP Timeout Defines the timeout period used when polling the managed AMP server 5 1000 sec Manage Group Defines whether the Master Console can manage device groups on the manag
328. f you still experience problems then you can proceed to adding interior walls Location Training for Stationary Devices QuickView provides the ability to statically assign a permanent x y coordinate to stationary devices like PCs Scales and Point of Sale terminals This will reduce the calculation requirements on the VisualRF location service and increase the accuracy of the RF characteristics of individual floor plans l Drag the client device to the proper location 2 Select the device and a popup menu appears From that menu select Surveys and Training 3 Click the Add button for Static Training as shown in Figure 199 268 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Figure 199 Surveys and Training menu for a client device i Surveys and Training r Power Duration L 30 mil L J0 min 20 mW 5 min To remove a statically trained device select client and select the Surveys and Training option Select Delete button which will have replaced the Add button for Static Training K NOTE The static locations are automatically saved so the Save icon floppy disk will not appear Adding Client Surveys Client surveys provide a method for increasing the accuracy of the attenuation grid by taking real signal samplings from client devices associated with the WLAN Key differentiators of AMP s client surveys are 1 They take readings from the access points and not the client 2 They take numerou
329. fahous a Read CDP Table for Device Discovery fahous a Read Bridge Forwarding Table 4hours al Interface Up Down Polling Period 10 minutes tid Interface Bandwidth Polling Period 15 minutes Interface Error Counter Polling Period 30 minutes Poll 802 3 error counters C Yes No Poll Cisco interface error counters Yes No Show device settings for All devices x Automatic Static IP Assignment Assign Static IP Addresses to Devices C Yes No Spanning Tree Protocol Spanning Tree Protocol Proxim only C Yes No NTP Server 1 fe NTP Server 2 PO NTP Server 3 UTC Time Zone fo o a Daylight Saving Time C Yes No SNMP Version Cisco IOS CLI Communication Telnet SSH Cisco IOS Config File Communication TFTP scp SNMP Version CLI Communication Telnet SSH SNMP Version hooo Enable DNS Client v 3 HTTP Server Port 1 65535 bo Country Code United States SNMP Version 2c X ProCurve XL ZLWeSM CLI Communication Telnet SSH Controller SNMP Version 2c a SNMP Version 2c z Client Inactivity Timeout 3 600 min B Symbol Controller CLI Communication W55100 RFS4000 RFS6000 and RFS7000 controllers Telnet SSH only SSH Version W52000 controllers only ew C v2 Web Config Interface go os SNMP Version 2c X e a aE C Yes No Aruba GUI Config Yes C No Ignore Rogues Discovered by Remote APs C Yes No SNMP Version SNMP Version ao Add New Co
330. fair 88 good 88 good 3 possible issues 3 possible issues Den kia Trends Quality Username Signal amp Noise dBm Usage Overall rating mma Device Name OS type Apple iPhone MAC Address 60 FB 42 2A C0 84 Role amigopod visitor logon Notes ee Current Association SNR dB Indicators within the ideal range 2 Connection Mode 11g 2 4 GHz Duration 1 hour 0 minutes IP Address 10 6 3 43 Hostname SNR dB 16 Usage 32 bps Auth type No Encryption Cipher VLAN 63 Forward Mode Tunnel Encrypted Floor Plan Each section of the Clients gt Diagnostics page displays information by which to evaluate possible user issues Managing Mobile Devices with SOTI MobiControl and AirWave Overview of SOTI MobiControl SOTI MobiControl the mobile device management platform for Windows Mobile Apple and Android devices has been integrated into AirWave to provide direct access to the MobiControl Web Console MobiControl runs on your Mobile Device Manager MDM server This server provisions mobile devices to configure connectivity settings enforce security policies restore lost data and other administrative services Information gathered from mobile devices can include policy breaches data consumption and existing configuration settings Prerequisites for Using MobiControl with AirWave In order to use the MobiControl integration in AirWave the following is required An AMP running version 7 2 3 or later An MDM
331. fer to the Dell PowerConnect W Series ArubaOS 6 0 User Guide at support dell com manuals Spectrum Configurations and Prerequisites The following prerequisites must be in place to configure an AP to run in spectrum mode in AirWave The AP must be in Manage Read Write mode The AP s associated controller must have an RF protect license and must run ArubaOS 6 0 or later Dell PowerConnect W GUI Config must be enabled for that AP s group in the Groups gt Basic page There are three main situations in which you would set one or more devices to Spectrum mode in AirWave Dell PowerConnect W AP Groups running permanently with the default Spectrum profile Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 147 Individual APs running temporarily in Spectrum mode while part of an Dell PowerConnect W AP Group set to ap mode Controller level Spectrum Overrides an alternative to creating new Dell PowerConnect W AP groups or new radio profiles for temporary changes Setting up a Permanent Spectrum Dell AP Group If you have multiple supported Dell PowerConnect W Series APs in multiple controllers that you want to run in Spectrum mode over the long run you create a special Dell PowerConnect W AP group and set up a profile that is set to spectrum mode and references the default Spectrum profile Set up more than one profile if you want to utilize both radio bands in Spectrum mode If you use an 802 1 1a o
332. ferers there is no radio of association Edit Menu Figure 193 Edit Menu Options Edit x Xa x Editing Unlocked Draw Walls Draw Region Resize Building Orientation Set Origin Add Deployed Device Add Planned Device Delete Deployed Devices Planned Devices Delete Surveys Options in the Edit menu allow you to add information to the floor plan lable 138 explains the options in the Edit menu Table 138 Edit Icons and Descriptions Operation Description Edit Locked Unlocked Lock a floor plan for editing Draw Walls Add walls onto a floor plan Refer to Adding Exterior Walls on page 268 Draw Region Add region onto a floor plan Region types include Planning IDF Location Probability Location Testing and Informational Resize Update the scale of the floor plan to properly reflect the accurate dimensions of the floor plan Building Orientation Place the location of two GPS points in order to set latitude and longitude of a building This will allow VisualRF to calculate the GPS coordinates for APs clients rogues and RFID tags Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 261 Table 138 Edit Icons and Descriptions Continued Operation Description Set Orientation for proper vertical floor plan alignment Add Deployed Device Provision APs onto a floor plan APs monitored by AMP Add Planned Device Manually plan APs onto a floor plan APs not monitored by AMP Delete Planned Remove all specified
333. from VisualRF so you can import it into another AMP follow these steps Navigate back to the Network view Right click the Campus icon Select Export An object selection window appears Select the objects to export and select Export A File Download window appears wa DBD WY NO Select Save and save the zipped file to your local hard drive tor importation to another AMP At this point you are ready to deploy a production AMP and manage devices by importing your exported campus and matching the access points to your plan Importing from CAD The Floor Plan Upload Wizard FUW should inherit all pertinent information from your CAD file if you follow this procedure 1 Determine UNITS all modern CAD versions 2001 and newer support UNIT S 2 Determine MEASURE Legacy CAD versions 2000 and older used a Imperial or Metric system If UNITS are 0 or undefined then the standard dictates defaulting to MEASURE value If MEASURE is 0 or undefined then the standard dictates defaulting to English and inches 3 Find MODEL VIEW If the drawing contains multiple views the FUW will default to the Model view 4 Determine Bounding Box FUW will encompass all lines and symbols on the drawing and create a bounding box which is generally smaller than entire drawing It is based on the UNITS or MEASUREMENT above 5 Convert to JPG FUW will convert the bounding box area to a JPG file with a resolution of 4096 horizontal pixels at 100 quality
334. fy the credentials to be used to manage the AP Figure 106 illustrates this page Figure 106 APs Devices gt Manage gt Device Communication Device Communication View Device Credentials TF this device is down because its IF address or management ports hawe changed update the Fields below with the correct information IP Address 10 1 1 19 SNMF Port 161 TF this device is down because the credentials on the device hawe changed update the fields below with the correct information This device is currently using SNMP version 1 Community String TTT iii Confirm Community String CCeSEEEEES Auth Password eneeseeoes Confirm Auth Password eeeseeeaae Privacy Password TELITI Confirm Privacy Password TTT iiiii NOTE The Device Communication area may appear slightly different depending on the particular vendor and model of the APs being used Enter and confirm the appropriate Auth Password and Privacy Password 4 You can disable the View AP Credentials link in AirWave by the root user Contact Dell support at support dell com for detailed instructions to disable the link 5 Optional Enter the appropriate SSH and Telnet credentials if you are configuring Dell Aruba Networks Alcatel Lucent or any Cisco device except Cisco WLAN controllers 6 Select Apply then Confirm Edit to apply the changes to the AP immediately Schedule to schedule the changes during a specific time or Cancel to return to APs Devices
335. g Devices with the Device Setup gt Add Page cccceesessessesssseseeeseeeeees 112 Adding Multiple Devices from a CSV Fil ce ceecssssessssesssssessesseecesseseeassesessesnees 114 Adding Universal DeVICES cccscscsssseessscssessescsesseesscsessssecsesecseseesesaesesausaseesaeseeaees 115 Assigning Devices to the Ignored Page ccccccscsessescssssessssessesseesseseeseseesesateesseseeeeeess 116 MOMKE DEVICES sirere bunds ar NEEN EE NEEE OREA 116 Viewing Device Monitoring StatisticS ccssssescssssesssssscscssssesseececseseesseesessesesassesesaesnees 117 Understanding the APs Devices gt Monitor Pages for All Device Types 008 118 Monitoring Data Specific to Wireless Devices cccscseseseessscssssesseeseeseseessesesseseeatenes 118 Evaluating Radio Statistics for an AP c ccsssesccssssesssscscsessesseessesesecsssesessesessssesesseseeatenes 124 Overview of the Radio Statistics Page eceescssssesesssscsssessesssessesesesssesesseseeasenss 124 Viewing Real Time ARM Statistics cecsssssessssescssssssesesecscseseessesesseseeassesesaeseees 124 Issues Summary SECTION ccccesesessessscsessesssececseseesesesecacsesassesecessusecansesesausesassesesansesas 125 802 11 Radio Counters SUMMATSY ccceseesseecsssessesssesscseseesesesecsesesaesesesaesesassesesanseeas 125 Radio Statistics Interactive Graph cccccssesesssscessssesssesscsesscseseceeseseeassesesanses
336. g RAPIDS and contains the following sections Introduction to RAPIDS on page 167 Viewing Rogues on the RAPIDS gt List Page on page 176 Setting Up RAPIDS on page 169 Defining RAPIDS Rules on page 172 Score Override on page 180 Using the Audit Log on page 181 Additional Resources on page 182 Introduction to RAPIDS Rogue device detection is a core component of wireless security With RAPIDS rules engine and containment options you can create a detailed definition of what constitutes a rogue device and quickly act on a rogue AP for investigation restrictive action or both Once rogue devices are discovered RAPIDS alerts your security team of the possible threat and provides essential information needed to locate and manage the threat RAPIDS discovers unauthorized devices in your WLAN network in the following ways Over the Air Using your existing enterprise APs Optional AirWave Management Client AMC On the Wire Polling routers and switches to identify classify and locate unknown APs Using HTTP and SNMP scanning K NOTE To setup a scan refer to Discovering and Adding Devices on page 107 Using the controllers wired discovery information Furthermore RAPIDS integrates with external intrusion detection systems IDS as follows Dell WIP Dell PowerConnect W s Wireless Intrusion Protection WIP module integrates wireless intrusion protection into the mobile edge infrastr
337. g the Install New Certificate button or skip to the next step if the certificate was previously installed 4 Select User Setup in the left frame 5 Enter the Username that will be used to authenticate into the WDS and select Add Edit 6 Enter the Password that will be used to authenticate into the WDS and select Submit 7 Go to the Network Configuration gt Add AAA Client page 8 Add AP Hostname AP IP Address and Community String for the key 9 Enter the Password that will be used to authenticate into the WDS and select Submit For additional and more general information about ACS refer to Configuring ACS Servers on page 63 Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 61 Configuring Cisco WLSE Rogue Scanning The AMP Setup gt WLSE page allows AirWave to integrate with the Cisco Wireless LAN Solution Engine WLSE AirWave can discover APs and gather rogue scanning data from the Cisco WLSE Figure 31 illustrates and itemizes the AirWave settings for communication that is enabled between AirWave and WLSE Figure 31 AMP Setup gt WLSE gt Add WLSE Page Illustration WLSE Hostname IP Address Protocol Ci Port V4 0 LIsername Password Confirm Password Poll for AP Discovery ves O No Poll for Rogue Discovery ves No Polling Period 10 minutes Perform the following steps for optional configuration of AirWave for support of Cisco
338. g the Memory and CPU Utilization Report The Memory and CPU Utilization Report displays the top memory usage by device and CPU usage on the network by device Both are by percentage To create a scheduled and generated report of this type refer to Using Daily Reports on page 230 Figure 173 illustrates the Reports gt Detail page for this report Figure 173 Reports gt Generated gt Daily Memory and CPU Usage Report Illustration Contents Rearranged for Space Daily Memory and CPU Utilization Report for All Groups and Folders El XML XHTML export CSV export 1 13 2011 12 00 AM to 1 14 2011 12 00 AM Dadiani Generated on 1 14 2011 12 34 AM Bn paia i Top CPU Utilization by Device Device Utilization K13 2 00150 61 14 Aruba200 Master realy 52 49 Aruba200 Master realy 52 48 Aruba200 Master realy 52 48 Aruba200 Master realy 52 48 Aruba200 Master realy 52 45 Aruba200 Master realy 52 42 Aruba200 Master realy 52 40 Aruba200 Master realy 52 39 Aruba200 Master realy 52 37 Top Memory Usage by Device Device Usage Aruba3200 3 121 94 89 K132 00150 97 71 Airespace 15 CB 60 89 92 Aruba3400 64 11 devpites1 83 95 Aruba651 83 77 alpha gren swarea 83 60 Dell PowerConnect W 651 Controller 83 12 Aruba3200 RN 83 02 Alcate LLucent 4308 82 55 Using the Network Usage Report The Network Usage Report contains network wide information in two categories Bandwidth usage by device maximum and average bandwidth in k
339. g upstream switches RADIUS servers and other devices While AirWave can manage most leading brands and models of wireless infrastructure universal device support also enables basic monitoring of many of the less commonly used devices Perform the same steps to add universal devices to AirWave that were detailed in Adding Devices with the Device Setup gt Add Page on page 112 Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 115 AirWave collects basic information about universal devices including name contact uptime and location Once you have added a universal device you can view a list of its interfaces on APs Devices gt Manage By selecting the pencil icon next to an interface you can assign it to be non monitored or monitored as Interface l or 2 AirWave collects this information and displays it on the APs Devices gt Monitor page in the Interface section AirWave supports MIB II interfaces and polls in out byte counts for up to two interfaces AirWave also monitors sysUptime Assigning Devices to the Ignored Page A device can be assigned to the Ignored page from the APs Devices gt New page The advantage of having the device be designated in this way as in the case of a device that is temporarily down for a known reason is that when you take it off the ignored list it returns immediately to the location in AMP where it had resided before it was marked Ignored Ignored devices a
340. ge of a group and locate the Use Global Groups section Select the Yes radio button and select the name of the Global Group from the drop down menu Then select Save and Apply to make the changes permanent Figure 66 illustrates this page Figure 66 Groups gt Basic gt Managed Page Illustration Group Access Points Basic Name Access Points Missed SNMP Poll Threshold 1 100 1 l Regulatory Domain United States Sa Timezone AMD guetan Eme For scheduling group configuration changes EE E hs Allow One to One NAT O Yes No Use Global Group ee fog ny globalgrouponMic SSID Once the configuration is pushed the unchecked fields from the Global Group appears on the Subscriber Group as static values and settings Only fields that had the override checkbox selected in the Global Group appear as fields that can be set at the level of the Subscriber Group Any changes to a static field must be made on the Global Group If a Global Group has Subscriber Groups it cannot be changed to a non Global Group A Global Group without Subscriber Groups can be changed to a regular Group by updating the setting on the Groups gt Basic configuration interface The Global Groups feature can also be used with the Master Console For more information about this feature refer to Supporting AirWave Servers with the Master Console on page 221 Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave
341. ges to users with the AMP Administration role only non admin users VisualRF gt Setup AMP Setup gt NMS RAPIDS gt Score Override Display VisualRF RAPIDS gt Rules RAPIDS gt Setup System gt Triggers Allow role based report Yes Enable or disable role based reporting in AMP When disabled reports can only be visibility generated with by subject visibility 6 Locate the External Logging section and adjust settings to send audit and system events to an external syslog server Table 14 describes these settings and default values You can send a test message using the Send Test Message button once any of the logging options are enabled Table 14 AMP Setup gt General gt External Logging Section Fields and Default Values Setting Default Description Include event log Select Yes to send event log messages to an external syslog server messages Syslog Server Enter the IP address of the syslog server Syslog Port sm Enter the port of the syslog server Event log facility Select the facility for the event log from the drop down menu Include audit log Select Yes to send audit log messages to an external syslog server messages Audit log facility Select the facility for the audit log from the drop down menu Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 39 7 Locate the Historical Data Retention section and specify the number of days you wish to keep client session records and rogue discovery eve
342. gning Campus Building and Floor Numbers on page 284 Assigning Optional Planner Owner or Installer Information for the Floor Plan on page 284 Controlling the Layers in the Uploaded Floor Plan CAD only on page 284 Exror Checking of CAD Images on page 284 Last Steps in Editing an Uploaded Image on page 285 Cropping the Floor Plan Image Use the cropping handles red circles to remove extra white space around the floor plan VisualRF will calculate an attenuation grid for the entire map including white space Reducing the white space on a floor plan will increase location accuracy and decrease the load an on the server A good rule of thumb would be about 2 inch white space if possible on all sides VisualRF dissects each floor plan into a grid consisting of cells specified in this setting The Core Thread service calculates the path loss for every radio to every cell on the floor plan 282 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide By default the importation wizard allocates 2 500 grid cells to each site based on dimensions If you have a site that is 250 ft by 100 ft the Floor Plan importation wizard would calculate the grid cell size at 10 feet 250 ft x 100 ft 25 000 ft 25 000 ft 2 500 ft 10 ft NOTE Decreasing the grid cell size will increase accuracy but it also increase CPU consumption by the floor caching threads and K the location caching threads Check the System Perform
343. gration with AirWave c 300 Installing AirWave on VMware ESX 4 1 ou cceesssssssescsssssssseecsesesessssesecesseeersanesetens 301 Creating a New Virtual Machine to Run AirWave ccccccssssesseecscssssesssesecseseeseesssseseeasenss 301 Installing AirWave on the Virtual Machine ccceccsesssscssssesssessesseeessesesseseesessseesenseseneess 301 AirWave Post Installation Issues on VMware cccccccceessescsssseeecseseesseesseseeseseesesseeesseseseneess 302 see cece celeste greet E A E E A naa eretpau cent aeneeduedaee ornate 303 Dell PowerConnect W AirWave 7 4 User Guide Preface This preface provides an overview of this user guide and contact information for Dell in the following sections Document Organization on page 11 Note Caution and Warning Icons on page 12 Contacting Support on page 12 Document Organization This user guide includes instructions and examples of the graphical user interface UI for installation configuration and daily operation of the Dell PowerConnect W AirWave 7 4 This includes wide deployment of wireless access points APs device administration rogue detection and classification wireless controller devices security reports and additional features of AirWave Table 1 Document Organization and Purposes Chapter Description Chapter 1 Introduction Introduces and presents AirWave its components and general network functions Chapter 2
344. gs section select Yes in the Enable VisualRF Engine field Then select Save Figure 188 Visua RF gt Setup gt Server Settings Section ae Enable VisualRF Engine Yes No Basic QuickView Navigation The top level menus of VisualRF are split into two major categories Network and Mesh as shown in Figure 189 and Figure 190 Selecting these menus will cause relevant submenus and sections to display below Figure 189 Default VisualRF Top Level Menu Network View Floor Plans Netveork E Figure 190 Default VisualRF Top Level Menu Mesh View Floor Plans Show Mesh Networks Table 137 describes the top level icons and their functions on VisualRF Table 137 Top Level Icons and Descriptions Operation Icon Description Refresh Refresh the floor plan to see changes Open Site Tree Display the Network Tree View window on top of the floor plan Preferences Configure personal viewing preferences The Preferences menu allows you to configure user preferences overlay types grid lines alerts icon sizes See Configuring QuickView Personal Preferences on page 266 for more details Launch the online help NOTE This User Guide currently contains the most up to date help information for the VisualRF interface Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 259 Network View Navigation When viewing a floor plan in Network View the top level menu changes to Overlays Display and Edi
345. gt end Using Conditional Variables in Templates Conditional variables allow lines in the template to be applied only to access points where the enclosed commands will be applicable and not to any other access points within the Group For example if a group of APs consists of dual radio Cisco 1200 devices 802 1 1a b and single radio Cisco 1100 802 11b devices it is necessary to make commands related to the 802 1 1a device in the 1200 APs conditional Conditional variables are listed in the table below The syntax for conditional variables is as follows and syntax components are described in T able 91 if variable value Sendifs 158 Creating and Using Templates Dell PowerConnect W AirWave 7 4 User Guide Table 91 Conditional Variable Syntax Components VELEI Values Meaning interface Dot11Radio0 2 4GHz radio module is installed Dot11Radio1 5GHz external radio module is installed radio_type a Installed 5GHz radio module is 802 11a bo Installed 2 4GHz radio module is 802 11b only Go Installed 2 4GHz radio module is 802 11g capable wds_role backup The WDS role of the AP is the value selected in the dropdown menu on the APs Devices gt Manage configuration page for the device IP address of the device is set statically on the AP Manage configuration page DHCP IP address of the device is set dynamically using DHCP Using Substitution Variables in Templates Substitution variables are used to set AP specific values on e
346. gt Manage NOTE Some AP configuration changes may require the AP to be rebooted Use the Schedule function to schedule these changes to occur at a time when WLAN users will not be affected 144 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Select the Update Firmware button at the bottom right of the page to upgrade the device s firmware Figure 107 illustrates the page that opens and lable 87 describes the settings and default values NOTE The Update Firmware button only appears if 1 the AMP Administrator has enabled Allow firmware upgrades in monitor only mode in AMP Setup gt General 2 if you are looking at an APs Devices gt Manage page for a controller or autonomous AP that K supports firmware upgrades in AMP See the Supported Infrastructure Devices document in Home gt Documentation to see all of the AMP supported devices that can perform firmware upgrades In most cases you cannot upgrade firmware directly on thin APs Table 87 APs Devices gt Manage gt Firmware Upgrade Fields and Default Values Setting Default Description Desired Version Specifies the firmware to be used in the upgrade Firmware can be added to this drop down menu on the Device Setup gt Upload Firmware amp Files page JobName None Sets a user defined name for the upgrade job Use a meaningful and descriptive name Use safe flag for Cisco Enables or disables the safe flag when upgr
347. gues in RAPIDS including the Contain classification Manage rogue AP containment in monitor only within this bitmask will be combined into one device 4 4 mode Oo y N requires all but the last digit match aa bb cc dd ee fx Containment updates will always be pushed to devices e5 0 8 requires all but the last two digits match running WMS offload regardless of this setting faa bbice dd ee Xx Maximum number of APs to contain a rogue Wireless BSSID Correlation 0 8 bits The maximum number of APs that will contain a rogue on 3 Similar BSSIDs will be combined into one device when Cisco WLC controllers they Fall within this bitmask Setting this value too high may result in identifying two different physical devices as n the same rogue Note When you change this value 4 Filtering Options RAPIDS will not immediately combine or un combine i G C rogue records Changes will occur during subsequent Filter Ad hoc Rogues Yes No processing of discovery events Filter Rogues by Signal Strength Yes C No Delete Rogues not detected for 0 14 days zero Minimum Signal Strength Less than or egual to disables T 0 mooo Cannot be larger than the rogue discovery event 0 Enter minimum signal strength in dBm Rogues will not be expiration 14 configured on the AMP Setup page recorded until they exceed this signal strength unless that value is set to 0 i A Filter Rogues Discovered by Remote APs G Automatically OS sc
348. gure 140 Clients gt Guest Users gt Add New Guest User Page Illustration Guest User Username ljrsjwh tt ss Generate Password wNzc yu27du Generate Name Guest Enabled Yes C No Email name email com Company Name Company ttst Sponsor Name admin t tists S Specify numeric dates with optional 24 hour times like 7 4 2003 or 2003 07 04 for July 4th 2003 or 7 4 2003 13 00 for July 4th 2003 at 1 00 PM or specify relative times like tomorrow at noon or next tuesday at 4am Other input formats may be accepted Expiration Blank means no expiration tomorrow at noon WLAN Profile 4000 quest M Description Email Options Email Credentials C Yes No d cae To make the Username or Password anonymous and to increase security complete these fields then select Generate The anonymous and secure Username and Password appear in the respective fields 6 Select Add to complete the new guest user or select Cancel to back out of new user creation The Clients gt Guest Users page appears and displays results as applicable Supporting VPN Users with the Clients gt VPN Sessions Page The Clients gt VPN Sessions page shows active VPN Sessions along with device type and HTTP fingerprinting information Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 201 Figure 141 Clients gt VPN Sessions Page Illustration Expand folders to show all VPN Sessions Go
349. h search category Full search results accessed by selecting the Click here to perform a Full Search to expand the results link at the top of the Fast search results This action sends the earlier search term to a much deeper search of AMP expanding the results to include all types of devices clients connected and historical folders groups tags rogue devices VPN sessions connected and historical and rogue clients You can customize search categories displayed in the Full search in Home gt User Info Navigation Section The Navigation Section displays tabs for all main GUI pages within AirWave The top bar is a static navigation bar containing tabs for the main components of AirWave while the lower bar is context sensitive and displays the subtabs for the highlighted tab Table 6 Components and Subtabs of the AirWave Navigation ETIE ET Description Subtabs Home The Home tab provides basic AirWave information including system Overview name host name IP address current time running time and software Search YASIR Documentation The Home page also provides a central point for network status license information and monitoring tools giving graphical display of network activity and links to many of the most frequent tools in AirWave For User Info additional information refer to Monitoring and Supporting AirWave with the Home Pages on page 209 Dell PowerConnect W AirWave 7 4 User Guide Installing
350. hannel if it reaches a configured threshold for noise MAC errors or PHY errors additionally it can attenuate transmit power and switch between radio modes as needed For more information refer to the ARM chapter in the Dell PowerConnect W Series ArubaOS User Guide at support dell com manuals Complete ARM statistics from Dell PowerConnect W Series controllers can be retrieved from the Radio Statistics page by selecting the Run a command drop down menu and choosing button as illustrated in Figure 82 124 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Figure 82 Fetch additional radio stats by running a show command Monitoring 802 11bgn radio for AP 1154 9 Run a command Run a command show ap arm rf summary ap name 1154 0 show ap debug radio stats ap name 1154 0 radio 1 advanced When this button is selected a new browser window launches with the statistics in plain text Other ARM tracked metrics are visible in the Radio Statistics page for Dell PowerConnect W Series APs Issues Summary section The Issues Summary section only displays when noise client count non 802 11 interfering devices channel utilization usage and MAC and PHY errors reach a certain threshold of concern as described in able 79 and illustrated in Figure 83 Table 79 ssues Summary labels and thresholds Issue Triggering Threshold Figure 83 ssues Summary Section Illustration
351. he RADIUS Authentication Issues Report The RADIUS Authentication Issues Report contains issues that may appear with controllers RADIUS servers and users Figure 179 illustrates the fields and information in the RADIUS Authentication Issues Report 246 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Figure 179 Reports gt Generated gt RADIUS Authentication Issues Detail Page Illustration Daily RADIUS Authentication Issues Report for All Groups Folders and SSIDs 1 20 2009 12 00 AM to 1 21 2009 12 00 AM Generated on 1 21 2009 12 21 AM Top 10 RADIUS Authentication Issues by Controller vortex 2 1 20 2009 10 41 AM 1 20 2009 12 00 AM Top 10 RADIUS Authentication Issues by User 00 21 5C 00 21 30 1732 00 10 D9 00 1D D9 15 O0 16 CF 00 16 CF 6 O0 21 5C 00 21 5C 3 00 1C BF 00 1C BF 3 00 16 0F 00 16 CF__ 2 OO14 AF 001404 2 OODLFI3B 00 10 CF 1 00 19 D 00 14 A4 1 00 21 FE 00 16 CF__ 1 1 20 2009 12 00 AM 1 20 2009 1 51 PM 1 20 2009 3 05 PM 1 20 2009 7 05 AM 1 20 2009 4 12 PM 1 20 2009 8 33 AM 1 20 2009 5 27 PM 1 20 2009 8 52 AM 1 20 2009 3 04 PM 1 20 2009 11 23 AM Most Recent Event 1 20 2009 11 59 PM 1 20 2009 10 41 AM Most Recent Event 1 20 2009 11 59 PM 1 20 2009 2 08 PM 1 20 2009 3 13 PM 1 20 2009 5 33 PM 1 20 2009 4 13 PM 1 20 2009 5 42 PM 1 20 2009 5 28 PM 1 20 2009 8 52 AM 1 20 2009 3 04 PM 1 20 2009 11 23 AM 1 20 of 1776 RADIUS Authenti
352. he View device in SOTI MobiControl link A new window will display the MobiControl Web Console for this device 208 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Monitoring and Supporting AirWave with the Home Pages The Home tab of AirWave provides the most frequent starting point for monitoring network status and establishing primary AirWave functions once AirWave configuration is complete From the Home tab you can access the following pages The Home gt Overview page condenses a large amount of information about your AirWave You can view the health and usage of your network and use shortcuts to view system information Refer to Monitoring AirWave with the Home gt Overview Page below The Home gt Search page provides a simple way to find users managed devices groups and rogues Refer to Searching AirWave with the Home gt Search Page on page 213 The Home gt Documentation page contains all relevant AirWave documentation See Accessing AirWave Documentation on page 214 The Home gt License page provides product licensing information See The Customize link on the upper right side of the page allows you to customize the widgets on the Home gt Overview page See Customizing the Dashboard on page 32 on page 211 The Home gt User Info page is where logged in users can configure their name contact information rogue count filter level customized header c
353. he devices to be included in the graphical bandwidth summary chart To view historical graphs in a new window select the three bar icon on the upper right of the chart 210 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Table 120 Home gt Overview Sections and Charts Continued Section Description Monitoring This pie chart shows the percentage of all devices that are up and down on the network To review devices Status that are down select Down in the legend or the chart and the APs Devices gt Down page displays Configuration The pie chart displays all known device configuration status on the network Devices are classified as Good Compliance Unknown Mismatched or Audit Disabled Select the Mismatched link to see the APs Devices gt Mismatched page Alert Summary This section displays all known and current alerts configured and enabled in the System gt Alerts page refer to Viewing Delivering and Responding to Triggers and Alerts on page 187 Alerts can be sorted using the column headers Type Last 2 Hours Last Day Total or Last Event The Alert Summary field displays three types of alerts AMP Alerts IDS Events RADIUS Authentication Issues Select any alert type for more information Quick Links The Quick Links section provides drop down menus that enable you to move to the most common and frequently used pages in AirWave as follows Go to folder This menu lists
354. he firmware file in bytes HTML Filename Supporting HTML displays the name of the file that was uploaded to AirWave and to be transferred to an AP when the file is used in an upgrade HTML Version None Supporting HTML displays the version of HTML used for file transfer HTML MD5 Supporting HTML displays the MD5 checksum of the file after it was uploaded to Checksum AirWave The MD5 checksum is used to verify that the file was uploaded to AirWave without issue The checksum should match the checksum of the file before it was uploaded HTML File Size None Supporting HTML displays the size of the file in bytes Desired Firmware The firmware file is set as the desired firmware version on the Groups gt Firmware Files File for Specified page of the specified groups You cannot delete a firmware file that is set as the desired Groups firmware version for a group Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 55 Loading Firmware Files to AirWave Perform the following steps to load a device firmware file onto AirWave l Go to the Device Setup gt Upload Firmware amp Files page 2 Select Add The Add Firmware File page appears Figure 25 illustrates this page Figure 28 Device Setup gt Upload Firmware and Files gt Add Page Illustration Type Firmware Version PY Description LOO O upload firmware files and use built in firmware file server Use an external firmware file server Use Group File Ser
355. hed AMP list the Failover AMP will download the most recent backup and begin polling The Failover AMP and the Watched AMP must be on the same version or else the watched AirWave will be unable to restore properly If any of the watched AMPs are not on the same version of AirWave you will need to upgrade The Failover AMP will need HTTPS access port 443 to the watched AMP to verify that the web page is active and to fetch downloads Once the Failover AMP determines that the Watched AMP is not up based on the user defined missed poll threshold it will restore the data backup of the Watched AMP and begin monitoring the watched AMP APs and devices There are many variables that affect how long this will take including how long client historical data is being retained but for an AMP with 1 000 APs it might take up to 10 minutes For an AMP with 2 500 APs it might take as long as 20 minutes The Failover AMP will retain its original IP address In summary the Failover AMP could take over for the Watched AMP in as little as five minutes it might take up to an additional 10 20 minutes to unpack the watched AMP data and begin monitoring APs The most important factors are the missed poll threshold which is defined by the user and the size of the watched AMP backup Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 225 which is affected by the total number of APs and by the amount of data being saved especia
356. hen deciding the best uplink Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 97 Table 69 Groups gt Proxim Mesh gt Mesh Cost Matrix Fields and Default Values Continued Setting Default Description Maximum Hops Set the maximum number of hops for the AP to reach the Portal AP to Portal RSSI Factor Sets the factor associated with the RSSI values used when calculating the best path to the portal AP Higher factors will have more impact when deciding the best uplink RSSI Cutoff 10 Specifies the minimum RSSI needed to become a mesh neighbor Medium Sets the factor associated with Medium Occupancy when calculating the best path to the Occupancy portal AP Higher factors will have more impact when deciding the best uplink Factor Current Medium Specifies the importance given to the most recently observed Medium Occupancy against all Occupancy of the previously viewed medium occupancies Lower values place more importance on Weight previously observed Medium Occupancies 4 Select Save when configurations are complete to retain these settings Select Save and Apply to make the changes permanent or select Revert to discard all unapplied changes Configuring Group MAC Access Control Lists This configuration is optional If you use Symbol Proxim or ProCurve 520WL wireless access points AirWave enables you to specify the MAC addresses of devices that are permitted to associate with APs in
357. his server can be polled by AirWave Make sure It is set to Yes Username The login credentials for accessing the web console of the MobiControl system Password Polling Period The frequency in which AirWave polls the MDM server The default is 5 minutes 2 When finished select Add The list page for the MDM server also displays Last Contacted The last time AirWave was able to contact the MDM server Errors Issues if any encountered during the last contact During each polling period AMP will obtain a list of all device IDs and their WLAN MAC addresses The information about device OS device OS Detail Manufacturer Model Name are retrieved from MobiControl and populated to the Clients gt Client Detail page for supported mobile devices A View device in SOTI MobiControl link provides direct access to the MobiControl Web Console for additional details about the device MobiControl information overrides data obtained from ArubaOS 6 0 controllers Accessing MobiControl from the Clients gt Client Detail Page In order to access the MobiControl web console tor a SOTI managed mobile device from within AirWave follow these steps l Navigate to a page that lists clients This can include Clients gt Connected or Clients gt All Search results that display user MAC address 2 Select the MAC address in the Clients list table The Clients gt Client Detail page displays 3 Under the Classification field select t
358. hreat Level on page 173 The threat level is also supported with Triggers see Monitoring and Supporting AirWave with the System Pages on page 183 Name Displays the alpha numeric name of the rogue device as known By default AirWave assigns each rogue device a name derived from the QUI vendor and the final six digits of the MAC address Clicking the linked name will redirect you to the RAPIDS gt Detail page for that rogue device Refer to Overview of the RAPIDS gt Detail Page on page 179 Displays the RAPIDS Rule that classified the rogue device see Viewing and Configuring RAPIDS Rules on page 174 Current Associations The number of current rogue client associations to this device Max associations The highest number of rogue client associations ever detected at one time Classifying Rule Controller Classification Displays the classification of the device based on the controller s hard coded rules NOTE This column is hidden unless Offload WMS Database is enabled by at least one group on the Groups gt Basic page WMS Classification The AP that provided the information used to classify the device Click the linked device name to be redirected to the APs Devices gt Monitor page for that AP WMS Classification The date that WMS set the classification Date Confidence The confidence level of the suspected rogue How confidence Is calculated varies based on the version of ArubaOS When an Aru
359. ht clicking within the region to see the following options Delete Planned APs in the Region deletes only provisioned APs in the region Reprovision APs Remove all planned APs inside this region and prompts for new information to replan the region Delete the Region Deletes the region and all planned APs Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 287 Edit the region Change the name of the region Copy the Region to floors above Will copy the region and auto plan for floors above Z NOTE The starting floor will add one to the highest floor in the building and the ending floor defaults to 10 more than the starting floor To replicate a floor plan follow these steps l Navigate back to the Building view by clicking on the navigation tags in the bottom right corner of the window 2 Right click the floor and select Duplicate 3 Enter the following information Starting and ending floors Select the toggles to copy walls regions data rates speeds and AP placement Go NOTE The starting floor will add one to the highest floor in the building and the ending floor defaults to 10 more than the starting floor 4 Select OK to save your changes 5 Manually refresh page and your is redirected to the VisualRF gt Floor Plan page The Building view will reflect the new floors K NOTE You should see all replicate floors with matching number of access points Auto Matching Planned Devices You can
360. iNgS sesasine iir EES Aa Ee NS ENEN Ea EARST 25 BUN ONS and CONS e EEE A es 26 Getting Started with AirWave ccccsssssssscscssssssesesecsesessesesecseseseesesececsesecsssesessusesassesetansesatensess 28 Chapter 3 Configuring AMP ccssccsssessssssscsssssssssesssessesessssesssssseesessesssesensesessessseseestsesecsesesenstses 29 Borre Tou DEU eere E E E E T E E 29 Formaning TIVE TOP THC ACIEE esa 29 Customizing Columns WE LISTS sscernecons segs dasessezceastancssazsyavasnesedarescerarsesuaasaatsonaengeuedatastejeesieummndaen 30 Resetting Pagination RECOrdS ccccsssssssscssesssscssssesscseseesesecsesaesesaesecsesecsesaesesausesseseesesatsesansees 31 Using the Pagination WidQet cccccscssescssssesssscssssesecseseesesecsesaesecseseeseseesesaesesssseesuseesesansesanseses 31 Dell PowerConnect W AirWave 7 4 User Guide Contents 3 4 Contents Chapter 4 Using Export CSV for Lists and Reports ccccccssssssccssssssecsssecsececseceeseceusecsesensesansesausessusensesanes 31 Defining Graph Display Preferences ccscscscssessssescscssssesssscsesessesssesecseseeassesessusesassesessnsesaseess 32 Customizing the Dashboard ccsesssssssesssssscscssssesesececsssseseseceesesecsesecessesecaesesessusecasseseeausesasensass 32 Customized S6at Ci epaia dana vasa ncaa E E 34 Setting Severe Alert Warning Behavior senssensessnernnnensnsnnenunurnannnsnsnnnnurunnnnnnnnnnannnurnnnnnnrennrnnnn 34 Defini
361. iation This may indicate that the user has not yet been authenticated for this session or AirWave may not be getting a username from an external source VLAN Displays the VLAN assigned to the user if available Supporting Guest WLAN Users With the Clients gt Guest Users Page AirWave supports guest user provisioning for Dell PowerConnect W Alcatel Lucent and Cisco WLC devices This allows frontline staff such as receptionists or help desk technicians to grant wireless access to WLAN visitors or other temporary personnel Ki NOTE The Guest User Preferences section on AMP Setup gt Roles as well as the Clients gt Guest Users subtab will not appear if Guest User Configuration is globally disabled in AMP Setup gt General Perform the following steps in the pages described to configure these settings l Navigate to the AMP Setup gt Roles page and select the Read Only Monitoring amp Auditing role type Under Guest User Preferences enable Allow creation of Guest Users 2 Next navigate to the AMP Setup gt Users page and create a new user with the role that was just created Figure 138 illustrates this page Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 199 Figure 138 AMP Setup gt Users Page Illustration User Username hire Role Read Only Monitoring amp A Password ee Confirm Password Name Mair Woods Email Address ma examplecom Phone PO Motes Will
362. ically attenuate floor plans to increase the accuracy of client locations and heat maps Unassociated Client Information Some APs Controllers have the ability to report the signal strength clients they hear but that are associated to a radio on a neighboring AP AMP also uses these signal strength readings to more accurately place clients Client Surveys Client surveys within VisualRF use access points to understand which clients they hear and at what signal strength Rogue Surveys Rogue surveys are facilitated by AMC VisualRF and the client s radio to understand which access points they hear and what signal strength Starting VisualRF In order to launch VisualRF it must be enabled within AirWave Setup to display the VisualRF tab and the VisualRF engine must be switched on in VisualRF gt Setup Both of these pages are visible to logged in administrators only By default VisualRF is disabled in new AMP installations 258 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide To enable VisualRF follow these instructions while logged in as an administrator 1 Go to AMP Setup gt General 2 Scroll down to the AMP Features section as shown in Figure 187 In the field Display VisualRF select Yes Then select Save Figure 187 AMP Setup gt General gt AMP Features Page Illustration AMP Features Enable VisualRF vee No 3 After the VisualRF tab is visible navigate to VisualRF gt Setup 4 In the Server Settin
363. ices and number of grid cells on the floor plan 25 floors or less 512 MB 50 to 75 floors 1 GB 75 to 100 floors 1 5 GB 100 to 200 floors 3GB 200 to 300 floors 5 GB 64 bit only Above 300 8 GB 64 bit only NOTE If you see Out of Memory errors in the SSL error log on the System gt Status page you should increase memory allocation Core Threads 1x number Number of threads that calculate path loss for each floor These threads also of cores regenerate a floor s RF properties when new APs walls or regions are added to a floor plan Location Caching 1x number Number of threads that calculate the location of all clients associated with access Threads of cores points on this floor plan Ul Threads 1X number Number of threads that service the users accessing QuickView as well as AMP to of cores VisualRF communication NOTE If users experience timeout errors while using QuickView allocate additional UI Threads Synchronization Timer This timer indicates how often VisualRF will synchronize security for APs within AMP Restrict visibility of When enabled only the creator can view an empty floor plan empty floor plans to the role of the user who created them To tune location accuracy go to the Location Settings section on this page as described in Table 140 Table 140 Location Settings Section in VisualRF gt Setup Default Description Allowed deviation 4 dB When VisualRF locates a client or rogue it utilizes signal m
364. ich AirWave refreshes DNS lookup 1 hour 2 hours 4 hours 12 hours 24 hours Device N A The message included in this field is displayed along with the Down if a device s Troubleshooting Hint upstream device is up This applies to all APs and controllers but not to routers and switches 7 Locate the Device Configuration section and adjust the settings Table 12 describes the settings and default values of this section Table 12 AMP Setup gt General gt Device Configuration Section Fields and Default Values Default Description Guest User Disabled Enables or prevents guest users to from pushing configurations to devices Options are Configuration Disabled default Enabled for Devices in Manage Read Write Enabled for all Devices Allow WMS Offload configuration in monitor only mode When Yes is selected you can enable the ArubaOS WMS offload feature on the Groups gt Basic page for WLAN switches in Monitor Only mode Enabling WMS offload does not cause a controller to reboot This option is supported only for Dell and Dell PowerConnect W Series devices users while in monitor only mode No the Deauthenticate Client button for in a Clients gt Client Detail page is enabled only for Managed devices Whether AMP can use character sets other than UTF 8 for configuration settings Allow non UTF8 characters Allow disconnecting a Sets whether you can deauthenticate a user for a device in monitor only mode
365. ich allows you adjust the graph settings attributes as shown in Figure 11 Figure 11 nteractive Graphs on the Home gt Overview Page User Count Last 2 hours fol Bandwidth Last 2 hours Ball 14M 500 k 200 k 400 k 1 M C 16 M A 14 50 15 50 16 50 14 50 15 50 16 50 Maximum Average Show All Maximum Average w Number of Users 20 users 16 users w Bits Per Second Gut 1 4 Mbps 316 8 kbps w Bits Per Second In 1 5 Mbps 262 kbps 1 yearago ey a E This Flash enabled GUI allows for custom settings and adjustments as follows Drag the slider at the bottom of the screen to move the scope of the graph between one year ago and the current time Drag the slider between graphs to change the relative sizes of each Deselect checkboxes to change the data displayed on each graph The button with green arrows refreshes data on the graph The Show All link displays all of the available checkboxes supporting the Flash graphs Once a change to the slider bars or to the display boxes has been made the same change can be applied to all other Flash graphs with an apply button appears on mouse over only For non Flash graphs select the graph to open a popup window that shows historical data A non F lash version of the AirWave user page is available if desired instead of Flash it uses the RRD graphs that were used in earlier versions of AirWave Contact AirWave support for more information on activating this fe
366. ide Chapter 8 Dell PowerConnect W AirWave 7 4 User Guide Deleting or Editing a RUC cc ccsceesceseesseecssssesecseseeseseesesaesessuseeseseesesaseesanseseneess 176 Recommended RAPIDS Rules cccscecscssssesssssscssssesseececsesecsesesecsusecassesessesecassesesaesesasenes 176 Using RAPIDS Rules with Additional AirWave Functions eessen 176 Viewing Rogues on the RAPIDS gt List Page eessssssessescsesessesssececsesessssesesseseeasseeesseseees 176 Overview of the RAPIDS gt Detail Page eesssessssssssesssesscseseesseececseseessseseesesecassesesaeseeasenss 179 Viewing Ignored Rogue DeVICES ccccseseescssssessescssssesecseseesessesesaesecaeseeseseesesaeeessnsaeeneess 180 Using RAPIDS Workflow to Process Rogue DeVICES ccecsccssesesseessessssesseesesseseeaeeees 180 COE OV ol ah ee eh ee ne ee ee ee ee 180 Using the Audit LOO cearensis aaoi Saa aUri 181 Additional RESOULCES ccccccscsscssssesssscsseseeecseseeseceeseesesecsusaeseseesessusecsusausecaesesauseesesaesesauseesesatees 182 Performing Daily Administration in AlrWave ccccccssscssessesessrssrssessesetsetseesessees 183 Monitoring and Supporting AirWave with the System Pages cccecsescssseessesseeeeeeseees 183 Using the System gt Status PAC 6 sidssscssancesissnsnasrscniannaivadantaniewoctsiandautaancnsanaciiasecniaseannaiinvieabenss 184 Viewing Device Events in System gt Syslog amp Trap cceesessescsessssesssesscseseessees
367. ide default values AP Interface Polling Period 5 minutes Sets the interval at which AirWave polls for radio monitoring and bandwidth being used by a device Client Data Polling Period Sets time between SNMP polls for client data for devices in the group Thin AP Discovery Polling 5 minutes Sets time between SNMP polls for Thin AP Device Discovery Controllers are the Period only devices affected by this polling interval Device to Device link Polling 5 minutes Sets time between SNMP polls for Device to Device link polling Mesh APs are Period the only devices affected by this polling interval 802 11 Counters Polling Period Sets time between SNMP polls for 802 11 Counter information Rogue AP and Device 5 minutes Sets time between SNMP polls for Rogue AP and Device Location Data polling Location Data Polling Period CDP Neighbor Data Polling 30 minutes Sets the frequency in which this group polls the network for Cisco Discovery Period Protocol CDP neighbors 74 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide 5 Record additional information and comments about the group in the Notes section 6 To configure which options and tabs are visible for the group complete the settings in the Group Display Options section lable 42 describes the settings and default values Table 42 Group Display Options Fields and Default Values Default Description Show device Only Drop down menu determi
368. ield to specify the firmware version number Appears if you did not select the default Dell PowerConnect W Series Controller type Provides a user configurable text description of the firmware file Upload firmware Built in Selects the TFTP server that access points use to download their firmware The built in files and use built in TFTP server is recommended firmware If you choose to use an external TFTP server enter the File Server IP Address and the Firmware Filename Use an external N A You can also choose to assign the external TFTP server on a per group basis If you firmware file server select this option you must enter the IP address on the Groups gt Firmware page Complete the Firmware File Server IP Address field NOTE With selection of some Types you are prompted with the Server Protocol field that lets you select which protocol to use and this varies from device to device If you select FTP AirWave uses an anonymous user for file upload Use Group File Disabled If you opt to use an external firmware file server this additional option appears This Server setting instructs AirWave to use the server that is associated with the group instead of defining a server 56 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Table 33 Supported Firmware Versions and Features Fields and Default Values Continued Default Description Firmware File Server Provides the IP address of the External TFTP Server lik
369. iffer between in their supported traps supported MIBs and network query elements used in device scanning HTTP discovers devices using the HyperText Transfer Protocol in communications between servers and additional network components HT TP is not as robust in processing network events as is SNMP but HTTP may be sufficient simpler or preferable in certain scenarios 5 Define and confirm the Community String to be used during scanning In this section the community string used can be either read only or read write as AirWave only uses it for discovering APs To bring APs under management AirWave uses the credentials supplied in the Device Setup gt Communication SNMP section K NOTE AirWave automatically appends the type of scan SNMP or HTTP to the Label Once the device is authorized it will use the non scanning credentials 6 Select Add The Device Setup gt Discover page displays the new scan credential or credentials just created or edited 7 Repeat these steps to add as many credentials as you require Once scan networks and scan credentials are defined combine them by creating scan sets using the next procedure Defining a Scan Set on page 109 Defining a Scan Set Once you have defined at least one network and one scan credential you can create a scan set that combines the two for device discovery Perform these steps to create a scan set l Locate the Scan Set area at the top of the Device Setup gt
370. ight or next tuesday at 4am Other input formats may be acceptec Start Date Time September 9th 2007 at 12 00 l To edit an existing configuration change job select on the linked description name On the subsequent edit page you can choose to run the job immediately by selecting Apply Changes Now reschedule the job by selecting Schedule Delete the job or Cancel the job edit 2 Select the linked AP or group name under the Subject column to go to its monitoring page Select the linked group and folder names under Folder or Group to go to the AP s folder or group page 4 Scheduled configuration change jobs will also appear on the Manage page for an AP or the Monitoring page for a group Using the System gt Firmware Upgrade Jobs Page The System gt Firmware Upgrade Jobs page displays a list of recent firmware upgrade jobs that have been initiated in the APs Devices gt Manage page or Modify Devices page for a controller or autonomous AP that supports firmware upgrades in AMP Successful upgrade jobs are not archived on this page generally you visit this page to review failed or pending firmware upgrade jobs Users with the AP Device Manager role and higher can view this page Audit only users cannot view this page or tab Figure 155 System gt Firmware Upgrade Jobs Page Illustration Firmware upgrade jobs Add new firmware files on the Firmware amp File Upload page Initiate a firmware upgrade job from the APs Device M
371. igure the memory allocation accordingly Memory allocation should equal 5 GB for 1 75 floor plans 1 GB for 76 250 floor plans 1 5 GB for 251 500 floor plans and 2 GB for 501 1 000 floor plans NOTE Importing a large number of floor plans can impact performance of the AMP server VisualRF must create a thumbnail K provision APs create attenuation grid and locate all clients on each imported floor plan This can cause the VisualRF gt Floor Plans page to be unresponsive Process on Controller l On the controller s UI navigate to the Plan gt Building List page 2 Select the buildings to be exported and select Export 3 When the dialog box appears make sure that you have included all images and select Save to a file Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 291 Process on AMP l Navigate to VisualRF gt Import Select the Import floor plans from a Dell PowerConnect W Series Controller link Select the Begin Importing Floor Plans link oe When prompted for input file use the file saved from the controller process VisualRF Location APIs VisualRF provides the following location APIs Site Inventory https amp_host visualrf site xml site_id You can find the site_id from the Floor Plan List query defined on the XML API page This interface provides floor details including access points walls regions surveys etc The corresponding example XML and schema are attached in visualrf_site_in
372. ile to be Name supported in this device group Authentication Profile 3 For Proxim devices only this field sets the name of the accounting profile index to Index be supported in this device group MAC Address Authentication Section MAC Address If enabled only MAC addresses known to the RADIUS server are permitted to Authentication associate to APs in the Group MAC Address Format Single Dash Allows selection of the format for MAC addresses used in RADIUS authentication and accounting requests Dash Delimited xx xx xx xx xx xx default Colon Delimited xx xx xx XXx XX XX Single Dash XXXXXX XXXXXX No Delimiter XXXXXXXXXXXX This option is supported only for Proxim AP 600 AP 700 AP 2000 AP 4000 Avaya AP3 4 5 6 7 8 HP ProCurve 520WL Authorization Lifetime 1800 Sets the amount of time a user can be connected before reauthorization is required The supported range is from 900 to 43 200 seconds Primary RADIUS Server Specifies the time in minutes that the AP awaits responses from the primary Reattempt Period RADIUS server before communicating with the secondary RADIUS server and so forth 3 Select Save to retain these security configurations for the group select Save and Apply to make the changes permanent or select Revert to discard all unapplied changes 4 Continue with additional security related procedures in this document for additional RADIUS and SSID settings for device groups as required Configuring Group S
373. ine RAPIDS classifications and controller classifications are separate and often are not synchronized K NOTE RAPIDS classification is not pushed to the devices The following table compares how default classification may differ between AMP and ArubaOS for scenarios involving WMS Offload Table 98 Rogue Device Classification Matrix AirWave AOS ARM For additional information about WMS Offload refer to the Dell PowerConnect W AirWave 7 4Best Practices Guide in Home gt Documentation Device OUI Score The Organizationally Unique Identifier OUI score is based on the LAN MAC address of a device RAPIDS can be configured to poll your routers and switches for the bridge forwarding tables RAPIDS then takes the MAC addresses from those tables and runs them through a proprietary database to derive the OUI score The OUI score of each device is viewable from each rogue s detail page Table 99 provides list the OUI scores definitions Table 99 Device OUI Scores Score Description Indicates any device on the network this is the lowest threat level on the network Indicates any device in which the OUI belongs to a manufacturer that produces wireless 802 11 equipment Score of 3 Indicates that the OUI matches a block that contains APs from vendors in the Enterprise and small office small home market Indicates that the OUI matches a block that belonged to a manufacturer that produces small office small home access points
374. ing PCI Auditing on page 66 The Reports gt Definitions page allows you to create custom configured and custom scheduled PCI Compliance reports See Reports gt Definitions Page Overview on page 227 The Reports gt Generated page lists PCI Compliance reports currently available and allows you to generate the latest daily version of the PCI Compliance Report with a single select Refer to Reports gt Generated Page Overview on page 229 The APs Devices gt PCI Compliance page enables you to analyze PCI Compliance for any specific device on the network This page is accessible when you select a specific device from the APs Devices gt Monitor page First you must enable this function through AMP Setup See Enabling or Disabling PCI Auditing on page 66 Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 65 The PCI Compliance Report offers additional information Refer to Using the PCI Compliance Report on page 245 This report not only contains Pass or Fail status for each PCI requirement but cites the action required to resolve a Fail status when sufficient information is available NOTE When any PCI requirement is enabled on AirWave then AirWave grades the network as pass or fail for the respective PCI 2 requirement Whenever a PCI requirement is not enabled in AirWave then AirWave does not monitor the network s status in relation to that requirement and cannot designate Pass or Fail network st
375. ing on the Add Edit page of the LWAPP AP Group 4 Select Save and Apply to make these changes permanent or select Save to retain these changes to be pushed to controllers at a later time Configuring Cisco Controller Settings The Groups gt Cisco WLC Config gt Controller page defines general Cisco WLC settings Multicast settings Cisco mobility groups to be supported on Cisco controllers Network Transfer Protocol NTP and Spanning Tree Protocol settings Go to the Groups gt Cisco WLC Config gt Controller page This navigation is illustrated in Figure 53 Figure 53 Groups gt Cisco WLC Config gt Controller Navigation Controller General Multicast Mobility Management LMobility Groups NTP Advanced Lsp anning Tree 94 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Configuring Wireless Parameters for Cisco Controllers This section illustrates the configuration of Wireless settings in support of Cisco WLC controllers The navigation for Wireless settings is illustrated in Figure 54 Figure 54 Groups gt Cisco WLC Config gt Wireless Navigation Illustration ErYWireless Mesh 802 11a n 802 11b a n Network Network RRM RRM RF Grouping RF Grouping TPC TPC DCA DCA Coverage Coverage General General Pico Cell Pico Cell Client Roaming Client Roaming Voice Voice Video Video EDCA Parameters EDCA Parameters DFS 802 11h High Throughput High Throughput 802 11n
376. inimum Firmware Versions for APs in a Group on page 98 Compare This page allows you to compare line item settings between two device groups On the Groups gt List page select Compare Two Groups select the two groups from the drop down menus then select Compare Comparing Device Groups on page 99 This chapter also provides the following additional procedures for group level configurations Deleting a Group on page 100 Changing Multiple Group Configurations on page 100 Modifying Multiple Devices on page 101 Using Global Groups for Group Configuration on page 104 AirWave Groups Overview Enterprise APs controllers routers and switches have hundreds of variable settings that must be configured precisely to achieve optimal performance and network security Configuring all settings on each device individually is time consuming and error prone AirWave addresses this challenge by automating the processes of device configuration and compliance auditing At the core of this approach is the concept of Device Groups with the following functions and benefits AirWave allows certain settings to be managed efficiently at Group level while others are managed at an individual device level AirWave defines a Group as a subset of the devices on the wireless LAN ranging in size from one device to hundreds of devices that share certain common configuration settings Groups may be defined based on geography su
377. io in the AP Clients The number of users associated to the corresponding radio at the time of the last polling Usage Kbps The amount of bandwidth being pushed through the corresponding radio interface or device at the time of the last polling Channel The channel of the corresponding radio Tx Power Some devices report transmit power reduction rather than transmit power no value is reported for those devices Antenna Type Indicates Internal or External radio For devices where antenna type Is defined per AP the same antenna type will be listed for each radio Channel Width The bandwidth of the channel used by 802 11 stations Legacy devices use 20 MHz channels and newer devices that support the 802 11n standard can use 40 MHz channels to increase throughput Mesh Links The total number of mesh links to the device including uplinks and downlinks Whether the radio acts as a Mesh Node or Access Active SSIDs The SSID s of the radio Devices with wired interfaces will display the Wired Interfaces table which is described in lable 75 Table 75 APs Devices gt Monitor gt Wired Interfaces Fields and Descriptions Field Description Name Displays the name of the interface MAC Address Displays the MAC address of the corresponding interface in the device Clients Displays the number of users associated to the corresponding interface at the time of the last polling Type Indicates the type of interface gig
378. ion aau Groups APs Devices Portal Reports System AMP Setup Overview Managed AMPs Managed Group Status Search Documentation License User Info Welcome to Master Console 12 4 Users Lasti week Bal Bandwidth Last 1 week Bal 17 14711 1 15 11 1 16 11 1 17 11 1 13 11 1 11 11 1 12 11 1 13 11 1 14 11 1 15 11 1 16 11 1 17 11 1 18 11 Show All Maximum Average Show All Maximum Average O v Number of Users 34 3818 users 30 083 users Z V Avg Bits Per Second In 13 3 Gbps 11 4 Gbps O V Avg Bits Per Second Out 13 3 Gbps 11 4 Gbps EZ 1 year QO NOW Ma l Monitoring Status Configuration Compliance Alert Summary at 1 18 2011 6 11 PM Type a Last 2 Hours Last Day Total Last Event AMP Alerts 20 309 3784 1 18 2011 6 08 PM Master Console Alerts O D D Go to Folder M View Latest Reports X View Latest Reports ll Rep D Mismatched 80 0 etwork Wide Device Summary D Up 98 2 EO Audit Disabled 18 7 etwork Wide Device Uptime E Down 1 8 B Good 0 7 etwork Wide IDS Events E Unknown 0 6 etwork Wide Inventory etwork Wide Memory and CPU Utilization 151 of 8601 devices are Down 6884 of 8601 devices are Mismatched etwork Wide Network Usage Managed AMPs Ecit 1 2 w of 6 Managed AMPs Pagel wof3 gt gt Choose Columns CS Export l AMP Name a Total Devices New Up Down Mismatched Roc See eae er R ersion Last Contacted Failover Status Status acceptance test e i uide Ues sesja
379. ion of AirWave This chapter includes the following topics AirWave A Unified Wireless Network Command Center on page 13 Integrating AirWave into the Network and Organizational Hierarchy on page 15 If you have any questions or comments please contact Dell support at support dell com AirWave A Unified Wireless Network Command Center Dell PowerConnect W AirWave is the only network management software that offers you a single intelligent console from which to monitor analyze and configure wireless networks in automatic fashion Whether your wireless network is simple or a large complex multi vendor installation AirWave manages it all AirWave supports hardware from leading wireless vendors including Dell PowerConnect W Series Aruba Networks Avaya Cisco Aironet and WLC Enterasys Juniper Networks LANCOM Systems Meru Nortel ProCurve by HP Proxim Symbol Trapeze Tropos and many others The components of the AirWave are detailed below AirWave Management Platform The AirWave Management Platform AMP is the centerpiece of Dell PowerConnect W AirWave offering the following functions and benefits Core network management functionality Network discovery Configuration of APs amp controllers Automated compliance audits Firmware distribution Monitoring of every device and user connected to the network Real time and historical trend reports Granular administrative access Role based for example Administrato
380. ion succeeded configuration is good Fri Jan 29 08 30 08 2010 System Status changed to OK Fri Jan 29 08 30 08 2010 System Up Audit Log Time User Event Mon Jan 25 17 23 47 2010 admin ap id 15365 monitor_only 0 gt 1 Mon Jan 25 13 04 35 2010 burton ap id 15365 monitor_only 1 gt 0 Monitoring pages vary according to whether they are wired routers switches or controllers WLAN switches or thin or fat APs whether the device is a Mesh device and whether Spectrum is enabled These differences are discussed in the sections that follow Monitoring Data Specific to Wireless Devices The APs Devices gt Monitor page for controllers and APs include a graph for users and bandwidth The controller graph lists the APs connected to it while the APs include a list of users it has connected When available lists of CDP and RF neighbors are also listed A sample monitoring page for wireless devices is shown in Figure 79 118 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Figure 79 APs Devices gt Monitor Page for Wireless Devices partial view of an AP Monitoring Spectrum AP105 d7 9b in group Srini in folder Top gt Srini Poll Controller Now This Device is in monitor only mode Device Info Status Up OK Configuration Mismatched The settings on the device do not match the desired configuration policy Controller Srini651 Aruba AP Group NoAuthApG
381. irWave 7 4 User Guide Performing Daily Administration in AirWave 205 Quick Links for Clients on Dell Devices In Clients gt Client Detail two drop down menus were added in AirWave 7 3 next to the Save button in the Device Info section Open controller web UI A drop down menu that allows you to jump to the controllers UI in a new window Thin APs link to Controller gt Access Points when not operating in mesh mode or Controller gt Mesh Nodes otherwise Controllers show several more pages in this menu Security Dashboard for instance if the controller is running AOS version 6 1 or greater Run a command A drop down menu with a list of CLI commands you can run directly from the APs Devices gt Monitor page Figure 145 Open controller web UI and Run a command Menus in Clients gt Client Detail Hide additional properties Save Open controller web UI Run a command Using the Deauthenticate Client Feature Some displays of the Clients gt Client Detail page include the Deauthenticate Client feature in the Current Association section Specifically those displays are for devices which support this operation namely Dell and Cisco WLC with firmware version v4 0 0 0 or later Select Deauthenticate Client to use this feature as shown in Figure 140 Figure 146 Deauthenticate Client button in Current Association section of Clients gt Client Detail Username gfesta Role employee AP Device 00 24 6c c8 63 7a
382. irWave database If the settings do not match the AP is flagged as mismatched and AirWave sends an alert via email log or SNMP NOTE Enabling this feature with a frequency of Daily or more frequently is recommended to ensure that your AP configurations comply with your established policies Automatically repair Disabled If enabled this setting automatically reconfigures the settings on the device when misconfigured the device is in Manage mode and AirWave detects a variance between actual devices device settings and the Group configuration policy in the AirWave database Send debugging Enabled If enabled AirWave automatically emails any system errors to AirWave Support to messages assist in debugging Nightly Maintenance Specifies the local time of day AirWave should perform daily maintenance During Time 00 00 23 59 maintenance AirWave cleans the database performs backups and completes a few other housekeeping tasks Such processes should not be performed during peak hours of demand Check for software Enables AirWave to check automatically for multiple update types Check daily for updates AirWave updates to include enhancements device template files important security updates and other important news This setting requires a direct internet connection via AirWave 2 Onthe AMP Setup gt General page locate the Automatic Authorization section These settings allow you to control the conditions by which devices
383. irWave support remains available to you for any phase of AirWave installation Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 45 Creating AirWave User Roles The AMP Setup gt Roles page defines the viewable devices the operations that can be performed on devices and general AirWave access VisualRF uses the same user roles as defined for AirWave users can see floor plans that contain an AP to which they have access in AirWave although only visible APs appear on the floor plan Users can also see any building that contains a visible floor plan and any campus that contains a visible building NOTE In VisualRF gt Setup gt Server Settings a new flag added in AirWave 7 2 allows you to restrict the visibility of empty floor K plans to the role of the user who created them In previous versions a floor plan without APs could be visible to all users By default this setting is set to No When a new role is added to AirWave VisualRF must be restarted for the new user to be enabled Refer to Chapter 10 Using VisualRF on page 257 for additional information User roles can be created that have access to folders within multiple branches of the overall hierarchy This feature assists non administrative users such as help desk or IT staff who support a subset of accounts or sites within a single AirWave deployment You can restrict user roles to multiple folders within the overall hierarchy even if they do not share th
384. ire ar anD 69 80 access points adding with CSV file oeenn 114 ACLs see groups ACS PINE COV AUIS osinac icslentsaustaytancsbunranscscansntannantecpantete 63 BOTY 1G I E E E I 63 Active BSS S seccsscteidvccovesvinasnminndecruvenrsacensueideatwun 128 Adaptive Radio Management nsss 124 adole ei EE 46 Air OT BOW onoriano a 68 Alert Summary table 00 0 eects 118 194 alerts VON O E ap paien 194 warning behavior setting eecsceceneeree 34 AMON data collection 42 ANTP AC ry ae 195 Antenna Diversity ane ners en eee ee 139 AP Interface Polling Period 0 0 eee 126 AP Device Manager role 46 APs enabling automatic discovery cceeee 111 ARM osansa ani 124 126 127 147 ARM Events table ririnui 127 Association History table n 206 audit configuring intervals 36 device configuration ssesseeeeseeeereeeereene 133 POIL Compan ciicsssicsoisrai 65 Audit RCAC Only scce a 47 Auto Detect Upstream Device setting 138 Dell PowerConnect W AirWave 7 4 User Guide Index Automatic Authorization 000eceeeeeee 36 79 109 Automatically monitor manage new devices 36 Da 0 E 224 restoring from a backup seeeeseeeeeeeeeen 224 running on demand 224 using Failovet saesnec 225 browsers supported sseseesesiesreeeeerersrrerrersesrnees 17 C CDP enabling for device discovery 0 0 111 Channel Busy Threshold 0 eceeceeseeeeeeeeeeee
385. irements 66 Physical Interfaces table cee eeeeeeeeeeeeeeeees 131 planned maintenance mode 00 135 137 Poll Now bDutton cccccccccccccccccccessseeesseeeeeeeeeneeeeneey 119 product overview configuring date and time ceeeeeeeeeeeees 18 ef MTA SCAN soosse ESEA 109 CXC CULING a SCAT onesie 110 TVA VAI E E T 22 protocols and ports ccceceeeeeceeeeeeeeeeeeeeeeeeeeeeeeeeees 21 Proxim ce we 00h CER ee 90 Proxi Ayay deines nnee aere ar 77 0 Quick Links 206 211 R Radio Enabled option ssssseeseeeeseeeeeeeeereseeesn 139 Radio Role field siuciessicciccctcass dorsctorvestivenielacisatestert 149 radio settings configuring for groups 87 iadio statisti Ch neo e 124 128 Radio ablesen 121 RADIUS ceceni ene REETA 80 authenticahoN anann en a 48 configuring authentication and authorization 50 nter a raven cies 51 RADIUS Authentication Issues 195 Radius ARM IDS Events retention 40 RAPIDS oaeeeeeeesrrrerssrrrrresrerrrrrrserrrnn 25 167 d NOC i E ees 181 SOE 10 E E E ee eee 39 306 Index 0h 6 8d 2 en ee 14 score oyerride cccecccccccsesseeceeesesssseueeseueesesssneeeas 180 SSAU D EE E E ancamsdouminances 169 viewing ignored rogues sseeeeseeeeeeeeeen 180 Recent Events table wu ccccccccceeccessessssesseeeeeeeeeeees 124 Replace Hardware button 0 c cecceceeeeeeeees 146 TOD OEUS kese 221 Capacity Planning seeen 232 OE a SOM A E E TA 250 Configuration Audit sssr 23
386. is intended to operate as a soft appliance Other applications should not run on the same installation Additionally local shell users can access data on AirWave so it is important to restrict access to the shell only to authorized users You can create sudo users in place of root for companies that don t allow root logins Supported Browsers Windows XP Vista Windows 7 Internet Explorer 7 8 9 Firefox 3 x Google Chrome 9 x stable Mac OS X 10 5 10 6 Safari 4 x and higher Firefox 3 x Google Chrome 9 x Dell PowerConnect W AirWave 7 4 User Guide Installing and Getting Started 17 Installing Linux CentOS 5 Phase 1 Perform the following steps to install the Linux CentOS 5 operating system The Linux installation is a prerequisite to installing AirWave on the network management system CAUTION This procedure erases the hard drive s on the server l Insert the AirWave installation CD ROM into the drive and boot the server 2 If this is a new installation of the AirWave software type install and press Enter To configure the partitions manually type expert and press Enter The following message appears on the screen Welcome to AirWave Installer Phase I To install a new AMP type install lt ENTER gt WARNING This will ERASE all data on your hard drive To install AirWave and manually configure hard drive settings type expert lt ENTER gt poort 3 Allow the installation process to continue
387. is trigger type indicates that the speed for an individual client has exceeded a predefined threshold The available condition for this trigger is Speed Mbps b Repeat this procedure for as many triggers and conditions as desired Refer to the start of Creating New Triggers on page 187 to create a new trigger 192 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Setting Triggers for RADIUS Authentication Issues Perform the following steps to configure RADIUS related triggers a Choose a trigger type from the RADIUS Authentication Issues list in the drop down Type menu Table 112 itemizes and describes the condition settings for each RADIUS Authentication trigger type Table 112 RADIUS Authentication Trigger Types and Condition Settings Description Client RADIUS This trigger type sets the threshold for the maximum number of failures before an alert is issued for a Authentication Issues user Select Add New Trigger Condition to specify the count characteristics that trigger an alert The Option Condition and Value fields allow you to define the numeric value of user issues Device RADIUS This trigger type sets the threshold for the maximum number of failures before an alert is issued for a Authentication Issues device The Option Condition and Value fields allow you to define the numeric value of user issues Total RADIUS This trigger sets the threshold for the maximum number of failures
388. isplay alert details AMP Alerts Displays details for all device alerts IDS Events Displays details of all Intrusion Detection System IDS events and attacks under the RAPIDS tab You must be enabled as a RAPIDS user to see this page RADIUS Authentication Issues Displays RADIUS related alerts for devices in the top viewable folder available to the AirWave user The detailed list displays the MAC address username AP radio controller RADIUS server and time of each event Alerts can be sorted by any column 2 The Alerts and Severe Alerts top header stats in the Status bar at the top of all AirWave pages illustrated in Figure 135 The Severe Alert Threshold can be configured on the Home gt User Info page Refer to Setting Severe Alert Warning Behavior on page 34 Figure 135 Alerts in the AirWave Status Bar highlighted lt 4 New Devices 210 Up 278 Down 139 Mismatched 117 Rogue 1945 Users 61 Mi Select the Alerts or the Severe Alerts counter or navigate to the System gt Alerts page Figure 136 illustrates this page Figure 136 System gt Alerts Page Illustration Trigger Type Trigger Summary Triggering Agent Time Severity O Wiser Bandwidth gt 100 kbps for 30 seconds 00 18 DE 09 69 09 efi2 2007 12 54 PM Warning a Device Up hp 530 1 ofl2f2007 12 32 PM Normal O Device Down hp 530 1 212 2007 12 27 PM Critical a New Rogue 4P Detected 5 for rogue score Unknown Lo 72 8F 26 212 2
389. isplay from the pop up menu shown in Figure 212 Figure 212 Show Location History 4 Hours A location history player illustrated in Figure 213 appears at the bottom of the QuickView window Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 275 Figure 213 Location History Player 10 03 2011 05 31 oh Network APACSETR BLDSG Figor 2 Checking Signal Strength to Client Location l Ona Floor Plan locate the Signal Cutoff menu 2 Select the desired signal level to display as shown in Figure 214 The heatmap updates immediately Figure 214 Signal Cutoff dBm Dropdown Menu Overlays Type Signal Cutoff Hestmap Utilization Voice Data Rate Sensor Coverage Wired Range Custom i 1 Viewing an AP s Wireless RF Environment To view an access point s RF environment from APs Devices gt Monitor page p pag l Select a device of interest from APs Devices gt List or any other AMP page that lists your APs The APs Devices gt Monitor page opens 2 Click on the QuickView thumbnail showing the location of the AP shown on the right side of Figure 215 Figure 215 QuickView Thumbnail in APs Devices gt Monitor page for an AP Home Helpdesk Groups W YJDAT W Users Reports System Device Setup AMP Setup RAPIDS _ VisualRF 400 k 12 40 13 40 14 40 12 40 13 40 14 40 Show All Maximum Average Show All Maximum Average O v Max Users Radio 1 2 users 1 user xY A
390. ive substring matches on message content Event Type syslog or trap Syslog Severity Emergency Alert Critical Bug Error Warning Notice or Info Syslog Category SNMP Trap Category Hardware IDS Client Security AP Security AP Status Software or Rogue Detection NOTE During the process of upgrading or installation for non Master Console Failover AMPs AMP creates two default trigger definitions for Device Events SNMP Trap Category of Hardware or Software Event Type is Syslog and Syslog Severity gt Critical 190 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Table 108 Device Trigger Types Continued Option Description Device Uplink This trigger deploys whenever a RAP s active uplink changes from Ethernet to USB or vice versa The Status corresponding events are captured in a RAP s APs Devices gt Monitor page b Repeat this procedure for as many triggers and conditions as desired Refer to the start of Creating New Triggers on page 187 to create a new trigger Setting Triggers for Interfaces and Radios To configure radio and interface related triggers choose a trigger type from the Interfaces Radios category listed in the Type drop down menu Table 109 itemizes and describes the radio trigger types and condition settings Table 109 Radio Related Trigger Types Radio Trigger Options Description Radio Down Indicates that a device s radio is down on the
391. ization Last 2 hours ll Memory Utilization Last 2 hours Ball hel a Pa Ree Fal ee al veld rega Lc rt LU art LL ic Show All Maximum Average Show All Maximum Average GB Network Processor CPUS Avg Load 0 0 Average Free Memory 61 4MB 60 7 MB Ei Network Processor CPU4 Avg Load o 0 B Average Used Memory 321 7 MB 318 2 MB GH Supervisor Card CPU Avg Load 13 6 4 7 v Max Used Memory 321 7 MB 318 2 MB Ga 1 year ago ee ie Table 76 APs Devices gt Monitor Graphical Data Graph Description Clients Formerly Users Shows the max and average client count reported by the device radios for a configurable period of time User count for controllers are the sum of the user count on the associated APs Checkboxes below the graph can be used to limit the data displayed Usage Formerly Bandwidth Shows the bandwidth in and out reported by the device for a configurable period of time Bandwidth for controllers is the sum of the associated APs Checkboxes below the graph can be used to limit the data displayed 122 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Table 76 APs Devices gt Monitor Graphical Data Continued Graph Description CPU Utilization Reports overall CPU utilization not on a per CPU basis of the device controllers only Memory Utilization Reports average used and free memory and average max memory for the device controllers onl
392. l In VisualRF gt Floor Plans click the Add Floorplan icon displays when viewing a Building or use the Add button above the floor plan list at the bottom of the page 2 Select Choose File to locate a floor plan image file from your hard drive 3 In VisualRF select Upload This opens the image file along with VisualRF planning tools on the left side Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 281 Figure 221 Floor Plan Imported into VisualRF Width ft Height ft Grid Cell Size ft eT Manually Measure Floor Used for sizing non CAD floorplans and overriding CAD sizing Image Manipulation Image e Color B amp w Floor Info Assign to building TD Bank TD Waterhouse Zi Floor Number 20 Floor Name Floor 20 Ceiling Height ft 10 Ceiling Attenuation dBm 10 Optional Info y CAD Layers 2 CAD Info y If the floor plan does not require cropping sizing or layer control then click Save and Close to begin provisioning APs or Save and New to upload a new floor plan If the floor plan does require cropping sizing or layer control then proceed to the next procedure Editing a Floor Plan Image There are many ways to edit a floor plan that you have uploaded as explained in the following topics Cropping the Floor Plan Image on page 282 Sizing a Non CAD Floor Plan on page 283 Removing Color from a Floor Plan Image on page 283 Assi
393. l Assignment Automatic Fixed Method Table 130 Daily Configuration Audit Report Field Description Displays the device name for every device on the network Selecting a given device name in this column allows you to display device specific configuration Displays the folder in which the device is configured in AirWave Selecting the folder name in this report displays the APs Devices gt List page for additional device folder and configuration options Displays the group with which any given device associates Selecting the group for a given device takes you to the Groups gt Monitor page for that specific group to display graphical group information modification options alerts and an audit log for the related group Dell PowerConnect W AirWave 7 4 User Guide This field displays configuration mismatch information When a device configuration does not match ideal configuration this field displays the ideal device settings compared to current settings Creating Running and Emailing Reports 235 Using the Device Summary Report The Device Summary Report identifies devices that are the most or least used devices and a comprehensive list of all devices One potential use of this report is to establish more equal bandwidth distribution across multiple devices This report contains the following five lists of devices Most Utilized by Maximum Number of Simultaneous Users By default this list displays the 10 devices that s
394. l devices appear In addition a new section appears in this page location to display various settings that can be configured for multiple devices at one time some operations cannot be performed on the selected devices Figure 63 illustrates this page Figure 63 Modify Multiple Devices Section Illustration 4 Modify Devices i 3 wof 19 APs Devices Page iwof6 gt gt Choose Columns CSV Export Device Status Configuration Type Version a Controller Group APs Use cisco catalyst 500 Down Good Cisco Catalyst Express 500 12 2 25 SEG6 infrastructure 0 amp Cisco 3750 Down amp Eror Cisco Catalyst 3750 24TS 12 2 35 SE5 infrastructure 0 Cisco 3750 2 Down amp Verifying Cisco Catalyst 3750 24TS 12 2 35 SE5 infrastructure 0 l 7 of 19 APs Devices Page lwof6 gt gt Select All Unselect All Change properties of selected devices AMP Group Folder Select Group and or Select Folder Move Aruba AP Group Aruba AP Group Move Management Level C Monitor Only Firmware Upgrades f Manage Read Write Management Mode Desired Radio Status C Enable Disable Enable Disable Cisco Thin AP Settings Update Perform actions Poll selected devices Pall Now Audit selected devices Audit Run report on selected devices Run Report Update the credentials AMP uses to communicate Undate with these devices Import settings from selected devices and ee discard current per device desir
395. l number LAN MAC radio MAC and apparent IP address of all the APs as well as the client MAC VPN user Client LAN IP and VPN IP fields Figure 152 illustrates this page Figure 152 Home gt Search Page Illustration with Sample Hits on 00 Search for managed devices and wireless users A single substring match is used To search by MAC address include colons e g 00 40 96 00 APs Devices Modify Devices 1 45 w of 45 APs Devices Page 1 wof 1 Device a oF Airespace 4012 2 airespace 4400 1 f 1 50 w of 325 Users Page iwof7 gt Username Rol GuestLogon logon GuestLogon No Folders found No Groups found Rogues 00 0b 86 66 03 4e 00 0b 86 c1 20 52 amp 1250 91 14 1a amp 1250 91 14 42 x x e logon sers U Down 0 Up 0 Up 0 Up 0 Up 0 Up 0 MAC Address a 00 00 48 39 96 08 00 04 23 4C C1 33 BW kbps Uptime 12 days 54 days 12 days oooo coe AP Device 00 0b 86 c1 a0 52 AP2 00 05 4E 4B 14 2E 00 05 4E 4D 9D 6A 00 05 4E 4F 86 B1 00 06 25 2C A5 AD 00 09 EF 05 1E B2 00 09 EF 05 20 CF 00 0A B8 7F 0B 01 00 0A B8 7F 0B 11 00 0A B8 7F 0B 1E 00 0C F1 38 0F A6 00 0E 38 49 08 31 00 0E 38 49 08 3E 00 0E 9B CC CE F3 00 0E 9B D7 35 BA 00 0b 86 c1 a0 52 16 hrs 59 mins 8 days 19 hrs 3 mins 20 hrs 18 mins 22 hrs 46 mins 21 hrs 28 mins SSID alpaca alpaca ws5100_102 guest 00 0b 86 c1 a0 52 ap Not set RADIOL ap Not set ap 0
396. le on page 221 for additional information Configuring and Mapping Port Usage for AirWave The following diagram itemizes the communication protocols and ports necessary for AirWave to communicate with wireless LAN infrastructure devices including access points APs controllers routers switches and RADIUS servers Assign or adjust port usage on the network administration system as required to support these components Table 4 AirWave Protocol and Port Chart Port Type Protocol Description Direction Device Type 3 l l l l l Dell PowerConnect W AirWave 7 4 User Guide Installing and Getting Started 21 4 OQ 0 Firmware distribution SH U Configure devices N 4 OQ 5 SSH Configure AirWave from CLI NO N TCP VTUN Support connection optional SCP N N 4 OQ U Transfer configuration files or FW NO oo Sg TCP Telnet Configure devices TCP VTUN Support connection Optional TCP SMTP Support email optional UDP TACACS AirWave Administrative Authentication DNS o1 oo DNS lookup from AirWave TFTP Transfer configuration files or FW HTTP Configure devices VTUN Support connection optional SNMP Get and Set operations SNMP o N Traps from devices a PO I OO OO es aI cic oO uo ojog u oo oo VI V v vw SNMP O Traps from AirWave TCP HTTPS P EN oo Web management 443 TCP TTPS WLSE polling 443 TCP TUN Su
397. le password on the AP enter the new enable password AirWave should use here AirWave updates the credentials it is using to communicate to the device after the device has been managed SNMPv3 Username If the template is updating the SNMP v3 Username password on the AP enter the new SNMP Username password here AirWave updates the credentials it is using to communicate to the device after the device has been managed Auth Password If the template is updating the SNMP v3 Auth password on the AP enter the new SNMP Username password here AirWave updates the credentials it is using to communicate to the device after the device has been managed If the template is updating the SNMP v3 Privacy password on the AP enter the new SNMP Username password here AirWave updates the credentials it is using to communicate to the device after the device has been managed Specifies the SNMPv3 Auth protocol either MD5 or SHA 1 Specifies the SNMPv3 Privacy protocol either DES or AES Configuring General Template Files and Variables This section describes the most general aspects of configuring AP device templates and the most common Privacy Password SNMPv3 Auth Protocol SNMPv3 Privacy Protocol variables Configuring General Templates Dell PowerConnect W AirWave 7 4 User Guide Creating and Using Templates 155 Using Template Syntax Using Directives to Eliminate Reporting of Configuration Mismatches Using Conditional
398. lect Save at the top of the columns list Figure 1 Common List Settings Choose Columns Illustration 20 records per page of SUsers Page iwofi Choose Columns Username Role MAC Address AP Save Cancel tion O02 2 FA BAIBY 62 Ciscr OO 24 2C 05 6B8 C3 Cisce Username T OO 1LC BS 0544 1E Roar Role t 00 23 12 DF 08 F5 Ciscec 00 22 41 00 40 39 ag 2 M MAC Address I i SwofSUsers Page iwof1 AP Device T These settings are user specific To reset them select Reset List Preferences on Home gt User Info Buttons and Icons Standard buttons and icons are used throughout AirWave as follows Table 7 Standard Buttons and Icons of the AirWave User Page Function Image Description Acknowledge SS Acknowledges and clears an AirWave alert Add fF Adds the object to both AirWave s database and the onscreen display list Add Folder ao Adds a new folder to hierarchically organize APs a pO O O Apply a Applies all saved configuration changes to devices on the WLAN Audit Reads device configuration compare to desired and update status Chooses a new Helpdesk incident to be the Current Incident Cents ja Indicates WLAN users Select this number to see a list of connected clients Create fe Creates a new Helpdesk incident Customize f Ignores selected settings when calculating the configuration status delete O g Deletes an object from AirWave s database Dom O a Indicates Down devices and radios Drag and Drop 4 D
399. lect the APs to optimize and AirWave minimizes the channel interference while giving channel priority to the most heavily used APs Table 70 describes these actions and controls Table 70 Modify Multiple Devices Section Fields and Default Values Action Description AirWave Group Folder Move the selected devices to a new group or folder If the AP is in managed mode when it is moved to a new group it will be reconfigured Dell PowerConnect W AP Moves the selected APs to a new group or folder If the AP is in managed mode when it is moved Group to a new group it will be reconfigured Management Level Move the selected devices into Monitor Only or Manage Read Write Mode Planned Maintenance Mode Puts the selected devices into Planned Maintenance During the maintenance mode no AP Down triggers will be deployed on these devices Users will not be able to delete folders that contain devices in Planned Maintenance The devices in Planned Maintenance will show the Up status but will not be tracked in historical graphs and logs as Up Desired Radio Status Enables or disables the radios on the selected device Does not apply Cisco IOS APs Update Cisco Thin AP Bulk configuration for per thin AP settings previously configured on the Group LWAPP AP tab Settings can be performed from Modify Devices on the APs Devices List page Make changes to LWAPP AP groups including the option that was under Modify Devices Poll now Polls s
400. licies Pico Cell Pico Cell Rogue Policies Client Roaming Client Roaming yo end Client Exclusion Policies EDCA Parameters EDCA Parameters Web Auth DFS 802 11h High Throughput Web Login Page High Throughput 802 11n 802 11n Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 91 Configuring WLANs for Cisco WLC Devices In Cisco WLC Config WLANs are based on SSIDs or VLANs that are dedicated to Cisco WLC controllers Perform the following steps to define and configure WLANs for Cisco WLC controllers l Go to the Groups gt Cisco WLC Config page and select WLANs in the navigation pane at left This page displays the SSIDs or VLANs that are available for use with Cisco WLC devices and enables you to define new SSIDs or VLANs Figure 47 illustrates this page 2 To change the ID position of a WLAN on the controller by dragging and dropping set the toggle to yes Note that the by setting this flag to yes AMP will display a mismatch if the WLANs in the desired and device contig differ only on the order Figure 47 Groups gt Cisco WLC Config gt WLANS page illustration HWILANS L Group Access Points 9900 8021x ELAdvanced Controller Enforce WLAN Order on Controllers Yes No HWirel es Fobias Add New SSID VLAN Security oo l i w of 155IDs VLANs Page iwofi Choose Columns CSV Export Commands fr sw 5500 8021x 10 22 42 11 WLAN Yes l 1 of 1S5SIDs VLANs Page 1of1
401. lization Grid non vector overlay Vector provides a more smooth overlay with mouse over capabilities Grid Lines Toggle grid lines on or off Distance between grid lines Color of grid lines 266 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Navigation select from the Configure Preferences drop down menu campus and buildings of APs Up for the last 24 hours for normal green and excessive red Icon Size for campus building and floor K NOTE These preferences are stored in the database so they will be retained across browsers and machines NOTE The remaining sections in this chapter apply to networks campuses buildings and floor plans that have already been set K up in VisualRF If you do not yet have any of this information in VisualRF for your network refer to Planning and Provisioning on page 279 Increasing Location Accuracy The Location Service will use all RF information available to increase location accuracy of clients tags and rogue devices Understanding your infrastructure s inherent capabilities helps you learn the extra effort required to ensure location accuracy There are three key elements read from controllers or access points that increase location accuracy signal strength of a client as heard by the AP of association signal strength of a client as heard by APs other than the AP of association and signal strength at which an AP hears other APs These factors are detailed f
402. ll Maximum Average C w Awg In Radio 1 0 bps 0 bps 0 bpa O bps 0 bpa O bps No users associated to this device Mesh Links J mE P E Mesh Point 35 25 OO0 24 60 C8 35 46 5 19 201111 52 AM 4days 6hrs 54 mins Downlink These fields are described in detail in Viewing Device Monitoring Statistics on page 117 Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 129 130 Discovering Adding and Managing Devices Monitoring Data for Wired Devices Routers and Switches The monitoring page for routers and switches includes basic device information at the top a bandwidth graph depicting the sum of all the physical interfaces and beneath that CPU Memory usage graphs as shown in Figure 90 Figure 90 APs Devices gt Monitor Page for a Switch Monitoring ArubaS2540 in group aruba gui no wme in folder Top gt aruba gt corvina Poll Now This Device is in monitor onhy with firmware upgrades mode Status Up OK Firmwares 70 0 0 Upstream Devine S Upstream Port Type Aruba S3500 74P Last Contacted 5 24 2011 10 35 AM Uptime 21 days 18 hrs 59 mins LAN MAC Address O0 08 86 64 62 00 Serial ALDODD1E0 Location AW Server Room Contact Stewe IP Address 10 51 3 55 Total Users 2 Bandwidth Notes PS 1 10 M o 16 M 12 50 15
403. ll as if all criteria match Some trigger types share common settings such as Duration which can be expressed in hours minutes seconds or a combination of these and Severity from Normal to Critical After you select Save the trigger appears on your next viewing of the System gt Triggers page with all other active triggers You can edit or delete any trigger as desired from the System gt Triggers page To edit an existing trigger select the pencil icon next to the respective trigger and edit settings in the Trigger Detail page described in lable 108 To delete a trigger check the box next to the trigger to remove and select Delete Repeat this procedure for as many triggers and conditions as desired Complete the creation of your trigger type using one of the following procedures for each trigger Setting Triggers for Devices on page 190 Setting Triggers for Interfaces and Radios on page 191 Setting Triggers for Discovery on page 191 Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 189 Setting Triggers for Clients on page 192 Setting Triggers for RADIUS Authentication Issues on page 193 Setting Triggers for IDS Events on page 193 Setting Triggers for AirWave Health on page 194 Setting Triggers for Devices Perform the following steps to configure device related triggers a Choose a device type from the Devices listed in the Typ
404. llow AirWave to pull the necessary XML APIs Sets the method by which AirWave uses WLSE to poll for discovery of new APs and or new rogue devices on the network Displays the last time AirWave was able to contact the WLSE server Determines how frequently AirWave polls WLSE to gather rogue scanning data 2 After you have completed all fields select Save AirWave is now configured to gather rogue information from WLSE rogue scans As a result of this configuration any rogues found by WLSE appear on the RAPIDS gt List page 62 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide What Next Go to additional tabs in the AMP Setup section to continue additional setup configurations Complete the required configurations in this chapter before proceeding AirWave support remains available to you for any phase of AirWave installation Configuring ACS Servers This is an optional configuration The AMP Setup gt ACS page allows AirWave to poll one or more Cisco ACS servers for wireless username information When you specify an ACS server AirWave gathers information about your wireless users Perform these steps to configure ACS servers l Go to the AMP Setup gt ACS page This page displays current ACS setup as illustrated in Figure 32 Figure 32 AMP Setup gt ACS Page Illustration New ACS Server Enter one or more Cisco ACS servers to be polled for wireless username information l iwof1ACS Servers Page iwofl
405. lly client historical data To restore the Watched AMP run the backup script from the command line and copy the current data file and the old Watched AMP configuration file to the Watched AMP Then run the restore script More information about backups and restores can be found in Backing Up AirWave on page 224 Table 126 Home gt Watched Page Fields and Default Values Setting Default Description ree i stevens The Failover AirWave needs HTTPS access to the watched AMPs Users Aone _ AUsenene ime ona Peco Rowe Tne pasemone or ne vseeno wih maregoner roms soesoa aooe HTTP Timeout The amount of time before AirWave considers a polling attempt failed 5 1000 Sec Polling Enabled Enables or disables polling of the Watched AirWave NOTE You do not need to disable polling of the watched AirWave system if itis setto be down during nightly maintenance or is being upgraded Polling Period The amount of time between polls of the Watched AirWave Missed Poll The number of polls that can be missed before the failover AirWave will begin actively Threshold monitoring the Watched AirWave APs Logging out of AirWave To log out of AirWave select the Logout link on the upper right hand corner of every AirWave page You will be logged off automatically based on the number of minutes set in the Idle Timeout setting of Home gt User Info Refer to Configuring Login Message TACACS and RADIUS Authentication on page 48 226
406. lt for security reasons no AirWave or Master Console login is required to view the public portal The Public Portal can be enabled in AMP Setup gt General in the Master Console section Once enabled a new Portal tab will appear to the right of the Groups tab refer to Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 221 the navigation section in Figure 155 in the previous page The URL of the public portal will be https your AMP name public When you upgrade to the latest version of AirWave the public portal is disabled by default regardless of the type of license Figure 159 Public Portal Page Illustration acceptance test enterprise test 32 bit scalability El 4 Joule aG ee Dene H O airespace a aruba arm Sg guest user H 0 thin aps J wms H O cor p 3 hp ios 3 meru H O Routers and switches H O symbol SJ trapeze Ls mms200 test H 3 shake corp 8 Supermicro 64 bit scalability R E This page s URL is https gau arm Joule gt aruba Category Current 24hr Max BW Out Obps Obps BW In Obps Obps Users Q 0 Up APs 1 1 Down APs 0 O e com public 2_3 Last Contacted 1 18 2011 6 19 PM 1 0 0 8 0 6 0 4 0 2 0 04 Avg Bits Max Bits Avg Bits Max Bit 1 0 0 8 0 6 0 4 02 0 0 18 00 s Pe econ s QO bps 18 20 Average O bps QO bps O bps 16 40 17 00 17 20 18 00 O Number o
407. ly appears for IOS APs Symbol and Dell PowerConnect W Series controllers in groups with Dell PowerConnect W GUI Config disabled Table 85 describes field settings default values and additional information for this page Table 85 APs Devices gt Manage gt Template Options Fields and Default Values Setting Default Device Type Description WDS Role Client Cisco IOS Set the WDS role for this AP Select Master for the WDS master APs and Wireless LAN Client for the WDS Client Once this is done you can use the if Controllers only wds_role to push the client master or backup lines to appropriate WDS APs Cisco IOS AirWave will read the SSL Certificate off of the AP when it comes UP in AirWave The information in this field will defines what will be used in place of certificate Extra Device Cisco IOS Defines the lines that will replace the ap_include_1 variable in the Commands IOS template This field allows for unique commands to be run on individual APs If you have any settings that are unique per AP like a MOTD you can set them here SSL Certificate switch_command Cisco Catalyst Defines lines included for each of the members in the stack This field switches appears only on the master s Manage page The information in this field will determine what is used in place of the switch_command variable 6 For Cisco WLC devices go to the interfaces section of the APs Devices gt Manage page Select Add new Interface to add a
408. ly to Cisco LWAPP devices 2 0 The three values in each of the pull down menus are as follows Optional Required The AP transmits only unicast packets at the specified data rate 55 multicast packets are sent at a higher data rate set to optional Corresponds to a 11 0 setting of yes on Cisco devices Optional The AP transmits both unicast and multicast at the specified data rate Corresponds to a setting of basic on Cisco devices Not Used tThe AP does not transmit data at the specified data rate Corresponds to a setting of no on Cisco devices Frag Threshold Enabled If enabled this setting enables packets to be sent as several pieces instead of as one block In most cases leave this option disabled Threshold Value If Fragmentation Threshold is enabled this specifies the size in bytes at which packets are fragmented A lower Fragmentation Threshold setting might be required if there is a great deal of radio interference RTS CTS Threshold If enabled this setting configures the AP to issue a RTS Request to Send before Enabled sending a packet In most cases leave this option disabled RTS CTS Threshold Value 2338 If RTS CTS is enabled this specifies the size of the packet in bytes at which the AP sends the RTS before sending the packet RTS CTS Maximum If RTS CTS is enabled this specifies the maximum number of times the AP issues an Retries RTS before stopping the attempt to send the packet through the radio Accep
409. ly to the specified version of firmware If the template should only apply to a specific version of firmware select Yes and enter the firmware version in the Template Firmware Version text field 9 Select Save and Apply to push the configuration to all of the devices in the group If the devices are in monitor only mode which is recommended while you are crafting changes to a template or creating a new 156 Creating and Using Templates Dell PowerConnect W AirWave 7 4 User Guide one then AirWave will audit the devices and compare their current configuration to the one defined in the template K NOTE If you set the reboot flag to No then some changes could result in configuration mismatches until the AP is rebooted For example changing the SSID on Cisco IOS APs requires the AP to be rebooted Two other settings that require the AP to be rebooted for configuration change are Logging and NTP A configuration mismatch results if the AP is not rebooted If logging and NTP service are not required according to the Group configuration but are enabled on the AP you would see a configuration file mismatch as follows if the AP is not rebooted IOS Configuration File Template no logging queue limit Device Configuration File on APs Devices gt Audit Configuration Page line con 0 line vty 5 15 actual logging 10 51 2 1 actual logging 10 51 2 5 actual logging facility Locals actual logging queue limit 100 actual logging trap deb
410. main on the same page but will have the option to make changes to the most commonly edited settings in batch mode as shown in Figure 105 Figure 105 Multiple Interface Editing Page Illustration Interface Name Type Interface Type Description Interface Labels Shutdown IP Address O VvV650 Vlan50 propVirtual Catalyst VLAN vI50 O Yes No O vi5i Vlan5i propVirtual Catalyst VLAN Vi5i Yes No 10 51 0 26 Oo v59 Vlan59 propVirtual Catalyst VLAN vI59 Yes No Oo vi50 Vlan50 propVirtual Catalyst VLAN i vian50 vI50 O Yes No vit Vlani propVirtual Catalyst VLAN vlan1 vii O Yes No O vi59 Vlan59 propVirtual Catalyst VLAN vVlan59 vI59 O Yes No Nu0 Nulo other Nullo Nu0 O Yes O No O v5i Vlan5i propVirtual Catalyst VLAN vlan51 vi51 O Yes No vii Vlani propVirtual Catalyst VLAN vii Yes No 1 9 of 9 Interfaces Page i w of 1 Select All Unselect All AirWave assembles the entire running configuration using templates and your modifications to these pages Fora more detailed discussion on templates see Chapter 6 Creating and Using Templates on page 151 Individual Device Support and Firmware Upgrades Perform the following steps to configure AP communication settings for individual Dell PowerConnect W Series device types l Locate the Device Communication area on the APs Devices gt Manage page 2 Speci
411. make any changes to floor plans Read Write The user may edit individual floor plans buildings and campuses Configuring AMP 47 Table 22 AMP Setup gt Roles gt Add Edit Roles Fields and Default Values Continued Setting Default Description Dell Controller Role Enables or disables Single Sign On for the role If enabled allows the role to directly access Dell PowerConnect W Series controller Uls from the Quick Links or IP Address hypertext throughout AMP without having to enter credentials for the controller Display client diagnostics screens by default Enable Adobe Enables the Adobe Flash application for all users who are assigned this role Adobe Flash Sets the role to support helpdesk users with parameters that are specific to the needs of helpdesk personnel supporting users on a wireless network Flash supports interactive graphics on the Home gt Overview page VisualRF QuickView functions the Radio Statistics page for thin AP radios and additional AirWave pages NOTE This field is only visible if a specific flag is set in the AirWave database By default this option is hidden and Flash is enabled for all users Allow creation of Guest Users If this option is enabled users with an assigned role of Monitoring or Audit can be given access to guest user account creation along with the option to allow a sponsor to change its username A custom message can also be included The Guest User Preferences section
412. mation from a drop down menu for Cisco and Dell PowerConnect W devices and AirWave automatically finds and adds specific make and model information into its database Perform these steps to manually add devices to AirWave 1 The first step to add a device manually is to select the vendor and model Browse to the Device Setup gt Add page and select the vendor and model of the device to add Figure 71 illustrates this page 112 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Figure 71 Device Setup gt Add Page Illustration Select the type of device to add 3Com 8750 v Add Import Devices via CSV 3Com 8750 A 3Com WX100 3Com WX1200 3Com WX2200 3Com WX4400 2 Select Add and the Device Communications and Location sections appear illustrated in Figure 72 Figure 72 Device Setup gt Add gt Device Communications and Location Sections Name Leave name blank to read it from device IP Address SNMP Port 161 Community String sass O O Confirm Community String eeeccccece SNMPv3 Username Auth Password Confirm Auth Password SNMPv3 Auth Protocol MDS w Privacy Password Confirm Privacy Password SNMPv3 Privacy Protocol DES v Telnet SSH Username Telnet SSH Password Confirm Telnet SSH Password enable Password Confirm enable Password Location Group San Francisco SSID v Folder Top Monitor Only no changes will be made to
413. mber of the AP specific settings AirWave initially read off of the AP including devices and discard current channel power antenna settings and SSL certifications Use this setting if APs have been pre device desired settings updated outside of AirWave Most settings on the APs Devices Manage configuration page are set to the values currently read off of the devices Reboot selected devices Reboots the selected devices Use caution when rebooting devices because this can disrupt wireless users Reprovision selected Dell Configures the controller to send provisioning parameters such as radio antenna and IP devices address settings to the selected APs Please note that APs will be rebooted as part of reprovisioning Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 103 Table 70 Modify Multiple Devices Section Fields and Default Values Continued Action Description Upgrade firmware for Upgrades firmware for the selected devices Refer to the firmware upgrade help under APs selected devices Devices gt Manage configuration page for detailed help on Firmware job options Cancel firmware upgrade for Cancels any firmware upgrades that are scheduled or in progress for the selected APs selected devices Rename devices Rename all the selected devices in bulk Note that you can also rename the devices one ata time using the editable Name fields in each row Delete selected devices from
414. mediately without creating a new report definition or saving the report settings Select Add only to complete the report creation to be run at the time scheduled Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 253 Select Cancel to exit from the Add page Table 136 describes the configurable settings for the custom report to be created Select any of the report names to view additional information on that report type Table 136 Report Types and Scheduling Options Supported for Custom Reports Canby Run by Can be Run by Time Period Group Folder Description Report Type Summarizes devices based on which have exceeded a defined percentage of their maximum bandwidth capacity Pulls data for AP radios or interfaces of universal devices ifSpeed value Using Custom Reports Yes 7 N Using the Capacity Yes Yes Tracks bandwidth capacity and consumption according to Planning Report thresholds for data throughput This is a device oriented report Using the Yes Provides a snapshot of the configuration of all specified Configuration Audit Report Using the Device Yes Yes Summarizes user and bandwidth statistics and lists devices in Summary Report AirWave Using the Device Yes Yes Summarizes device uptime within defined groups or folders m access points in AirWave at report run time Uptime Report Using the IDS Events Y Yes Summarizes IDS events can be li
415. mited to a summary of a Report certain number of events Yes Provides an audit of vendors models and firmware versions of devices in AirWave Using the Inventory Report Yes Yes Summarizes usage for controllers for defined top number of devices can be run with or without per CPU details and details about device memory usage Using the Memory and CPU Utilization Report Summarizes bandwidth data and number of users Shows new rogue devices by score discovering AP and MAC address vendor Using the New Users Yes Provides a summary list of new users including username Report role MAC address discovering AP and association time lt D n Using the Network Yes Usage Report Yes Using the New Rogue Devices Report Using the PCI Yes Yes Provides a summary of network compliance with PCI Compliance Report requirements according to the PCI requirements enabled in AirWave using the AMP Setup gt PCI Compliance page Using the Port Usage Yes Yes Summarizes switch and port information across the network Report Generates information on the unused ports Provides a detailed list of all available switches and ports in the network Using the RADIUS Yes Yes Summarizes RADIUS authentication issues by controller and Authentication Issues by user as well as a list of all issues Report Using the RF Health Yes Yes Tracks problematic radios changes errors and interfering Report devices Using the RF Health Yes Identifi
416. mmon manufacturer defaults 4 1 1 Use strong encryption in wireless networks Yes A device fails if the desired or actual configuration reflect that WEP is enabled or if associated users can connect with WEP w 11 4 Use intrusion detection systems and or intrusion prevention systems to monitor all traffic Yes A report will indicate a pass for the requirement if OV3600 is monitoring devices capable of reporting IDS events Recent IDS events will be summarized in the report 2 Toenable disable or edit any category of PCI Compliance monitoring in AirWave select the pencil icon next to the category The Default Credential Compliance page displays tor the respective PCI standard 3 Create changes as required Specific credentials can be cited in the Forbidden Credentials section of any Edit page to enforce PCI requirements in AirWave Figure 35 shows one example Figure 35 Default Credential Compliance for PCI Requirements E GARE Enabled Yes No Forbidden Credentials Enter one credential per line 4 Select Save To view and monitor PCI auditing on the network use generated or daily reports See Chapter 9 Creating Running and Emailing Reports In addition you can view the real time PCI auditing of any given device online Perform these steps a Goto the APs Devices gt List page select a specific device and the Monitor page for that device displays The Monitor page displays a PCI Compliance subtab i
417. mmunicate to the controller 2 NOTE DST Start Month Start Day End Month End Day and DST Offset are only visible if Daylight Saving Time is enabled in the NTP section of the Groups gt Basic configuration page Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 77 14 To configure Symbol Motorola settings locate the Symbol section and adjust these settings as required l able 50 describes the settings and default values of this section Table 50 Symbol Fields and Default Values Setting Default Description SNMP Version Specifies the version of SNMP used by AirWave to communicate to the device Client Inactivity Sets the minutes of inactivity after which a client associated to a Symbol AP will be Timeout 3 600 min considered inactive A lower value typically provides a more accurate representation of current WLAN usage NOTE For other APs AirWave has more precise methods to determine when inactive clients are no longer associated to an AP Symbol Controller Telnet The connection type to support the command line interface CLI connection The options are CLI Communication Telnet and secure shell SSH This is supported for WS5100 RFS4000 RFS6000 and RFS7000 devices only Web Config Yes Enables or disables the http https configuration page for the Symbol 4131 devices Interface 15 To configure settings specific to Dell PowerConnect W AirWave locate the Dell PowerConne
418. n Preauthentication ACL P Override Global Config ves No Web Authentication Type Extenal External Web Authentication URL ciscofauthh y RADIUS Authentication Server 1 Select RADIUS Authentication Server 2 Seet RADIUS Authentication Server 3 Seet Enable AAA Accounting Servers ves No RADIUS Accounting Server 1 Select RADIUS Accounting Server 2 Seet RADIUS Accounting Server 3 Select amp Figure 50 Groups gt Cisco WLC Config gt WLANs gt Add New SSID VLAN gt QoS Tab Illustration Quality of Service Platinum voice bal WMM Policy Allowed _ Add Cancel Figure 51 Groups gt Cisco WLC Config gt WLANs gt Add New SSID VLAN gt Advanced Tab Illustration General security ges Advanced Alow AAA Override C Yes No Coverage Hole Detection ves No Session Timeout 0 86400 lo Enable IPv6 C yes No P2P Blocking Action Disabled H Client Exclusion e oa eee C Yes No DHCP Server O O Require DHCP C yes No Aironet IE Support f Yes C No MFP Signature Generation C yes No H REAP Local Switching C Yes No Mobility Anchor 1 Select x Mobility Anchor 2 Select x Mobility Anchor 3 Select 7 Mobility Anchor 4 Select 7 DTIM Period 802 11a n 1 255 beacon periods 1 DTIM Period 802 11bg n 1 255 beacon periods 1 Client Load Balancing C Yes f No mtn Se of All Yes No Dell PowerConnect W AirWave 7 4 U
419. n see The discovery events displayed are from APs that you can see on the network There may be additional discovery events that remain hidden to certain user roles Each rogue device frequently has multiple discovery methods all of which are listed As you work through the rogue devices use the Name and Notes fields to identify the AP and document its location Dell PowerConnect W AirWave 7 4 User Guide Using RAPIDS and Rogue Classification 179 You can use the global filtering options on the RAPIDS gt Setup page to filter rogue devices according to signal strength ad hoc status and discovered by remote APs VisualRF uses the heard signal information to calculate the physical location of the device If the device is seen on the wire RAPIDS reports the switch and port for easy isolation If you find that the rogue belongs to a neighboring business for example you can override the classification to a neighbor and acknowledge the device Otherwise it is strongly recommended that you extract the device from your building and delete the rogue device from your system If you delete a rogue you will be notified the next time it is discovered Most columns in the Discovery Events list table on this page can be filtered using the funnel icon F To update a rogue device l Select the Identify OS for Suspected Rogues option if an IP address is available to obtain operating system information using an nmap scan Note that if you are
420. n from the device name in AirWave Click the linked device name to be redirected to the APs Devices gt Monitor page for that AP 178 Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7 4 User Guide Overview of the RAPIDS gt Detail Page Select a device Name in the RAPIDS gt List page to view the Detail page Figure 124 Figure 124 RAPIDS gt Detail Page Illustration Name 702050 Model First Discovered 10 10 2011 3 37 PM Acknowledge C Yes No IP Address First Discovery Method Wireless AP scan Controller Classification Suspected Rogue Confidence 20 SSID ga_hyb First Discovery Agent Spectrum AP105 d7 9b RAPIDS Classification Suspected Rogue Channel 6 Last Discovered 10 20 2011 1 16 PM Classification Rule Signal strength gt 75 dBm WEP No Last Discovery Method Wireless AP scan RAPIDS Classification Override No Override WPA No Last Discovery Agent Spectrum AP93 06 bd Threat Level 5 Network Type AP Threat Level Override 1 z Radio MAC Address 00 0B 86 7D 2C 50 Radio Vendor Netron LAN MAC Address Current Associations 2 LAN Vendor Max Associations 5 OUI Score Operating System OS Detail Last Scan Notes ate rarer a Refresh this page for updated results Enlarge Last Placed 10 20 2011 12 26 PM Current Rogue Client Associations 1 2 of 2 Rogue Client Assodations Page 1 wofi1 Choose columns Username a First Heard La SSID Location 10 17
421. n gray text For a description of the information supported on this page refer to Monitoring WLAN Users in the Clients gt Connected and Clients gt All Pages on page 197 Clients gt Guest Users Displays all guest users in AirWave and allows you to create edit or delete guest users See Supporting Guest WLAN Users With the Clients gt Guest Users Page on page 199 Clients gt Client Detail Displays client device information alerts signal quality bandwidth and association history This page appears when you select a user s MAC address link from these list tables Clients gt Connected Clients gt All Home gt Search page results that display the user MAC address See Evaluating User Status with the Clients gt Client Detail Page on page 203 Clients gt Diagnostics Displays possible client device issues diagnostic summary data user counts AP information 802 11 counters summary and additional information This page appears when you select a users MAC address from one of the following pages Clients gt Connected Clients gt All Home gt Search page results or Search field results that display the user MAC address See Evaluating Client Status with the Clients gt Diagnostics Page on page 207 Clients gt Tags Displays a list of wireless tags such as Aeroscout PanGo and Newbury that are heard by thin APs and reported back to a controller that is monitored by AirWave Supporti
422. n the actual configuration on the AP does not match the defined Group Mismatch configuration policy To set the conditions for this trigger type select Add in the Conditions section Device Client Activates when a device reaches a user count threshold for more than a specified period such as more Count than 10 users associated for more than 60 seconds AP Usage Activates when the total bandwidth through the device has exceeded a predefined threshold for more than a specified period such as more than 1500kbps for more than 120 seconds You can also select bandwidth direction and page radio Selecting this type displays the following new fields in the Type section Define these settings Alert if Device Bandwidth gt kbps This threshold establishes a device specific bandwidth policy not a bandwidth policy on the network as a whole Bandwidth Direction Choose In Out or Combined This bandwidth is monitored on the device itself not on the network as a whole Device Resources This type of trigger indicates that the CPU or memory utilization for a device including router or switch has exceeded a defined percentage for a specified period of time Device Event This trigger is used for alerting based on SNMP traps and syslog messages which are displayed in System gt Syslogs amp Traps APs Devices gt Monitor for affected devices and in Clients gt Client Detail The conditions Supported are Event Contents case insensit
423. n the menu bar b Select PCI Compliance to view complete PCI compliance auditing for that specific device What Next Go to other tabs in the AMP Setup section to continue additional setup configurations Complete the required configurations in this chapter before proceeding AirWave support remains available to you in any phase of AirWave installation Deploying WMS Offload Overview of WMS Offload in AirWave This section describes the Dell PowerConnect W Wireless LAN Management Server WMS offload infrastructure WMS Offload is supported with the following two requirements Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 67 ArubaOS Version 2 5 4 or later AirWave Version 6 0 or later The Dell PowerConnect W WMS feature is an enterprise level hardware device and server architecture with managing software for security and network policy There are three primary components of the WMS deployment Air Monitor AP devices establish and monitor RF activity on the network The WMS server manages devices and network activity to include rogue AP detection and enforcement of network policy The AirWave graphical user interface GUI allows users to access and use the WMS functionality WMS Offload is the ability to place the burden of the WMS server data and GUI functions on AirWave WMS master controllers provide this data so that AirWave can support rigorous network monitoring capabilities General Configuration Tasks
424. nal configurations in this chapter are complete continue to later chapters in this document to create and deploy device groups and device configuration and discovery on the network The first step in configuring AirWave is to specify the general settings for the AirWave server Figure 16 illustrates the AMP Setup gt General page Figure 16 AMP Setup gt General Page Illustration Partial View Data Rete System Name Airwave Management Platforrr Inactive Client and VPN User Data 0 1500 days zero disables 50 Default Group Access Points Ad Client Association and VPN Session History 0 550 14 Device Configuration Audit Interval Daily days zero disables Automatically repair misconfigured devices C Yes No Tag History 0 550 days zero disables fia Send debugging messages to Aruba Networks Yes No Rogue AP Discovery Events 2 550 days zero i j scg 415 disables Nightly Maintenance Time 00 00 23 59 04 15 Unless this value is 0 it cannot be smaller than the fia Delete Rogues not detected for window 0 configured Check for software updates from Aruba Networks Periodically check the Aruba Networks ELNE MAE SENGE website for notices of new software versions or critical z Reports 0 550 d disables s0 security notifications News will be displayed for admins Yes No ee on the Home Overview page Software will never be Automatically acknowledge alerts 0 550 days mo updated automatic
425. nd adjust these settings as required This section defines the frequency in which all devices in the group polled These settings can be disabled entirely as desired Table 52 describes the settings and default values of this section Table 52 Routers and Switches Fields and Default Values Setting Default Description Read ARP Table 4 hours Sets the frequency in which devices poll routers and switches for Address Resolution Protocol ARP table information This setting can be disabled or set to poll for ARP information in a range from every 15 seconds to 12 hours 78 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Table 52 Routers and Switches Fields and Default Values Continued Default Description Read CDP Table for 4 hours For Cisco devices sets the frequency in which devices poll routers and switches for Cisco Device Discovery Discovery Protocol CDP information This setting can be disabled or set to poll for CDP neighbor information in a range from every 15 seconds to 12 hours Read Bridge 4 hours Sets the frequency in which devices poll the network for bridge forwarding information This Forwarding Table setting can be disabled or set to poll bridge forwarding tables from switches in a range from every 15 seconds to 12 hours Interface Up Down 5 minutes Sets the frequency in which network interfaces are polled for up down status This setting Polling Period can be disabled
426. nes which Group tabs and options are to be viewable by default in settings for devices on new groups Settings include the following this AMP All Devices AirWave displays all Group tabs and setting options Only devices in this group AirWave hides all options and tabs that do not apply to the devices in the group If you use this setting then to get the group list to display the correct SSIDs for the group you must Save and Apply on the group Only devices on this AMP hides all options and tabs that do not apply to the APs and devices currently on AirWave Use system defaults Use the default settings on AMP Setup gt General Selected device types Allows you to specify the device types for which AirWave displays Group settings Selected Device This option appears if you chose to display selected device types allowing you to select the Types device types to display group settings Use Select devices in this group to display only devices in the group being configured 7 To assign dynamically a range of static IP addresses to new devices as they are added into the group locate the Automatic Static IP Assignment section on the Groups gt Basic configuration page If you select Yes in this section additional fields appear Complete these fields as required Table 43 describes the settings and default values This section is only relevant for a small number of device types and will appear when they are present Table 43 Automatic St
427. network 4 Select Save and Apply when configurations are complete to make them permanent or select Save to retain these settings prior to pushing to controllers at a later time 96 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Configuring Proxim Mesh Radio Settings l Go to the Groups gt Proxim Mesh configuration page to configure Mesh specific radio settings 2 Define the settings as required for your network Figure 58 illustrates this page lable 67 and able 68 describe the settings and default values Figure 58 Groups gt Proxim Mesh Page Illustration General Security Mesh Radio 4 9 5 Ghz z SSID Wireless Mesh Maximum Mesh Links 1 32 l6 Enable AES C Yes No Neighbor RSSI Smoothing 16 Mesh Cost Matrix Roaming Threshold 0 100 s0 Hop Factor 0 10 2 Deauth Client When Uplink is Down yes C No Maximum Hops to Portal 1 4 4 RSSI Factor 0 10 5 RSSI Cut Off 0 26 f10 Medium Occupancy Factor 0 10 5 Current Medium Occupancy Weight 0 9 7 Save Save and Apply Revert The General section contains settings for mesh radio number of mesh links RSSI smoothing roaming threshold and de auth client Table 67 Groups gt Proxim Mesh gt General Fields and Default Values Setting Default Description Mesh Radio 4 9 5Ghz Drop down selects the radio that acts as the backhaul to the network Maximum Mesh Links Sets the maximum number of mesh
428. network Once you choose this trigger type select Add New Trigger Condition to create at least one condition This type requires that a radio capability be set as a condition The Value drop down menu supports several condition options 802 11 Frame Counters Enables monitoring of traffic levels There are multiple rate related parameters for which you define conditions including ACK Failures Retry Rate and Rx Fragment Rate See the Option drop down menu in the Conditions section of the trigger page for a complete list of parameters Select Add New Trigger Condition to access these settings Define at least one condition for this trigger type 802 11 QoS Counters Enables monitoring of Quality of Service QoS parameters on the network according to traffic type The rate of different parameters includes ACK Failures Duplicated Frames and Transmitted Fragments See the drop down field menu in the conditions section of the trigger page for a complete list of parameters Select Add New Trigger Condition to access these settings Define at least one condition for this trigger type Interface Usage Interface labels defined on the trigger page will be used to set up triggers on one or more interfaces and or radios Available conditions are Device Type Interface Description Interface Label Interface Mode Interface Speed In Mbps Interface Speed Out Mbps Interface Type and Radio Type Channel Utilization Indicates that channel utilization has cro
429. network to include the following functions and benefits Accurate location information for all wireless users and devices Up to date heat maps and channel maps for RF diagnostics Adjusts for building materials Supports multiple antenna types Floor plan building and campus views Visual display of errors and alerts Easy import of existing floor plans and building maps Planning of new floor plans and AP placement recommendations RAPIDS RAPIDS is a powerful and easy to use tool for monitoring and managing security on your wireless network to include the following features and benefits Automatic detection of unauthorized wireless devices Rogue device classification that supports multiple methods of rogue detection Wireless detection Uses authorized wireless APs to report other devices within range Calculates and displays rogue location on VisualRF map Wired network detection Discovers rogue APs located beyond the range of authorized APs sensors Queries routers and switches Ranks devices according to the likelihood they are rogues Multiple tests to eliminate false positive results Provides rogue discovery that identifies the switch and port to which a rogue device is connected Dell PowerConnect W AirWave 7 4 User Guide Master Console and Failover The Dell PowerConnect W AirWave Master Console and Failover tools enable network wide information in easy to understand presentation to entail operational information and high
430. nfiguration can be enhanced with the AirWave Global Groups feature which lets you create Global Groups with configurations that are pushed to individual Subscriber Groups Viewing All Defined Device Groups To display a list of all defined groups browse to the Groups gt List page illustrated in Figure 37 Figure 37 Groups gt List Page Illustration Add New Group Compare two groups 1 41 w of 41 Groups Page 1wof1 Choose Columns CSV Export Name Up Down Status Polling Period Total Devices Is Global Group a Global Group Down Mismatched Ignored Users BW Duplicate SSID Changes mo ws5100 60 seconds 5 No gauss three 4 4 0 0 0 Unapplied Changes infrastructure 60 seconds 31 No gauss two 9 16 0 0 0 K Guest RSN2Office WLAN a airespace 60 seconds 5 No gauss one 2 0 0 0 G 4000 8021x 4000 quest more m GG test 5 minutes 0 Yes 0 0 0 0 0 Ki Guest RSN2OfficeWLAN Table 39 describes the columns in the Groups gt List page Table 39 Groups gt List Columns Column Description Add New Group Launches a page that enables you to add a new group by name and to define group parameters for devices in that group For additional information refer to Configuring Basic Group Settings on page 72 Changes Whether the group has unapplied changes Manage Goes to the Groups gt Basic configuration page for that group Hover your mouse over the icon to see a list of wrench icon shortcuts to group specific subtabs that would appe
431. ng General AirWave Server Settings cccscscscssssesssssscssssesseececseseesssesessesessesesesanseeasenss 35 Defining AirWave Network Settings ccccccscscssessssssccssssessseceeseseesesesecseseesssesessusecassesesanseeasenes 43 Creating AMWave Sr setseestecenuzcern age dase sioe ERa Ea O EEEE A EEEE ATE AAAA 44 Creating AirWave User Roles cccccssssssssescssssssssesscscssssesesecsesesecsesecessesecassesessusecassesessnsesatensess 46 Configuring Login Message TACACS and RADIUS Authentication ccc 48 Setting Up Login Configuration Options ceesessessscssesesseecsesesseseeesesseseesseesessesesaseeeeeens 48 Setting Up SGI SIT ON sssini ineine oeei enea eeann asvad Eere a DNE AAAI 49 Configuring TACACS Authentication ou ccsssseseescssssssesseeceeseseessecesseseessesessesesaseeeeeess 49 Configuring RADIUS Authentication and Authorization cccseeeesseeeeeessseteeeeeeeeen 50 Integrating a RADIUS ACCOUNTING SErVel c es ccssesesssscsessssesesececseseesesesessesessseesesseeeaseees 51 Enabling AirWave to Manage Your De VICES cscscscssssescssssesseecsssseseceesesseeecsuseesesaeseeaeeeeanees 52 Configuring Communication Settings for Discovered DeVICES c ccccsseseessseeeeeeeseees 53 Loading Device Firmware Onto AirWave optional cccsssesssesesseeseseseseeeeeeen 55 Overview of the Device Setup gt Upload Firmware amp Files Page c cceeseeee 55 Loading Firmware Files to Air Wave
432. ng RFID Tags With the Clients gt Tags Page on page 202 196 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Monitoring WLAN Users in the Clients gt Connected and Clients gt All Pages The Clients gt Connected page displays all users currently connected in AirWave and is illustrated in Figure 137 and described in Table 116 This page contains the following information at a glance The Folder field shows the current folder of Connected Clients you are viewing You can view users under a particular folder from the Go to folder dropdown menu Links under the Folder fields showing the Total Devices Mismatched Clients and Bandwidth a static unlinked statistic summarize the device information for this folder Select these links to be taken to detail pages for each Total Devices redirects to the APs Devices gt List for that folder Mismatched redirects to the list in APs Devices gt Mismatched for that folder and selecting Clients refreshes the page but expands to include users in the subfolders Interactive graphs display average and max Clients over time and Usage in and out for the selected folder over time Below the Clients and Usage graphs is the list of connected users The information on this page can be adjusted in the following ways Drag the slider to pick the time range on the interactive graphs and select Show All to select other options to display The Alert Summary
433. ng or delaying the usability for up to 5 minutes 262 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Figure 195 The VisualRF gt Setup Page Home Helpdesk Groups APs Devices Users Reports System Device Setup AMP Setup RAPIDS MAYOR Floor Plans Setup Import Audit Log Server Settings Wall Attenuation Settings Enable VisualRF Engine yes No a EEEE Enable Multi floor Bleed Through yes No Dynamic Attenuation o No a TE Use Metric Units C yes No amp Concrete 15 Red Memory Allocation 1GB S ara Core Threads ls amp Glass 3 Blue tin Cig Tei i SS UI Threads js Hl amp shoji 3 Lavender Synchronization Timer 15 minutes z amp telefonica wall 50 Azure CEE amp waterfall 94 Turquoise Location Settings Allowed deviation for dient placement 2dB x Save Revert Maximum Rogue APs per Floor Plan approx 50 v Location Calculation Timer Settings Legacy Laptop Min Max sec s0350 lt CS C C YS Legacy Laptop Number of Samples 3s Laptop Min Max sec s0350 al Laptop Number of Samples 3s xf Phone Min Max sec 60 20 l Phone Number of Samples 3s sf RFID Min Max sec 30 120 o YS RFID Number of Samples a ti SOCC Scale Min Max sec 500 200 l Scale Number of Samples C Printer Min Max sec 120 480 Printer Number of Samples 3s xf Rogue Min Max sec 500 200 l Rogue Number of Samples 3s sf Default Min Max sec s0350 o YS Default Number of Samples Bo
434. nna Aruba Instant Vithal Controller 3 7 2011 8 55 PM i iwof1APs Devices Page i wof1 Shared Secret airwave If the incoming Shared Secret matches the one you created select Add then Save and Apply in the confirmation page NOTE With an Organization specified you do not have to select any Group or Folder from the drop down menus on the APs Devices gt New page In fact if you do change the Group Folder drop down menus all Organization specified Virtual Controllers will ignore these values and will use the folder group values from the Organization String instead If you select K Add for some non Dell PowerConnect Winstant devices as well as some Organization specified Virtual Controllers the drop down menus will apply to the non IAPs but not the Virtual Controllers If you have any Virtual Controllers with no Organization specified the first time they communicate with AMP then they will be placed in the Folder Group drop box values you have selected AMP parses the information from the Organization String and auto creates the following in its own interface A new User Role disabled by default for security reasons named Acme Admin A new User named Acme Admin with a password equal to the Virtual Controller s Shared Secret A new configuration group called Acme A new folder just under the Top folder called Acme Rwo subfolders New York and San Francisco from subfolder2 Rwo subfolders under New York Times Square Stor
435. not speak with it using SNMP Check the SNMP credentials AirWave is using the view secrets link on the APs Devices gt Manage page and verify SNMP is enabled on the AP Many APs ship with SNMP disabled Down ICMP ping failed after SNMP get failed means AirWave is unable to connect to the AP using SNMP and is unable to ping the AP This usually means AirWave is blocked from connecting to the AP or the AP needs to be rebooted or reset Configuration Good means all the settings on the AP agree with the settings AirWave wants them to have Mismatched means there is a configuration mismatch between what is on the AP and what AirWave wants to push to the AP The Mismatched link directs you to this specific APs Devices gt Audit page where each mismatch Is highlighted Unknown means the device configuration has not yet been fetched possible issue with credentials Verifying means it s fetching configuration to be compared to desired settings Firmware Displays the firmware version running on the AP Licenses Appears Selecting this link opens a pop up window that lists the licenses installed for this controller and whether for Dell controllers they have expired Controller Appears Displays the controller for the associated AP device as a link Select the link to display the APs Devices gt for APs Monitor page for that controller Mesh Gateway Specifies the mesh AP acting as the wired connection to the network Mesh Mode Specifies whethe
436. nother controller interface or select the pencil icon to edit an existing controller interface Table 86 describes the settings and default values For detailed descriptions of Cisco WLC devices supported by AirWave refer to the Cisco WLC product documentation Table 86 APs Devices gt Manage gt Interface Fields and Descriptions for Cisco WLC Devices Field Default Description Name None The name ofthe interface on the controller VLAN ID None The VLAN ID for the interface on the controller Port None The port on the controller to access the interface 140 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Table 86 APs Devices gt Manage gt Interface Fields and Descriptions for Cisco WLC Devices Continued Field Default Description IP Address None The IP address of the controller Subnet Mask None The subnet mask for the controller Primary and Secondary The DHCP servers for the controller DHCP Servers Guest LAN Disabled Indicates a guest LAN Quarantine VLAN ID Disabled Enabled indicates it is a quarantine VLAN used only for H REAP associated clients Dynamic Device Enabled When enabled makes the interface an AP manager interface Cisco calls this feature Management Dynamic AP Management Setting a Maintenance Window for a Device AirWave Management Platform can automate the manual action of putting multiple devices into Manage mode at once so that changes can be applied
437. nstant system This string is entered into the Dell PowerConnect W Instant UI by the on site installer The format of the Organization String is Org subfolderl subfolder2 and so on up to 31 characters long Org the top level string is generally the name of your organization and is used to automatically generate the following if not already present in AMP AMP Role Org Admin initially disabled AMP User Org Admin assigned to the role Org Admin Folder Org under the Top folder in AMP Configuration Group Org 296 Setting Up Dell PowerConnect W Instant in AirWave Dell PowerConnect W AirWave 7 4 User Guide Additional strings in the Organization String are used to create a hierarchy of subfolders under the folder named Org subfolder would be a folder under the Org folder subfolder2 would be a folder under subfolder To create your Organization String consider the plan of how your Dell PowerConnect W Instant IAPs are to be physically distributed As a best practice the Organization String should mirror your company s geographical or internal reporting structure For example if you plan to deploy Dell PowerConnect W Instant in four stores in two different cities for Acme Corporation your Organization Strings might look like these Acme New York Times Square Store Acme New York Queens Store Acme San Francisco Sunset Store Acme San Francisco SOMA Store The Shared Secret Key The Shared Secret key i
438. nt Location 0 0 eeeesssessssesseeseceseeseeesesseseeatenss 276 Viewing an AP s Wireless RF EnvirOnment ccccccescscssssessssessssssecseseeseseeseesseesseseeeeess 276 Viewing a Floor Plan s RF Environment ccccccccssesssscssssesesseseesseecseseeseseesessseessnseeeeees 271 Viewing a Network Campus Building s RF EnvirOnment ccecssesecsssseeeeseeseseees 218 Viewing Campuses Buildings or Floors from a Tree ViQW cccsseeeseeseeeeseeeeeen 278 Planning and Provisioning caseccissosistsevaexavscuanncpnewsnspsauconsapongunsvaislaraaunawpsientsakvacuhianodeshaausensanevancaroeiee 219 Creating a NEW CaMpus ccecccssssesssscscssssssssesesscsesseseseceesesecsesesessesecaesesessusecassesesaeeeatenss 279 Creating a New Building in a Campus 2 cccsssesssseecscsessessseceesesecssseseeseseeassesesseseeateees 280 Importing a Floor Plan u cc cseeesssessesssscessesecseseesesecsesaesesseseesesecsesaesesauseesesecsesaeeesausesensess 281 Editing a Foor Plan IMa UE emina aaas Aaaa A 282 Cropping the Floor Plan IMage ccccssscscscssesssssscsessssesesecscsesecsesececsusesassesessnseeatenes 282 Sizing a NON CAD Floor Plan ee eessessessssessesecseseesesesecseseeassesessesesassesesaeseeasenseeans 283 Removing Color from a Floor Plan IMage scccscsssscsssssscsssscsseesscseseesseesessesesaseees 283 Assigning Campus Building and Floor NUMDELS cccecccssesessesceeseseeseeeseeseseees 284 Assigning Op
439. nt configuration with the policy and displays any discrepancies on the APs Devices gt Audit page but does not change the configuration of the device Manage Read Write AirWave compares the device s current configuration settings with the Group configuration settings and automatically updates the device s configuration to match the Group policy Automatically placing devices in Managed Read Write mode will overwrite the configuration with the desired configuration in AirWave and should only be used when you are certain AirWave has the correct configuration This can be risky and generally devices should be placed in Monitor Only mode as the default Thin APs Only Only thin APs will be automatically authorized in Monitor Only mode This setting is ideal for mixed environments of thin and autonomous APs or for very large subnets in which you don t want to auto monitor all switches Default Group Access Sets the device group that this AirWave server uses as the default for device level Points configuration Select a device group from the drop down menu A group must first be defined on the Groups gt List page to appear in this drop down menu For additional information refer to Chapter 4 Configuring and Using Device Groups in AirWave on page 69 Device Configuration Daily If enabled this setting defines the interval of queries which compares actual Audit Interval device settings to the Group configuration policies stored in the A
440. ntials are not required to discover these APs Wireless scans and the AMC discover these rogues without any special changes Running a Scan Set Once a scan has been defined on the Device Setup gt Discover page AirWave can now scan for devices Perform these steps l Browse to the Device Setup gt Discover page and locate the list of all scan sets that have been defined so far Figure 69 illustrates this page Figure 69 Device Setup gt Discover Executing a Scan Illustration To scan for manageable devices and rogue APs using SNMP and HTTP choose one or more networks to scan below SNMP and HTTP timeouts may be configured o Note Discovered devices will use the default credentials configured on the Communication page netthe credentials defined below for scanning mm 1 2 of 2 Scan Sets Page iwofi Choose Columns CSV Export Network Credentials Total Devices Found New Devices Found Start Stop China admin default private public 0 0 5 24 2011 1 36 PM 5 24 2011 1 37 PM Static IP Dev Net AA admin default e pe private public 41 0 5 24 2011 7 03 PM 5 24 2011 7 07 PM 1 2 of 2 Scan Sets Page iwrofl Select All Unselect All Scan Delete Refresh this page for updated results Show Scheduling Options 2 Check the box next to the scan s that you would like to execute a Select Scan to execute the selected scans and the scan immediately begins The last column indicates the scan is In Progress 4 For futu
441. ntrollers and Autonomous Devices Use Global Setting bd Location Current Global Setting for Controllers New Device List Add New Thin APs Location Use Global Setting Current Global Setting for Thin APs New Device List Add New AP Group Maintenance Window 3 Define the settings in the Basic and Global Group sections Table 40 describes several typical settings and default values of this Basic section Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 73 Table 40 Basic and Global Groups Fields and Default Values Default Description Defined when Displays or changes the group name As desired use this field to set the name to uniquely first adding the identify the group by location vendor department or any other identifier such as group Accounting APs Cisco devices 802 1x APs and so forth Missed SNMP Sets the number of Up Down SNMP polls that must be missed before AirWave considers a Poll Threshold device to be down The number of SNMP retries and the SNMP timeout of a poll can be set on the Device Setup gt Communication page Regulatory United States Sets the regulatory domain in AirWave limiting the selectable channels for APs in the Domain group Timezone AMP System Allows group configuration changes to be scheduled relative to the time zone in which the Time devices are located This setting is used for scheduling group level configurati
442. nts lable 15 describes the settings and default values of this section Many settings can be set to have no expiration date Table 15 AMP Setup gt General gt Historical Data Retention Fields and Default Values Setting Inactive Client and VPN User Data 0 1500 days zero disables Client Association and VPN Session History 2 550 days Tag History 2 550 days Rogue AP Discovery Events 2 550 days Reports 2 550 days Automatically Acknowledge Alerts 0 550 days zero disables Acknowledged Alerts 2 550 days Radius ARM IDS Events 0 550 days zero disables Archive device configs even if they only have rogue classifications 1 100 Guest Users 0 550 days zero disables Inactive SSIDs 0 550 days zero disables Inactive Interfaces 0 550 days zero disables Interface Status History 0 550 days zero disables Interfering Devices 0 550 days zero disables Device Events Syslog Traps 40 Configuring AMP Default Description Defines the number of days AirWave stores basic information about inactive clients and VPN users A shorter setting of 60 days is recommended for customers with high user turnover such as hotels The longer you store inactive user data the more hard disk space you require Defines the number of days AirWave stores client and VPN session records The longer you store client session records the more hard disk space you requir
443. numeric string without spaces and enter the password again in the Confirm Password field NOTE Because the default user s password Is identical to the name it is strongly recommended that you change this password a Allows you to define an optional and alphanumeric text field that takes note of the user s actual name Email Address Allows you to specify a specific email address that will propagate throughout many additional pages in AirWave for that user including reports triggers and alerts Phone None Allows you to enter an optional phone number for the user Notes Enables you to cite any additional notes about the user including the reason they were granted access the user s department or job title 4 Select Add to create the new user Save to retain changes to an existing user or Cancel to cancel out of this screen The user information you have configured appears on the AMP Setup gt Users page and the user propagates to all other AirWave pages and relevant functions NOTE AirWave enables user roles to be created with access to folders within multiple branches of the overall hierarchy This K feature assists non administrator users who support a subset of accounts or sites within a single AirWave deployment such as help desk or IT staff What Next Go to additional tabs in the AMP Setup section to continue additional setup configurations Complete the required configurations in this chapter before proceeding A
444. o temporarily disable wireless access in particular locations This setting can be scheduled at an AP Level or Group Level NOTE You cannot disable radios unless rogue scanning is disabled in Groups gt Radio Use DHCP If enabled the AP will be assigned a new IP address using DHCP If disabled the AP will use a static IP address For improved security and manageability disable DHCP and using static IP addresses Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 139 Table 84 APs Devices gt Manage Additional Settings Continued Setting Default Device Type Description LAN IP All The IP Address of the AP Ethernet interface If One to One NAT is enabled AirWave will communicate with the AP on a different address the IP Address defined in the Device Communication section If DHCP is enabled the current assigned address will appear grayed out and the field cannot be updated in this area Subnet Mask Provides the IP subnet mask to identify the sub network so the IP address can be recognized on the LAN If DHCP is enabled the current assigned address will appear grayed out and the field cannot be updated in this area Gateway The IP address of the default internet gateway If DHCP is enabled the current assigned address will appear grayed out and the field cannot be updated in this area Locate the Template Options area on the APs Devices gt Manage page NOTE This section on
445. o running configuration files 134 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Compare two configurations to highlight the specific lines that are mismatched The Audit page provides links to the AirWave pages where any mismatched settings can be configured 2 NOTE These procedures assume you are familiar with the function buttons available to save apply revert and so on For details on button functions see Buttons and Icons on page 26 Moving a Device from Monitor Only to Manage Read Write Mode Once the device configuration status is Good on the APs Devices gt List page or once you have verified all changes that will be applied to the device on the APs Devices gt Audit page you can safely shift the device from Monitor Only mode to Manage Read Write mode Z NOTE Once a device is in Manage mode AirWave will push a new configuration to the device in the event that the actual device configuration does not match the AMP configuration for that device To move a device from Monitor Only to Manage Read Write mode perform the following steps l Go to the APs Devices gt List page and select the wrench icon next to the name of the AP to be shifted from Monitor Only mode to Manage Read Write mode This directs you to the APs Devices gt Manage page 2 Locate the General area as shown in Figure 97 Figure 97 APs Devices gt Manage gt General Section Illustration Nam
446. o the Users VPN network It is required to define one or more VPN usernames with the field that appears VPN Session This trigger type indicates that the sustained rate of bandwidth used in an individual VPN session has Usage exceeded a predefined threshold for more than a specified period in seconds such as more than 1500kbps for more than 120 seconds Once you choose this trigger type select Add New Trigger Condition to specify the bandwidth characteristics that triggers an alert You can apply multiple conditions to this type of trigger The Value field requires that you input a numerical figure for kilobits per second kbps Inactive Tag This trigger type flags events in which an RFID tag has not been reported back to AirWave by a controller for more than a certain number of hours This trigger can be used to help identify inventory that might be lost or stolen Set the time duration for this trigger type if not already completed IPv4 Link Local When enabled this trigger checks whether the total count of self assigned IP addresses has crossed a set Addresses threshold for clients within a selected folder or group The alert deployed by this trigger includes a link to search for IP addresses containing 169 254 x x Client Goodput This trigger type indicates that the goodput for an individual client has exceeded a predefined threshold Available conditions are Usage Kbps combined Usage Kbps in and Usage Kbps out Client Speed Th
447. o to the Device Setup gt Upload Firmware amp Files page This page displays any existing Web Auth bundles that are currently configured in AirWave and allows you to add or delete Web Auth bundles 2 Scroll to the bottom of the page Select Add New Web Auth Bundle to create a new Web Auth bundle see Figure 29 or select the pencil icon next to an existing bundle to edit You may also delete Web Auth bundles by selecting that bundle with the checkbox and selecting Delete Figure 29 Add Web Auth Bundle Page Illustration Description Po Web Auth Bundle fF O O Browse 3 Entera descriptive label in the description field This is the label used to identify and track Web Auth bundles on the page 4 Enter the path and filename of the Web Auth configuration file in the Web Auth Bundle field or select Choose File to locate the file 5 Select Add to complete the Web Auth bundle creation or Save if replacing a previous Web Auth configuration file or Cancel to abort the Web Auth integration For additional information and a case study that illustrates the use of Web Auth bundles with Cisco WLC controllers refer to the following document on Cisco com Wireless LAN controller Web Authentication Configuration Example Document ID 69340 http www cisco com en US tech tk722 tk809 technologies_configuration_example09186a008067489f shtml Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 57 Setting Up Device Types On AMP
448. ogues list filtered by that classification OS scans can be run manually or enabled to run automatically on the RAPIDS gt Setup page Acknowledged A color coded pie chart comparing the number of acknowledged devices to the unacknowledged RAPIDS Devices devices RAPIDS Changes Tracks every change made to RAPIDS including changes to rules manual classification and components on the RAPIDS gt Setup page A link at the top of the list directs you to the RAPIDS gt Audit Log page Setting Up RAPIDS The RAPIDS gt Setup page allows you to configure your AMP server for RAPIDS Complete the settings on this page as desired and select Save Most of the settings are internal to how AMP will process rogues Basic Configuration On the RAPIDS gt Setup page the Basic Configuration section allows you to define RAPIDS behavior settings Figure 115 illustrates this page and Figure 118 describes the fields Dell PowerConnect W AirWave 7 4 User Guide Using RAPIDS and Rogue Classification 169 Figure 118 RAPIDS gt Setup Page Illustration Basic Configuration ARP IP Match Timeout 1 168 hours RAPIDS Export Threshold ee MAC Address Correlation 0 8 its Discovered BSSIDs and LAN MAC addresses which are 24 Suspected Rogue Containment Options Manage rogue AP containment When enabled RAPIDS will manage the classification of rogue APs on Cisco WLC and Aruba controllers to match Yes C No the classification of those ro
449. olumns severe alert threshold personalized search preferences record display preferences and the refresh rate of the console See Configuring Your Own User Information with the Home gt User Info Page on page 214 Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 209 Monitoring AirWave with the Home gt Overview Page To view your overall network health navigate to Home gt Overview page Figure 150 illustrates this page and Table 120 describes the contents The information that displays varies depending on your role Figure 150 Home gt Overview Page Illustration Powered by DOLL POWERCONNECT W SERIES AIRWAVE ee New Devices 14 Wired 14 Wireless 36 W Wired 8 W Wireless 49 Mismatched 66 Rogue 4493 Clients 13 amp Alerts 0 Clients Reports System Device Setup AMP Setup RAPIDS Home Groups APs Devices Overview Search Documentation License User Info Welcome to AMP 7 4 0 Clients Last 1 hour lal Usage Last 1 hour aol Show All Maximum Average Show All Maximum Average o Avg Clients for test O clients O clients W Avg Bits Per Second In for VPN Sessions Obps 0 bps O Avg Clients for TestWireless 115 0 clients 0 clients Avg Bits Per Second Out for VPN Sessions 0 bps 0 bps E Avg Clients for WirelessTest Wep O clients 0 clients E Avg Usage for TestWireless 115 Obps 0 bps B y Avg Clients for WirelessTest wpa
450. omething is changes when it changed and who made the alteration The Audit Log can be found at RAPIDS gt Audit Log For more information see Figure 127 Dell PowerConnect W AirWave 7 4 User Guide Using RAPIDS and Rogue Classification 181 Figure 127 Audit Log Page Illustration RAPIDS Changes Time Wed Feb 17 10 21 12 2010 Wed Feb 17 10 20 20 2010 Fri Feb 12 08 19 00 2010 Fri Feb 12 08 19 00 2010 Tue Feb 9 15 53 57 2010 Tue Feb 9 15 53 03 2010 Thu Feb 4 15 59 12 2010 Mon Feb 1 13 55 36 2010 Mon Feb 1 13 55 36 2010 Thu Jan 28 15 46 54 2010 User admin admin jason jason admin admin admin admin admin admin Event rapids classification_rule id 39 classification FO gt 80 seas config d 1 rapids manage containment O gt 1 rapids classification_rule fid 39 classification S0 gt YO seas config d 1 rapids manage containment 1 gt 0 rapids classification rule fid 39 manufacturer prosim gt SCom name Contain Proxim gt Contain 3Com rapids classification_rule d 39 classification 70 gt 80 seas config d 1 rapids manage containment O gt 1 rapids classification_rule fid 39 classification 80 gt YO seas config d 1 rapids manage containment 1 gt 0 roqgue_ap d 154880 Cisco AD 61 FE Identify Operating System Additional Resources The following AirWave tools support RAPIDS System Triggers
451. omized if any The second column allows you to establish left to right columns and order them using the arrows Figure 6 Table With Choose Columns for Roles Menu Selected 13 m of 3 APs Devices Page Ly Of EC 502 Columns Choose Colunmps for Roles Export to CSV a ee Cancel kbps M cisco2960 1 Cl Admin Team A csco3560 Device t OAMC A switch7 Status t Administration 1 3 w of 3 APs Devices Page 1 w of 1 Upstream Device t AP Device Management APs t Config_Role Select All Unselect All Users t corp users via radius 30 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Resetting Pagination Records To control the number of records in any individual list select the link with Records Per Page mouseover text at the top left of the table as shown in Figure 7 AirWave remembers each list table s pagination preferences Figure 7 Records Per Page Drop Down Menu l 5 w of 36 Reports Page iwof gt gt Choose Columns Export to CSV Records Per Page ime Title Type All 1 20 2010 12 16 AM Daily PCI Compliance Report PCI Cor F 1 19 2010 12 16 AM Daily PCI Compliance Report PCI Cor C 1 18 2010 12 16 AM Daily PCI Compliance Report PCI Cor E 1 17 2010 12 16 AM Daily PCI Compliance Report PCI Cor 1 16 2010 12 15 AM Daily PCI Compliance Report PCI Cor l 5 of 36 Reports Page iwof gt gt To reset all Records Per Page preferences select Reset in the Display Preferences section of the Home gt Use
452. ommands ip dhcp snooping trust Description Vlani Interface Type Catalyst VLAN To configure interfaces as a group select Edit Interfaces above the Physical or Virtual Interfaces table as shown in Figure 104 Figure 104 Edit Multiple Interfaces Switch a Total Up Down Access Up Distribution i6 lii 26 i5 ii 1i i oo 1 3 w of 24 Interfaces Page lwof8 gt gt Reset filters Choose columns Export CSW eal ol Seat i 7 r Upe rational status Y Sa gigabitethernet0 0 1 Distribution corina uplink Up ethernetCsmacd gigabitethernet0 0 20 Access GE0 0 20 Down ethernetCsmacd Sa gigabitethernet0 0 21 Access GEO 0 21 Down ethernetCsmacd 1 3 of 24 Interfaces Page iwofa gt gt Reset filters 1 3 of 3 Interfaces Page 1of1 Reset filters Choose columns Export CSV a mgmt MGMT rch77x25 00 08 86 6A 62 01 Up Down tunneln Tunnel Interface tunnel 00 08 86 64 62 00 Up Up van 802 10 VLAN Bipvlan 00 08 86 64 62 00 Up Up 1 3 of 3 Interfaces Page 1of1 Reset filters gigabitethernet0 0 0 7 14 23 gigabitethernetO 0 0 7 14 23 gigabitethernet0 0 13 gigabitethernet0 0O 13 gigabitethernet0 0 12 gigabitethernet0 0 12 gigabitethernet0 0 11 gigabitethernet0 0 11 gigabitetherneto 0 10 gigabitethernet0 0 10 gigabitetherneto 0 9 gigabitetherneto 0 9 gigabitetherneto 0 8 gigabitetherneto 0 8 Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 143 K You will re
453. omplete the required configurations in this chapter before proceeding AirWave support remains available to you for any phase of AirWave configuration Creating AirWave Users AirWave installs with only one AMP user the admin who is authorized to define additional users with varying levels of privilege be it manage read write or monitoring limit the viewable devices as well as the level of access a user has to the devices Each general user that you add needs a Username a Password and a Role Use unique and meaningful user names as they are recorded in the log files when you or other users make changes in AirWave NOTE Username and password are not required if you configure AirWave to use RADIUS or TACACS authentication You do not need to add individual users to the AirWave server if you use RADIUS or TACACS authentication The user role defines the user type access level and the top folder for that user User roles are defined on the AMP Setup gt Roles page Refer to the next procedure in this chapter for additional information Creating AirWave User Roles on page 46 The admin user can provide optional additional information about the user including the user s real name email address phone number and so forth Perform the following steps to display add edit or delete AirWave users of any privilege level You must be an admin user to complete these steps l Go to the AMP Setup gt Users page This page displays
454. on Location Read fromthe All The SNMP location set on the device device Latitude Text field for entering the latitude of the device The latitude is used with the Google Earth integration Altitude meters Text field for entering the altitude of the device when known This setting is used with the Google Earth integration Specify altitude in meters Group Default Group All Drop down menu that can be used to assign the device to another Group Drop down menu that can be used to assign the device to another Group ee Longitude All Text field for entering the longitude of the device The longitude is used with the Google Earth integration he Auto Detect Yes All Selecting Yes enables automatic detection of upstream device which Upstream Device is automatically updated when the device is polled Selecting No displays a drop down menu of upstream devices Down Status All Enter a text message that provides information to be conveyed if the Message device goes down Automatically All Whether the message entered in the Down Status Message field clear Down should be removed after the device returns to the Up status Status Message when device comes back up Administrative Enables or disables administrative mode for the device Status Local All Designates the mode in which the device should operate Options include the following Local H REAP Monitor Rogue Detector Sniffer 4 Complete additional settings on the APs Devi
455. on Data by VLAN Charts IDS Events VPN Session Session Data by VPN Type List t Inventory VPN Session Session Data by Controller Charts Memory and CPU Utilization VPN Session Session Data by Controller List Network Usage VPN Session Session Data by HTTP Fingerprint List New Clients VPN Session Session Data by HTTP Fingerprint Charts New Rogue Devices VPN Session session Data by AOS Device Type Charts pori tage VPN Session Session Dat by AOS Device Type List Session Data OS Device Type otoe SUERTE STD SST VPN Session Session Data by Users jj RF Health Rogue Clients Rogue Containment Audit EH VPN The left pane of the Custom Options section lists all available data that can be included in the report For example if the data you want to include is in the RF Health report select RF Health to view a list of all available radio frequency information Then simply drag the desired data from the Available Options list on the left to the Selected Options pane on the right The order of the data in the Selected Options section is the order that it will appear in the report The data can be reordered by dragging an item up or down the list 4 Below the Custom Options panes are the Report Restrictions Scheduling Options Report Visibility and Email Options sections Choose the parameters as needed for your report especially a Report Start and Report End 5 When finished select Add and Run to add the report to you
456. on changes Allow One to Allows AirWave to talk to the devices on a different IP address than the one configured on One NAT the device NOTE If enabled the LAN IP Address listed on the AP Devices gt Manage configuration page under the Settings area is different than the IP Address under the Device Communication area Audit Auditing and pushing of configuration to devices can be disabled on all the devices in the Configuration on group Once disabled all the devices in the groups will not be counted towards Devices mismatched devices Use Global When enabled this field allows you to define the device group to be a Global Group Refer Group to Using Global Groups for Group Configuration on page 104 4 Complete the SNMP Polling Periods section The information in this section overrides default settings Table 41 describes the SNMP polling settings Table 41 SNMP Polling Periods Fields and Default Values Default Description Up Down Status Polling 5 minutes Sets time between Up Down SNMP polling for each device in the group Period The Group SNMP Polling Interval overrides the global parameter configured on the Device Setup gt Communication page An initial polling interval of 5 minutes is best for most networks Override Polling Period for Enables or disables overriding the base SNMP Polling Period If you select Yes Other Services the other settings in the SNMP Polling Periods section are activated and you can overr
457. on page 187 to create a new trigger Delivering Triggered Alerts AirWave uses Postfix to deliver alerts and reports via email because it provides a high level of security and queues email locally until delivery If AirWave is located behind a firewall preventing it from sending email directly to a specified recipient use the following procedures to forward email to a smarthost l Add the following line to etc postfix main cf relayhost mail example com where mail example com is the IP address or hostname of your smarthost 2 Run service postfix restart 3 Send a test message to an email address Mail v user example com Subject test mail CC 4 Press Enter Check the mail log to ensure mail was sent tail f var log maillog Viewing Alerts Apart from visiting System gt Alerts AirWave displays alerts and provides alert details in two additional ways l The Alert Summary table is available on the following AirWave pages and is illustrated in Figure 134 APs Devices gt List Groups gt Monitor Home gt Overview Clients gt Connected or Client Detail 194 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Figure 134 Alert Summary Table Illustration Summary Type last 2 Hours Last Day Total Last Event AMP Alerts 138 2300 2950 10 17 2011 247 PM IDS Events 0 0 0 RADIUS Authentication IssuesO 0 0 This table displays alerts as follows select the alert Type to d
458. on the APs Devices gt Audit page Last jLastContacted jLastContacted Displays the last time AirWave successfully contacted the AP Displays the last time AirWave successfully contacted the AP 0 last time AirWave successfully contacted the AP Displays the version of firmware running on the AP Group Group Links tothe Group gt Monitoring page forthe AP to the Links tothe Group gt Monitoring page forthe AP gt Monitoring page for the AP Template Displays the name of the group template currently configuring the AP Also displays a link to the Groups gt Template page This is only visible for APs that are managed by templates Folder Displays the name of the folder containing the AP Also displays a link to the APs Devices gt List page for the folder Management Mode Displays the current management mode of the AP No changes are made to the AP when tt Is in Monitor Only mode AirWave pushes configurations and makes changes to an AP when it is in Manage Read Write mode Enable Planned Put this device into planned maintenance During the maintenance mode no AP Down triggers will Maintenance Mode be deployed on these devices Users will not be able to delete folders that contain devices in Planned Maintenance The devices in Planned Maintenance will show the Up status but will not be tracked in historical graphs and logs as Up You can set multiple devices into Planned Maintenance Mode in the Modify Devices link on an AP list pag
459. onding to Alerts AirWave monitors key aspects of wireless LAN performance When certain parameters or conditions arise that are outside normal bounds AirWave generates or triggers alerts that enable you to address problems frequently before users have a chance to report them Viewing Triggers To view defined system triggers navigate to the System gt Triggers page Figure 131 illustrates this page Figure 131 System gt Triggers Page Illustration partial view Triggers New Trigger Type Trigger Additional Notification Options NMS Trap Destinations Device Resources Percent CPU Utilization gt 85 for 15 Email F amp Device Up Device Type is Access Point Inactive Tag for gt 2 hrs 0 mins Device IDS Events Count gt 100 for 30 minutes New User New User Association NMS 10 51 1 7 Device Down All device types NMS Device RADIUS Authentication Issues Count gt 20 for 15 secs NMS 10 51 1 7 802 11 Frame Counters WEP Undecryptable Rate gt 100 frames sec for 1 hour Rogue Device Classified Classification Rogue NMS 10 51 1 7 Radio Down NMS 10 51 1 7 Creating New Triggers Perform the following steps to create and configure one or more new triggers These steps define settings that are required for any type of trigger l To create a new trigger select the Add New Trigger button from the System gt Triggers page The page that appears is ill
460. ons Walls within VisualRF are interpreted as pure dB loss without adjusting for wall thickness Cubicle Attenuation dB a Specifies the attenuation for any cubicle walls drawn in VisualRF Drywall Attenuation dB Specifies the attenuation for any drywall walls drawn in VisualRF Specifies the attenuation for any concrete walls drawn in VisualRF Concrete Attenuation dB VisualRF Resource Utilization When tuning the VisualRF server use the default settings as recommended If you do change any of these settings above change one at a time and see how the system performs Each time you restart VisualRF it will take at least 30 minutes to return to normal processing If you use the top command to check on VisualRF resource utilization ensure you use the l and H flags to show cores and threads Remember top also takes 1 2 minutes to normalize and provide accurate data NOTE Itis normal for VisualRF to consume 20 of each core with a combination of threads It will utilize excess CPU cycles on all cores when required Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 265 Configuring QuickView Personal Preferences To configure your personal preferences in QuickView select the Preferences icon and choose from the following configuration options General select from the Configure Preferences drop down menu as shown in Figure 196 Enable auto refresh toggle Refresh Interval in minutes Show Scale Hide neigh
461. ons will increase or decrease the chances of a device being located within the region See Adding Location Probability Regions on page 270 Adding Exterior Walls Because VisualRF utilizes much existing RF information generally only external walls are required for accurate client locations VisualRF s Dynamic Attenuation feature uses AP to AP information to calculate attenuation for interior areas negating the need to enter interior walls If your devices support AP to AP information in the table above you should only draw exterior walls 1 Select Draw Walls icon in the Edit menu 2 The cursor changes to a crosshair Use this to draw the wall directly over the floor plan as shown in Figure 197 Figure 197 Drawing a wall 3 To move or resize the wall select the Wall icon in the Edit menu again The cursor changes to a hand and the ends of the wall is highlighted Click and drag the end point handles to change the wall as shown in Figure 198 Figure 198 Moving and resizing an existing wall To change the attenuation of a wall right click the wall and select the appropriate building material To delete a wall select the wall and press the Delete key 4 Once all walls are provisioned on the floor plan select Save floppy disk icon above the zoom bar K NOTE Drawing only outside walls is recommended If you are seeing inaccurate client locations or heat maps after entering exterior walls proceed to Client Surveys I
462. oo To enable VisualRF and tune memory and performance navigate to the Server Settings section on this page The settings in this section are detailed in lable 139 Table 139 Server Settings Section of the VisualRF gt Setup Page Setting Enable VisualRF Engine Enable Multi floor Bleed Through Dynamic Attenuation Use Metric Units Dell PowerConnect W AirWave 7 4 User Guide Description Enables or disables the VisualRF engine This setting must be enabled to use VisualRF If you do not have a license for VisualRF this page will not appear Enables or disables calculating the impact APs on floors above and below the currently viewed floor in the Quick View Incorporate AP to AP readings as well as site survey information and dynamically recalculate the path loss of each radio to every grid cell on the floor plan increasing coverage and location accuracy Instructs the VisualRF engine to display all units of measurements in metric Using VisualRF 263 Table 139 Server Settings Section of the VisualRF gt Setup Page Continued Default Description Memory Allocation 512 MB The amount of memory dedicate to VisualRF It is not dynamically allocated and all the memory is consumed upon starting the service Be sure to check the memory and swap utilization in the Systems gt Performance page before making any changes The exact amount of memory used per floor plan will vary heavily based on the size number of dev
463. ored and possibly dangerous Dell PowerConnect W does not recommend enabling this setting Instead incorporate signal strength into the classification rules on the RAPIDS gt Rules page Ignore Rogues Discovered by Filters rogues according to the remote AP that discovers them Enabling this Remote APs option causes AirWave to drop all rogue discovery information coming from remote APs Ignore IDS Events from Filters IDS Events discovered by remote APs Remote APs Rogue Containment Options Using RAPIDS AMP can shield rogue devices from associating to Cisco WLC controllers versions 4 2 114 and later and Dell PowerConnect W Series controllers running AOS versions 3 x and later AMP will alert you to the appearance of the rogue device and identify any mismatch between controller configuration and the desired configuration K NOTE WMS Offload is not required to manage containment in AMP Table 97 shows the Containment Options section of the RAPIDS gt Setup page Table 97 RAPIDS gt Setup gt Containment Options Fields and Default Values Default Description Manage rogue AP Yes Rogue APs on Cisco WLC and Dell PowerConnect W Series controllers as Containment defined by the Rules engine will be classified as a Contained Rogue AMP pushes the containment status of a rogue device to the controller and the controller takes the appropriate action For the rogue device to be contained you may need to configure containment on th
464. oup to support Cisco devices with these steps Select Add from the Groups gt List page to create a new group enter a group name and select Add Once AirWave prompts you with the Groups gt Basic page ensure that you enable device specific settings for Cisco WLC Once you select Save or Save and Apply then the Groups gt Cisco WLC Config subtab appears in the navigation pane at the top in association with that group Navigating Cisco WLC Configuration The navigation pane on the left side of the Groups gt Cisco WLC Config page is expandable and displays the Cisco configurations supported and deployed Figure 45 and Figure 46 illustrate this navigation pane You can pre populate the group WLC settings from a controller in the same group by performing an import on the controller s Audit page Figure 45 Groups gt Cisco WLC Config Page Illustration collapsed view BFWLANS Controller HF Wireless Hse curity Management Commands Figure 46 Groups gt Cisco WLC Config Page Illustration expanded view EMWLANS EFController Ehyireless EFSecurity ErManagement EFCommands EFAdvanced General Mesh HAAA SNMP L Reset Time Lap Groups Mobility Management 802 11a n 802 11b a n RADIUS bea Receivers Liability Groups Network Network Servers Trap Controls NTP RRM RRM Fallback Syslog Servers Advanced RF Grouping RF Grouping TACACS spanning Tree TPC TPC AP Policies DCA Priority Order aii arene LManagement User ne Rener Wireless Protection Po
465. p status Update Firmware faa Applies a new firmware image to an AP device eee ee Displays current bandwidth View Historical Displays all data series for the selected graph over the last two hours last day last week Graph in New last month and last year in one new pop up window Window VisualRF Links to VisualRF real time visualization Links to export XHTML versions of reports a Not all AirWave GUI components are itemized in graphic format in this table Dell PowerConnect W AirWave 7 4 User Guide Installing and Getting Started 27 Getting Started with AirWave This topic describes how to perform an initial launch of the AirWave network management solution on the session based authentication scheme introduced in AirWave 7 3 0 When an AirWave URL is accessed either interactively using a browser or programmatically using an API a sent cookie may match a session stored in the database granting authentication but not necessarily access depending on how the user s role matches the required role for the URL If the cookie is not present or the session in the database has expired the request is denied For browser requests this results in a login form being displayed When you submit the login form the supplied credentials are checked against the AMP s user database an external RADIUS server or external TACACS server per the AMP s configuration If the credentials are valid the user s browser is sent a
466. p username C ves No Custom Message PO Add Cancel 3 Enter or edit the settings on this page Table 22 describes these settings in additional detail 46 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide As explained earlier in this section Roles define the type of user level access the user level privileges and the view available to the user for device groups and devices in AirWave Table 22 describes the settings and default values of this section Table 22 AMP Setup gt Roles gt Add Edit Roles Fields and Default Values Setting Default Name Access Level E RAPIDS VisualRF Dell PowerConnect W AirWave 7 4 User Guide Description Sets the administrator definable string that names the role The role name should indicate the devices and groups that are viewable as well as the privileges granted to that role Enabled Disables or enables the role Disabling a role prevents all users of that role from logging in to AirWave Type AP Device Manager AP Device Defines the type of role AirWave supports the following role types AMP Administrator The AMP Administrator has full access to AirWave and all of the devices Only the AMP Administrator can create new users or access the AMP Setup page the VisualRF gt Setup page VisualRF gt Audit Log page System gt AMP Events and System gt Performance AP Device Manager AP Device Managers have access to a limited numbe
467. pd to gradually adjust your clock to the correct time 18 Installing and Getting Started Dell PowerConnect W AirWave 7 4 User Guide l Select 1 to set the date and select 2 to set the time zone Press Enter after each configuration to return to the message menu above CAUTION Changing these settings after the installation can cause data loss especially for time series data such as Client and Usage graphs Avoid delayed configuration 2 Press 0 to complete the configuration of date and time information and to continue to the next step Previous AirWave Installations The following message appears after date and time are set Welcome to AirWave Installer Phase 2 STEP 1 Checking for previous AirWave installations If a previous version of AirWave software is not discovered the installation program automatically proceeds to Step 2 Installing AirWave Software on page 19 If a previous version of the software is discovered the following message appears on the screen The installation program discovered a previous version of the software Would you like to reinstall AirWave This will erase AirWave s database Reinstall y n Type y and press Enter to proceed CAUTION This action erases the current database including all historical information To ensure that the AirWave database is backed up prior to reinstallation answer n at the prompt above and contact your Value Added Reseller or directly contact Dell support
468. pgrades in monitor only mode 41 EE E EE AE E E eee 134 FTP Server enabling oeccccsccnerererreren 41 fully qualified domain names cceceeeeeeeeeeee 38 G getting started with AirWave seee 28 Global Dell PowerConnect W Configuration 148 Global Groups with Master Console cccccceeeeteeeeeee 223 global Peri plates css castiencteteieceseesccuieadentcncaetetececaecnen 165 Google Chrome ecceecesceeceeeeeeeeeeeeeeeeeeeneeneeeneees 17 Google Earth cccccccssescsssseeeeeeseeee 27 120 138 280 CONS eect ete 69 105 groups changing multiple group configurations 100 COP E 99 configuring and USING seese 69 configuring basic group settings 72 configuring group AAA Servers e eee 80 configuring group SSIDs and VLANGS 83 configuring group templates eee 151 configuring radio settings cece 87 configuring security settingS cee 81 an een E ene eee eee eee 100 deleting a QTOUP cececeeeeeeeeeeeteeeeeeeeeteeneees 100 alobal Groups sessione 71 104 MAC ACIS ersinnen eiie 98 OVEL ON oE 70 radio SOUS vensini seas o 87 SEC a 81 YVAN e E E A E 71 Guest Access Sponsor role cc cccceeeeeeeeeeeeeeeeeeeees 47 Guest User Configuration sesssssceeerrrerrer 38 Dell PowerConnect W AirWave 7 4 User Guide Ciest BIS se be ces eeactecsarcndrssncaseokeveedelathtucen teense 40 H hardware requirements cccecceeceeeeeeeeeeeeeeeeeeeee
469. played at the top of the interface For more detailed information about each option refer to Table 5 on page 22 4 On the AMP Setup gt General page locate the Search Preferences section Select the search categories to include in a Full search of AMP such APs devices clients connected and or historical VPN sessions connected and or historical rogues rogue clients tags folders and groups All are selected by default Per user search preferences can be set in the Home gt User Info page refer to Customized Search on page 34 5 On the AMP Setup gt General page locate the Home Overview Preferences section Table 11 describes the settings and default values in this section Table 10 AMP Setup gt General gt Home Overview Preferences Fields and Default Values Setting Default Description Configure Channel Yes Whether you want to configure the threshold at which a channel is considered to be Busy Threshold busy at the Top Folders By Radio Channel Usage Overview widget Channel Busy The threshold percent at which the radio channel is considered busier than normal Threshold 6 On the AMP Setup gt General page locate the Display section and select the Group tabs and options to appear by default in new device groups K NOTE Changes to this section apply across all of AirWave These changes affect all users and all new device groups Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 37 T
470. pport connection optional a a CaM a Ci ee Table 4 AirWave Protocol and Port Chart Continued Port Type Protocol Description Direction Device Type 1701 TCP HTTPS AP and rogue discovery 1741 TCP HTTP WLSE polling 1812 RADIUS Authenticate amp authorize AMP Auth administrative users on a RADIUS server WLSE WLSE RADIUS auth server UDP RTLS Real Time Location Feed Dell thin APs 8211 UDP PAPI Real Time Feed ICMP Ping Probe AirWave Navigation Basics Every AirWave page contains the following three basic sections 2002 TCP HTTPS Retrieve client authentication info WLAN switches APs or controllers RADIUS Retrieve usernames for authenticated lt RADIUS accounting client accounting WLAN clients from NAS captive portal controller autonomous AP Only used when usernames are not available in the SNMP MIB of a controller or autonomous AP Status Section Navigation Section Activity Section The AirWave pages also contain Help links with GUI specific help information and certain standard buttons Status Section The Status section is a snapshot view of overall WLAN performance and provides direct links for immediate access to key system components AirWave includes the ability to customize the contents of the Status section from the Home gt User Info page to include support for both wireless and wired network components Refer to Configuring Your Own User Information with the Home gt Us
471. ption Legacy Laptop Min Max 90 360 This timer determines how often to calculate location for legacy laptop devices Taken with the data samples the calculation would follow After minimum timer 90 seconds check to see if the number of data samples received from all APs that hear this client are greater than or equal to the number of samples setting for legacy laptop devices default of 3 data samples If so Yes to question above then recalculate the client device s location based on the samples received If not No to the question above then wait until the number of sample setting is met and recalculate If the number of samples is never met wait until the maximum timer 360 seconds and recalculate Legacy Laptop Number 3 See definition above of Samples All of the other device types phone printer scale and so on use the same methodology as detailed above To edit the wall settings and select a color for wall types within the VisualRF UI navigate to the Wall Attenuation Settings section and select the pencil icon next to each of these settings as described in lable 142 Table 142 Wall Attenuation Settings in VisualRF gt Setup Default Description Glass Attenuation dB 2 Specifies the attenuation for any glass walls that are drawn in VisualRF NOTE All of these values are global variables that cannot be overridden for individual floor plans VisualRF uses these values to calculate path loss and client locati
472. que startup config file from AirWave via TFTP or SCP If the Reboot Devices after Configuration Changes option is selected then AirWave instructs the AP to copy the configuration from AirWave to the startup config file of the AP and reboot the AP If the Reboot Devices after Configuration Changes option is not selected then AirWave instructs the AP to copy the configuration to the startup config file and then tell the AP to copy the startup config file to the running config file Use the reboot option when possible Copying the configuration from startup to running merges the two configurations and can cause undesired configuration lines to remain active on the AP NOTE Changes made on the standard AirWave Group configuration pages to include Basic Radio Security VLANs and so forth are not applied to any template based APs WDS Settings in Templates A group template supports Cisco WDS settings APs functioning in a WDS environment communicate with the Cisco WLSE via a WDS master IOS APs can function in Master or Slave mode Slave APs report their rogue findings to the WDS Master AP or WLSM which reports the data back to the WLSE On the APs Devices gt Manage configuration page select the proper role for the AP in the WDS Role drop down menu The following example sets an AP as a WDS Slave with the following lines Sif wds_role client wlccp ap username wlse password 7 XXXXXXXXXX Ssendift s The following example sets an AP as
473. r Info page as shown in Figure 8 Figure 8 Home gt User Info Display Preferences section Default Number of Records per List 10 records per page Reset List Preferences Customize Columns for Other Roles Yes No Console Refresh Rate Using the Pagination Widget The pagination widget is located at the top and bottom of every list table as shown in Figure 9 Figure 9 Pagination Widget Generated reports Visit the Report Definitions page to run new reports 1 10 of 37 Reports F Choose Columns Export to CSV Generation Time w Title Type Sul Use the down arrow next to Page to see all the page numbers for that table in a dropdown menu From here you can jump to any portion of the table Select the gt symbol to jump to the next page and gt to jump to the last page Using Export CSV for Lists and Reports Some tables have a Export CSV setting you can use export the data as a spreadsheet See Figure 10 for an example of a list with the Export CSV option selected Figure 10 List with CSV Export Selected 4 of 135 APs Devices Page iwof34 gt gt Choose Columns Device Type User 3Com WX1200 3Com WX1200 7 0 4 4 0 0 AirWave also enables CSV exporting of all report types For more information see Exporting Reports to XML or CSV on page 255 Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 31 Defining Graph Display Preferences Many of the graphs in AirWave are Flash based wh
474. r 802 11 radio profile to create a group of spectrum monitors all APs in any AP group referencing that radio profile will be set to spectrum mode Therefore best practices are to create a new 802 1 1a or 802 11 radio profile just for spectrum monitors If you have Global Dell PowerConnect W Configuration enabled in AMP Setup gt General create the configuration below then go to the controller s group s Dell PowerConnect W Config page and select the newly created Dell PowerConnect W AP Group Perform these steps to set the AP group to use the default Spectrum profile settings l In Groups gt Dell PowerConnect W Config select Add New Dell PowerConnect W AP Group 2 Give the new Group a name like Spectrum APs and select the plus sign next to the 802 1 la Radio Profile to create a new radio profile 3 Enter a name under the General Settings section of Profiles gt RF gt 802 1 1a g Radio 4 In the Other Settings section change the Mode field from ap mode to spectrum mode as illustrated in Figure 109 Then select Save Figure 109 Spectrum mode in Dell PowerConnect W Configuration EHWLANs Profil General Settings Name default GHAAA HAP ese I a E Referenced Profiles _ ni E iing Adaptive Radio Management ARM Profile default z FIDS Mesh High throughput Radio Profile default a PP P Q0S Spectrum Profile Requires a Wireless Intrusion Protection license and a default a X
475. r contrasted with Help Desk Network segment for example Retail Store network contrasted with Corporate HQ network Flexible device support Thin thick mesh network architecture Multi vendor support Current and legacy hardware support Dell PowerConnect W AirWave 7 4 User Guide Introduction 13 14 Introduction Dell PowerConnect W Configuration AirWave supports global and group level configuration of Dell PowerConnect W Series ArubaOS AOS the operating system software suite and application engine that operates Dell PowerConnect W mobility and centralizes control over the entire mobile environment For a complete description of ArubaOS refer to the Dell PowerConnect W Series ArubaOS User Guide at support dell com manuals AirWave consolidates and pushes global Dell PowerConnect W Series configurations from within AirWave Two pages in AirWave support Dell PowerConnect W Configuration Device Setup gt Dell PowerConnect W Configuration for global Dell PowerConnect W Configuration Groups gt Dell PowerConnect W Config for group level Dell PowerConnect W Configuration For additional information that includes a comprehensive inventory of all pages and settings that support Dell PowerConnect W Configuration refer to the Dell PowerConnect W AirWave 7 4 Configuration Guide at support dell com manuals VisualRF VisualRF is a powerful tool for monitoring and managing radio frequency RF dynamics within your wireless
476. r list and run it immediately Run Now to run without being added to the list Add to add but not run the report or Cancel to exit this page Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 231 Using the Dell License Report A new Dell License Report in the Reports tab tracks licenses on Dell PowerConnect W Series devices in your network This report includes information on the type quantity percent used installation date expiration date and the license keys Figure 166 Dell License Report Detail Page Details for Aruba800 in Group aruba gui no wms and Folder Top gt aruba with Max of APs 16 1 8 wof8 Arubas00 Page iwofi Export cS License Type License Qty License Used Install Date Expires AP Developers Module 2009 08 25 02 14 37 Never E bmo7joNC 2j0sUjxc rT8j2tm Wiwojkppa 8VV001hkg 22 c Voice Services Module 2009 08 25 02 14 23 Never E nFFoa6ES pg6gxiSM VtaNIp9 Swu4hMou OhtnjlyP xV Y External Services Interface 2009 08 26 03 00 14 Never E rwi5Lw A EmZ HHsj 7 IvmPe kKBzU8Pkg 2miv aSMz Hv MMC AP 2009 08 26 03 00 12 Never E c 8H 9lp cuHr 9mk 8ytsOHO 5 TuLv79 E5sTP Un A2k xSec Module 2009 08 26 03 00 12 Never E d h cFQv RsUHSjCA WUaGwyVWV CTrv yh LOJFR Gti ge Client Integrity Module 2009 08 26 03 00 13 Never E Oh5SfsstC Km E 763 2dSKVW 92 A TrbAjvT IrGrsGQ sew Wireless Intrusion Protection 2009 08 26 03 00 13 Never E Pithkbzw p74Uro52Z 0 38dn
477. r of devices and groups based on the Top folder and varying levels of control based on the Access Level AirWave Management Client The AirWave Management Client AMC software allows WiFi enabled devices to serve as additional sensors to gather data for RAPIDS Use this role type to set up a client to be treated as a user with the AMC role The user information defined in AMC must match the user with the Dell PowerConnect W Management Client type Guest Access Sponsor Limited functionality role to allow helpdesk or reception desk staff to grant wireless access to temporary personnel This role only has access to the defined top folder of APs Defines the privileges the role has over the viewable APs AirWave supports three privilege levels as follows Manage Read Write Manage users can view and modify devices and Groups Selecting this option causes a new field Allow authorization of APs Devices to appear on the page and is enabled by default Audit Read Only Audit users have read only access to the viewable devices and Groups Audit users have access to the APs Devices gt Audit page which may contain sensitive information including AP passwords Monitor Read Only Monitor users have read only access to devices and groups and VisualRF Monitor users cannot view the APs Devices gt Audit page which may contain sensitive information including passwords Defines the Top viewable folder for the role The role is able to view
478. r the AP is a portal device or a mesh node The portal device is connected to the network over a wired connection A node is a device downstream of the portal that uses wireless connections to reach the portal device Mesh ID The name of the mesh device View in Google Selecting the Google Earth icon opens the mesh network view in Google Earth Earth Type Displays the make and model of the device Last Contacted Displays the most recent time AirWave has polled the AP for information The polling interval can be set on the Groups gt Basic page Uptime Displays the amount of time since the AP has been rebooted This is the amount of time the AP reports and is not based on any connectivity with AirWave IP Address Displays the IP address that AirWave uses to communicate to the device This number is also a link to the AP web interface When the link is moused over a pop up menu will appear allowing you to http https telnet or SSH to the device NOTE For Dell PowerConnect W Series controllers if Single Sign On is enabled for your role in this AMP and you have access to this controller you will not have to enter the credentials for this controller again after selecting this link Outer IP Public IP address for a RAP device Remote LAN IP LAN IP address for a RAP This address is useful for troubleshooting from the local network 120 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Gui
479. r users or to trick your users into providing their authentication credentials Devices with your SSID generally pose a severe threat This rule helps to discover flag and emphasize such a device for prompt response on your part If Any Device Has Your SSID and is Not an Ad Hoc Network Type Then Classify as Rogue This rule classifies a device as a rogue when the SSID for a given device is your SSID and is not an Ad Hoc device Windows XP automatically tries to create an Ad hoc network if it can not find the SSID for which it is searching This means that users laptops on your network may appear as Ad Hoc devices that are broadcasting your SSID If this happens too frequently you can restrict the rule to apply to non ad hoc devices If More Than Four APs Have Discovered a Device Then Classify as Rogue By default AirWave tries to use Signal Strength to determine if a device is on your premises Hearing device count is another metric that can be used The important concept in this scenario is that legitimate neighboring devices are only heard by a few APs on the edge of your network Devices that are heard by a large number of your APs are likely to be in the heart of your campus This rule works best for scenarios in large campuses or that occupy an entire building For additional rules that may help you in your specific network scenario contact Dell support at support dell com Using RAPIDS Rules with Additional AirWave Functions
480. radio_index radio radio_index Sif radio_type 1lla radio radio_index radio radio_index radio radio_index radio radio_index radio Sradio_index radio radio_index radio radio_index radio radio_index radio radio_index radio Sradio_index Sendi ts Sif radio_type llan radio radio_index piv peo popoe Os por el Sendi ts Sif radio_type 11b radio radio_index Sendi ts Sif radio_type l1lbg radio Sradio_index radio radio_index radio radio_index radio Sradio_index radio radio_index Sendi ts CO x GSlan_mac Sradio_typesS tap_type radio number radio_number description Sdescriptions speed basico 9 basicl2 18 basic24 36 48 54 antenna mode primary self heal offset 1 beacon interval 99 rts threshold 2345 max mobile units 25 admission control voice max perc 76 admission control voice res roam perc 11 admission control voice max mus 101 admission control voice max roamed mus 11 speed basiclla 9 18 36 48 54 mcs 0 11 12 13 14 15 speed basicl basic2 basic5p5 basicll speed basicl basic2 basic5p5 6 9 basicll 12 18 24 36 48 54 on channel scan adoption pref id 7 enhanced beacon table enhanced probe table if radio_type 11bgn5 radio radio_index pli pp ery Or por ore Sendifs radio radio_index Sdetectors adoption_pref_id radio radio_index radio radio_index Sap_include_4 o 164 Creating and Using Templates speed basi
481. ragging and dropping objects with this icon changes the sequence of items in relation to each other Refer to Using RAPIDS and Rogue Classification on page 167 as one example of drag and drop Duplicate Duplicates or makes a copy of the configuration of an AirWave object H Edits the object properties Filter Funnel icon Filters list by values of the selected column To reset all filters in all columns click Reset filters link at the bottom of the table 26 Installing and Getting Started Dell PowerConnect W AirWave 7 4 User Guide Table 7 Standard Buttons and Icons of the AirWave User Page Continued Function Image Description ines __ nonsense n gt settee ret Mismatched Indicates mismatched device configuration in which the most recent configuration in AirWave and the current configuration on a device are mismatched porr _ ean aioe mle peros Ja riero ponen Spoar rconoir eseon oreesa oos pem perane ooroo soosoo Reboot Reboots devices or AirWave CARRANNA NH pe e eenen perecet ones contonen ardis tone AP areen pen fperei in ns arewainroee Soe __ Susser vonna C __ Smashes aw ons pegs abies Sen etree sekontenes seni stats rears rem Search A Searches AirWave for the specified client device rogue group folder tag or session Set Time Range s a Sets the time range for interactive graphs to the range specified Ue Indicates devices which are in the U
482. ration verification configuration on device does not match desired configuration Sun Oct 9 23 16 12 2011 System Status changed to OK Sun Oct 9 23 16 12 2011 System Up Sun Oct 9 23 14 24 2011 admin Configuration change submitted Sun Oct 9 23 14 23 2011 admin Authorized Sun Oct 9 23 11 11 2011 System Discovered Audit Log Time User Event Sun Oct 9 23 14 22 2011 admin ap id 234 Group Srini Folder Top gt Srini Aruba AP Group NoAuthApGroup ap id 234 aruba_ap_group_id lt undefined gt n P Table 73 describes the fields and information displayed in the Device Info section The displayed fields vary from device to device Table 73 APs Devices gt Monitor gt Device Info Fields and Default Values Field Description Poll Now Button above the Device Info section that when pressed immediately polls the individual AP or the controller for a thin AP this overrides the group s preset polling intervals to force an immediate update of all data except for rogue information Shows attempt status and last polling times Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 119 Table 73 APs Devices gt Monitor gt Device Info Fields and Default Values Continued Field Description Status Displays ability of AirWave to connect to the AP Up no issue means everything is working as it should Down SNMP get failed means AirWave can get to the device but
483. re Override page This page lists all existing overrides if they have been created Figure 125 RAPIDS gt Score Override Page New Score Override The Score Override Feature allows you to change the scores that are given to MAC addresses detected during scans of switch bridge Forwarding tables 1 11 woF 11 Score Overrides Page 1 w of 1 Edit Columns MAC Address Prefix a Yendor Score Se 00 02 20 Agere Systems 2 OJE manufacturer block contains wireless clients WiFi tags or scanners Ss O0 02 6F Senao International Co Ltd 4 QUIT manufacturer block contains SOHO access points Se 90 03 03 JAMA Electronics Co Ltd 3 QUI manufacturer block contains enterprise access points se 0000 54 SCOM 4 OUD manufacturer block contains SOHO access points Se 00 10 40 INTERMEC CORPORATION 1 Any device on the network not categorized with a higher score Se 00 13 72 Dell 1 Any device on the network not categorized with a higher score 0 se 00 14 69 Cisco 4 OJ manufacturer block contains SOHO access points Sw 00 15 28 Cisco Systems 4 OJE manufacturer block contains SOHO access points Se 00 30 65 Apple computer 3 OUEL manufacturer block contains enterprise access points 00 30 59 Spectrapoint Wireless LLC 4 OJE manufacturer block contains SOHO access points Se O0 co 49 U S ROBOTICS INC 4 OUI manufacturer block contains SOHO access points l a lwo 11 Score Overrides Page iw of 1 2 Sele
484. re always encapsulated between signs The following example illustrates this usage hostname Shostname interface DotllRadio0 power local cck CCK_POWER power local ofdm OFDM_POWER channel SCHANNEL S The hostname line sets the AP hostname to the hostname stored in AirWave The power lines set the power local cck and ofdm values to the numerical values that are stored in AirWave Configuring Cisco IOS Templates Cisco IOS access points have hundreds of configurable settings AirWave enables you to control them via the Groups gt Templates configuration page This page defines the startup config file of the devices rather than using the AirWave normal Group configuration pages AirWave no longer supports making changes for these devices via the browser based page but rather uses templates to configure all settings including settings that were controlled formerly on the AirWave Group configuration pages Perform these steps to configure a Cisco IOS Template for use with one or more groups and the associated devices This section includes the following topics Applying Startup config Files WDS Settings in Templates 160 Creating and Using Templates Dell PowerConnect W AirWave 7 4 User Guide SCP Required Settings in Templates Supporting Multiple Radio Types via a Single IOS Template Configuring Single and Dual Radio APs via a Single IOS Template Applying Startup config Files Each of the APs in the Group copies its uni
485. re is no process by which templates can be fetched from devices in the subscriber group on managed AMPs Instead the template must be copied and pasted into the Master Console Global Group When a Global Group is pushed from the Master Console to subscriber groups on managed AMPs all settings will be static except for settings with the checkbox selected for fields with checkboxes selected the value or setting can be changed on the corresponding tab tor each managed group For list pages override options are available only on the Add page for each list It will take several minutes for changes to Global Groups on the Master Console to be pushed to the managed AMPs make sure that the Manage Group Configuration option is enabled for each managed AirWave Once Global Groups have been configured on the Master Console groups must be created or configured on the managed AMPs to subscribe to a particular Global Group To configure subscriber groups enable Use Global Groups on the Group gt Basic page of a group on a managed AirWave Select the name of the Global Group from the drop down menu and then select Save and Apply Note that the MC doesn t push anything when you create new subscriber groups the copy of the Global Group already on the managed AMP provides the information Once the configuration is pushed the non overridden fields from the Global Group will appear on the subscriber group as static values and settings Only fields that had the
486. re not displayed in APs Devices gt New if discovered in subsequent scans Deleted devices will be listed on the APs Devices gt New if discovered in subsequent scans Perform these steps to further process or return an ignored device to a managed status l To view all devices that are ignored go to the APs Devices gt Ignored page illustrated in Figure 75 Figure 75 APs Devices gt Ignored Page Illustration Device Controller Type IP Address LAN MAC Address Discovered w i aruba6000 Aruba Controller 10 15 90 15 6 8 2010 4 14 AM Oo cisco_2100_5B 60 Cisco 2100 WLC 10 50 1002 3 29 2010 7 29 PM C hp poe switch HP ProCurve 2626 PWR 10 51 022 O0 13 21 AC 5E40 10 26 2009 4 35 PM 4 6 of 17 Ignored APs Devices lt Page2wof6 gt gt Select All Unselect AIl View New Devices Unignore Delete This page provides the following information for any ignored device device name or MAC address when known controller associated with that device device type device IP address LAN MAC address for the LAN on which the device is located date and time of device discovery 2 To change the device parameters for a given device select its checkbox and adjust group folder monitor and manage settings as desired Select Add to add the device to AirWave so that it appears on the APs Devices gt New list 4 The Unignore button will either return the device to its regular folder or group or send it to the APs Devices gt New
487. re scans select Show Scheduling Options and enter the desired date and time to schedule a future scan 5 After several minutes have passed refresh the browser page and view the results of the scan When the Start and Stop columns display date and time information the scan is available to display the results 6 Select the pencil icon for the scan to display the results lable 71 describes the scan results and related information Table 71 Device Setup gt Discover gt Discovery Execution Fields Column Description Displays the network to be scanned Credentials Displays the credentials used in the scan Total Devices Found Displays the total number of APs detected during the scan that AirWave can configure and monitor Total includes both APs that are currently being managed by AirWave as well as newly discovered APs that are not yet being managed New Devices Found Displays the number of discovered APs that are not yet managed but are available Total Rogues Found Displays the total number of APs detected during the scan that AirWave could not configure or monitor Total includes both APs that have been discovered in earlier scans as well as newly discovered APs from the most recent scan New Rogues Found Displays the number of rogue APs discovered on the most recent scan Displays the date and time the most recent scan was started 110 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide
488. reate additional overrides for this controller select Add New Dell PowerConnect W Controller Override 8 again When you have finished select Save and Apply You can also use the above procedure to turn on Spectrum mode for radio profiles on one particular controller or use the overrides to point your radio profile to a non default Spectrum profile for just this controller 150 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Chapter 6 Creating and Using Templates This chapter provides an overview and several tasks supporting the use of device configuration templates in AirWave and contains the following topics Group Templates on page 151 Viewing and Adding Templates on page 152 Configuring General Template Files and Variables on page 155 Configuring Cisco IOS Templates on page 160 Configuring Cisco Catalyst Switch Templates on page 162 Configuring Symbol Controller HP WESM Templates on page 163 Configuring a Global Template on page 165 Group Templates Supported Device Templates Templates are helpful configuration tools that allow AirWave to manage virtually all device settings A template uses variables to adjust for minor configuration differences between devices The Groups gt Templates configuration page allows you to create configuration templates for the following types of devices Dell PowerConnect W Aruba Alcatel L
489. reduce the amount of crosstalk between wireless stations to better support roaming users Reducing the receiver sensitivity user stations will be more likely to connect with the nearest access point 802 11g Operational 802 11b This setting sets the operational mode of all g radios in the group to either b only g Mode 802 11g only orb g 802 11abg Operational 802 11b This setting sets the operational mode of all a b g radios in the group to either a only b Mode 802 11g only g only orb g 802 11b Transmit Rate Auto This setting specifies the minimum transmit rate required for the AP to permit a user Fallback device to associate Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 89 Table 63 Groups gt Radio gt Proxim AP 600 AP 700 AP 2000 AP 4000 Avaya AP 3 Avaya AP 7 AP 4 5 6 AP 8 ProCurve520WL Fields and Default Values Continued Setting Default Description 802 11g Transmit Rate Auto This setting specifies the minimum transmit rate required for the AP to permit a user Fallback device to associate 802 11a Transmit Rate Auto This setting specifies the minimum transmit rate required for the AP to permit a user Fallback device to associate Rogue Scanning If enabled any ORINOCO or Avaya APs in the group with the appropriate firmware will passively scan for rogue access points at the specified interval This rogue scan will not break users association to the network NO
490. res in chart format for AirWave Upload Device Firmware This link displays the Device Setup gt Upload Firmware amp Files amp Files Upload page See Overview of the Device Setup gt Upload Firmware amp Files Page on page 55 View Event Log This link displays the System gt Event Log page See Using the System gt Event Log Page on page 186 The Customize link on the upper right side of the page allows you to customize the widgets on the Home gt Overview page See Customizing the Dashboard on page 32 Viewing and Updating License Information Navigate to the Home gt License page using the standard AirWave menu Figure 151 illustrates this page and Table 121 describes the contents Please be aware that you cannot enter multiple licenses To combine multiple license entitlements into one new license contact Dell support at support dell com Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 211 Figure 151 Home gt License Page Illustration System Overview System Mame aire com Time aesf2009 7 25 PM Organization 4ire Networks Uptime 1 day 12 hrs 50 mins Hostname aire com Version 6 4 IP Address 10 19 19 19 Os Centos release 5 This is a licensed version of Airave Wireless Management Suite Refer to your license agreement for complete information about the terms of this license Contact Airave Technical Support at support airvwave com or 1 866 943 42
491. resh Rate 1 minute M Idle Timeout 5 mins to 240 mins fo 214 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Table 122 Home gt User Info Fields and Descriptions Field Description Top Header Stats Filter Level For Rogue Count Specifies the minimum classification that will cause a device to be included in the rogue count header information More about the classifications can be found in Controller Classification with WMS Offload on page 172 Customize Header Columns Enables disables the ability to control which statistics hyperlinks also known as Top Header Stats are displayed at the top of every AirWave screen Stats Select the specific data you would like to see in the Top Header Stats Refer to Status Section on page 22 Note This field only appears if you selected Yes in the previous field Severe Alert Threshold Configures the minimum severity of an alert to be included in the Severe Alerts count See Setting Severe Alert Warning Behavior on page 34 for details Note The severe alerts count header info will only be displayed if Severe Alerts is selected in the Stats section above Note This field only appears if you selected Yes in the Customize Header Columns field Include Device Types Configures the types of devices that should be included in the header stats If a device type is not selected then it will not be included in the header stats
492. rformed by your facilities or CAD department The output of AutoCAD will not be properly formed XML so you may need to massage the output data 2 Copy all CAD drawings and corresponding XML files into a single directory on Windows machine All files must be in a single directory 3 Compress all files into a single zip file 4 Open your browser and navigate to your AMP https lt AMP_NAME gt visualrt site_batch 5 Select Browse to launch the File Explorer Window 6 Select the zip file containing the upload instructions and click the Open button The File Explorer Window will disappear you will return to the Batch Floor Upload Wizard 7 Select Next 8 The application validates the following information Well formed XML All drawing files are accessible All APs are present All Building and Campuses are present 9 If there are any errors none of the floor plans are created 290 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Post Processing Steps l Decrease the Location Caching Timer to previous value 2 Review the VisualRF gt Floor Plans page to ensure server is keeping up Sample Upload Instruction XML File lt xml version 1 0 encoding ISO 8859 1 gt lt visualrf site_batch xmlns visualrf http www example com xmilns xsi http www w3 org 2001 XMLSchema instance version 1 origin lower left gt lt floor name T 0607 number 21 building id 218 gt lt image filename T 0607_WLS_02 d
493. ring Data for Mesh Devices The monitoring page for mesh devices includes basic device information at the top two tables for Radios and Wired Intertaces a Clients interactive graph and a Usage interactive graph Under these graphs are a list of associated Clients Mesh Links RF Neighbors and other common event logs and information 128 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide Figure 89 APs Devices gt Monitor page for a Mesh Device Monitoring Mesh Portal 124 2b 3e in group Access Points in folder Top This Device is in monitor onky mode Status Up OK Controller Srint651 Aruba AP Group a Upstream Device Upstream Port Mesh Portal Mesh Portal 124 2b 32 Mesh Mode Portal AP Mesh ID Hop Count 0 Type Aruba AP 124 Remote Device No Last Contacted S 23 2011 6 44 PM Uptime 4 days 7 hrs 51 mins LAN MAC Address O0 14 1E 00 28 3E Serial ADOMIGO35 View in Google Earth K IP Address 192 168 1253 Total Users D Bandwidth Quick Links Open controller web UI Run a command Notes amp 02 11an T0 1A LE S2 83 F0 D 0 00 149 12 dBm 1 Mesh Portal BO2 1ibgn OO0 1A 1E82 53 FA0 0 00 6 15 dBm Wired Interfaces Eneti 00 1 1E 00 2B 3E Up Up Eneti MAE COEF Up Down 0 60 40 20 E 16 40 18 40 16 40 18 40 Show All Maximum Average B w Max Users Radio 1 0 users O users a w Max Users Radio 2 0 users users Show A
494. ription EIRP EIRP of the APs Environment A range from 1 4 that best describes whether the environment is related to an office space cubicles offices or concrete Decimal points are allowed Plan By Section Coverage Plan Coverage by Speed or Signal Location Plan for location accuracy This mode will result in additional APs placed near the edge of the region to aid in location calculation Number of APs Number of APs to place in the planning region Other Section Plan Sensors Whether to plan sensors into the region Save Region as Walls Whether to save the edges of the planning region as walls Update Environment Whether to update the environment and data rate in case of changes and Data Rate Figure 227 Autoprovision APs Window Illustration Autoprovision APs Device Selection Plan By AP Type Aruba AP 105 n 7 Speed 200 mbps z Coverage Signal Radio Section Radio 1 Radio 2 Phy lin 2 4 GHz lin 5 GHz 7 Client Info Fii Total dients in region Xmit 12 dBm 12 dBm Enable a a is 4 Max cient per radio Gain 2 5 4 EIRP 14 5 dBm 16 dBm j Other Environment Open Space Cubides Offices Concrete Plan Sensors _ Save Region as Walls fata aain Hawi w Update Environment and Data Rate Cancel Ok a a ER SS eo i 5 When you re finished selecting the desired options select OK Tweaking a Planning Region If the planning layout does not meet your expectations you can edit by rig
495. rk Chipset Network Driver EAP Supplicant Asset ID Asset Group Asset Category Service Start Service End AOS Device Type Aruba HTTP Fingerprint Classification Notes jhao 11 15 2010 4 09 PM on 1154 0 for 1 hr 1 min 5 25 2011 2 14 PM on 78C for 2 mins l Apple iPhone Tis o M fi 66 C Ampe aa M Phn CMM ae Apple C ae CM CM CM CM CM CMM iPhone iTunes iPhone 4 3 1 4 16GB Valid Hide additional properties Classifying Dell Devices in Client Detail If you have deployed Dell PowerConnect W Series controllers and have WMS Offload enabled on the network the Clients gt Client Detail page allows you to classify the device in the Device Information section and to push this configuration to the Dell PowerConnect W controllers that govern the devices The classifications are as follows Unclassified Devices are unclassified by default Valid If the Protect Valid Stations option is enabled this setting designates the device as a legitimate network device Once this Valid setting is pushed this setting prevents valid stations from connecting to a non valid AP Contained When this status is pushed to the device Dell PowerConnect W Series controllers will attempt to keep it contained from the network You can classify the user regardless of whether WMS Offload is enabled If WMS Offload is enabled the classification will get pushed up to the controller Dell PowerConnect W A
496. rm Best Practices Guide at support dell com manuals for suggested disk space allocations for typical wireless network deployments Then select Next Select the Edit the virtual machine settings before completion checkbox and select Continue Enter 4 GB as the minimum Memory Size more virtual RAM may be required refer the AirWave Management Platform Server Sizing Guide at support dell com manuals for RAM requirements for AirWave Select a minimum of two virtual processors then select Next 10 Review the virtual machine settings then select Finish when done Installing AirWave on the Virtual Machine Running an AirWave installation on a VMware virtual machine is typically done in one of three ways Write an AirWave ISO to CD insert the CD into the drive on the machine running the VMware client software and configure the virtual machine to use the Client Device option as its CD DVD Write an AirWave ISO to CD insert the CD into the drive on the VMware server and configure the virtual machine to use the Host Device option as its CD DVD Upload the AirWave ISO to the VMware server s datastore or to a networked filesystem available to the VMware server and configure the virtual machine to use the Datastore ISO File option as its CD DVD Overall the third option is likely the most efficient method to install AirWave After booting the AirWave virtual machine with either a physical CD or a ISO image file the installation process with thi
497. rmine a report s visibility according to user role Email Options Reveals email address preferences for sending reports by selecting Yes Add and Run Allows you to create a report definition and run that report right then Run Now Allows you to run any report that has been defined on the spot without saving settings or creating a new report definition Saves report definition you just created 228 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Figure 161 Reports gt Definitions Page Illustration Split View Report definitions New Report Definition Reports are available on the Generated Reports page after they have been run 1 20 w of 45 Report Definitions Page iwof3 gt gt E O amp VoWLAN Devices Device Summary SSID intranet voip E amp VoWLAN Usage Network Usage SSID intranet voip O VoWLAN User Sessions User Session SSID intranet voip E Avit uptime Device Uptime Group HQ Capacity Planning Max Values Capacity Planning All Groups Folders and SSIDs E Custom Device Summary Report Device Summary Group HQ Custom IDS Events Report IDS Events All Groups and Folders VoWLAN Devices 2 weeks ago now 5 15 2009 3 00 PM Every Friday at 3 00 pm PDT VoWLAN Usage 1 week ago now 5 15 2009 3 00 PM Every Friday at 3 00 pm PDT VOWLAN User Sessions 2 weeks ago now 5 15 2009 3 00 PM Every Friday at 3 00 pm PDT Avir uptime last week today 5 19 2009 12 19 AM
498. rocedure to forward email to a smarthost l Add the following line to etc postfix main cf relayhost mail example com Where mail example com is the IP address or hostname of your smarthost 2 Run service postfix restart 3 Send a test message to an email address Mail v xxx xxx com Subject test mail CO 4 Press Enter 5 Check the mail log to ensure mail was sent by running this command tail f var log maillog Exporting Reports to XML or CSV AirWave allows you to export individual reports in XML xhtml or CSV You can also export all reports at once and a zip file will be generated with all of the files in CSV format included These files may be read by an HTML browser or opened in Excel The CSV files can be opened in any text editor K NOTE This method of exporting files supports graphics and links and prevents Missing File C filename css error messages Transferring Reports Using FTP Once reports are generated you can also copy them to any ftp accessible destination using a sample script For more information contact Dell support at support del com Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 255 256 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Chapter 10 Using VisualRF This chapter contains information about VisualRF and includes the following topics e Features on page 258 e Useful Terms
499. rocedures Manually Adding Individual Devices on page 112 Adding Multiple Devices from a CSV File on page 114 Adding Universal Devices on page 115 Controller driven device discovery Thin APs will automatically be discovered in the network and added to the New Devices list when you add their controller to AirWave To add the thin APs refer to Authorizing Devices to AirWave from APs Devices gt New Page on page 111 Discovering and Adding Devices This section describes the following topics SNMP HTTP Scanning Enabling Cisco Discovery Protocol CDP Authorizing Devices to AirWave from APs Devices gt New Page Manually Adding Individual Devices Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 107 SNMP HTTP Scanning SNMP HTTP discovery scanning is the primary method for discovering devices on your network including rogue devices Enable this scanning method from the Device Setup gt Discover page 2 NOTE This page is only visible to users with the AMP Administrator role or roles that have Allow authorization of APs Devices enabled in AMP Setup gt Roles SNMP HTTP scanning information is provided in these sections Adding Networks for SNMP HTTP Scanning explains how to enable networks that have been defined for scanning Adding Credentials for Scanning explains how to define network credentials for scanning Credentials must be defined betore using them in
500. roup Upstream Device Upstream Port Type Aruba AP 105 Remote Device No Last Contacted 10 11 2011 10 12 AM Uptime 7 days 6 hrs 37 mins LAN MAC Address 00 24 6C CA D7 9B Serial ALO227382 IP Address 192 168 1 248 Clients 2 Usage 10 24 Kbps Quick Links Open controller web UI _ Run a command Notes Radios Index a Name MAC Address Clients Usage Kbps Channel TxPower Antenna Type Role Active SSIDs 1 802 11an 00 24 6C 2D 79 B8 2 10 24 161 24 dBm Internal Access synergy Wired Interfaces Name MAC Address Clients Admin Status Operational Status Type Duplex a Aruba Port Mode Input Capacity Output Capacity EnetO 00 24 6C CA D7 9B 0 Up Up gigabitEthernet Full N A 100 Mbps 100 Mbps Clients on Spectrum AP105 d7 9b Last 8 hours lal Usage on Spectrum AP105 d7 9b Last 8 hours Boll Location Srini gt Srini gt 3 dwg Floor 1 Enlarge E 4 y It gf n Collapse Maximum Average Show All Maximum Average 4 y Avg Clients Radio 1 2 clients 1 clients O y Avg Combined for synergy 164 8 kbps 5 6 kbps a j Aaria AA S a is 5 x Avg Clients for synergy 2 clients 1 clients D v Avg In Radio 1 48 4 kbps 2 kbps Avg Clients on Eneto 0 clients 0 clients M Mex In Radio 1 48 4 kbps 2 kbps O V Max Clients Radio 1 2 clients 1 clients O V Max In for EnetO 96 9 kbps 3 9 kbps O Y Max Clients for synergy 2 clients 1 clients _ Max Mesh Overhead In Radio 1 M Max Clients on Eneto 0 clients 0 clients M Max Out Radio 1 116
501. rovisioning Existing Access Points onto the Floor Plan To provision existing AP in your network onto the floor plan you just uploaded follow these steps l Navigate to VisualRF gt Floor Plans 2 Select the floor plan you have uploaded using the floor number or name links in the list 3 Select the Add Deployed Device icon in the Edit menu A pop up window list of devices in your AirWave appears as shown on 4 4 Select whether to navigate by Group or by Folder in the View By field K NOTE Alternatively you can use the Search field 5 Expand the Group or Folder containing the access points which need to be provisioned on this floor plan Note that by default devices that have already been added to VisualRF are hidden To show them clear the Hide Devices already added to VisualRF checkbox at the bottom of the list 6 Click and drag an AP to its proper location on the floor as shown in Figure 225 Figure 225 Provisioning APs onto the Floor Plan Add Deployed Device x Search View By amp Group Folder i Access Points ey 00 0b 86 64 8e b0 em 00 0b 86 c1 a3710 ep 00 la le c0 1a de ep 00 1a 1e c0 2b 5a ey 00 1a 1e c0 50 78 ey 00 1a 1e c0 55 46 a 00 1a 1e c0 0c 40 ep 00 1a 1e ce fb a9 exp 00 24 6c 0 00 f6 T 4 b Vi Hide Devices already added to VisualRF Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 285 7 Once all APs are provisioned on the floor plan selec
502. rt 230 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Table 128 Reports gt Generated Page Fields and Descriptions Continued Field Description Subject Displays the scope of the report to include groups folders SSIDs or any combination of these that are included in the report Displays the beginning of the time period covered in the report Report End Displays the end of the time period covered in the report In the Reports definitions for other roles section this column indicates the roles for which additional reports are defined Using Custom Reports Custom reports allow users to specify the data that should be included in a report Perform these steps to create a Custom Report l Navigate to the Reports gt Definitions page 2 Select Add 3 By default the Custom option will be selected in the Type drop down menu and the Custom Options section appears below as shown in Figure 165 Figure 165 AirWave Custom Options Page Illustration Custom Options Drag the desired widgets from the Available Options list into the Selected Options list Widgets within the Selected Options can be reordered Available Options Selected Options HF Aruba License Capacity Planning Client Inventory Client Session Configuration Audit VPN Session summary Device Summary VPN Session Seion Data by VPN Type Charts Device Upline VPN Session Sezon Data by VLAN List VPN Session Sessi
503. rtion Continued Field Description Capacity Combined b s Combined Capacity Combined b s Displays the combined capacity in and out of the device in bits per second Usage While gt Threshold Displays the time in which a device has functioned above defined threshold capacity both in Combined and out Overall Overall Usage Combined Overall Usage Combined Displays the overall usage of the device both combined in and out traffic Using the Configuration Audit Report The Configuration Audit Report provides an inventory of device configurations on the network enabling you to display information one device at a time one folder at a time or one device group at a time This report links to additional configuration pages Perform these steps to view the most recent version of the report then to configure a given device using this report l Navigate to the Reports gt Generated page 2 Scroll to the bottom and select Latest Configuration Audit Report to display Detail device configuration information for all devices The ensuing Detail report can be very large in size and provides multiple links to additional device configuration or information display pages 3 You can display device specitic configuration to reduce report size and to focus on a specific device When viewing configured devices on the Detail page select a device in the Name column The device specitic configuration appears 4 You can create or assign a
504. s Encryption does not match WEP or better Network type Rogue is running on the selected network type either Ad hoc or Infrastructure Signal Strength Rogue matches signal strength parameters Specify a minimum and maximum value in dBm SSID Classifies the rogue when it matches or does not match the specified string for the SSID or a specified regular expression NOTE For SSID matching functions AirWave processes only alpha numeric characters and the asterisk wildcard character AirWave i ignores all other non alpha numeric characters For example the string of ethersphere matches the SSID of ethersphere wpaz2 but also the SSID of ethersphere_ this _is_an_exampl1e without any dashes Detected Client Count Classifies based on the number of valid clients Wireline Properties Detected on LAN Rogue is detected on the wired network Select Yes or No Fingerprint Scan Rogue matches fingerprint parameters IP Address Rogue matches a specified IP address or subnet Enter IP address or subnet information as explained by the fields OUI Score Rogue matches manufacturer OUI criteria You can specify minimum and maximum OUI score settings from two drop down lists Select remove to remove one or both criteria as desired Wireless Wireline Properties Manufacturer Rogue matches the manufacturer information of the rogue device Specify matching or non matching manufacturer criteria MAC Address Rogue matches the MAC addres
505. s Specify matching or non matching address criteria or use a wildcard for partial matches Dell Controller Properties Operating System Rogue matches OS criteria Specify matching or non matching OS criteria as prompted by the fields Controller Classification Rogue matches the specified controller classification Rogue falls within a specified minimum and maximum confidence level ranging from 1 to 100 After creating a new tule select Add to return to the RAPIDS gt Rules page Select Save and Apply to have the new tule take effect Dell PowerConnect W AirWave 7 4 User Guide Using RAPIDS and Rogue Classification 175 Deleting or Editing a Rule To delete a rule from the RAPIDS rules list go to the RAPIDS gt Rules page Select the check box next to the rule you want to delete and select Delete The rule is automatically deleted from RAPIDS gt Rules To edit any existing rule select its pencil icon to launch the RAPIDS Classification Rule page see Figure 122 Edit or revise the fields as necessary then select Save To change the sequence in which rules apply to any rogue device drag and drop the rule to a new position in the rules sequence Recommended RAPIDS Rules If Any Device Has Your SSID Then Classify as Rogue The only devices broadcasting your corporate SSID should be devices that you are aware of and are managed by AirWave Rogue devices often broadcast your official SSID in an attempt to get access to you
506. s as a link to the Clients gt Client Detail page for this user Manufacturer The manufacturer of the user s device The model of the user s device Name The product of the user s device Network Chipset The chipset indicates the functions the device was designed to perform Network Driver Driver name or other information Notes Free notes about the user 0 U e e p O p gt pel lt p N A C D Q Q 4 198 Performing Daily Administration in AirWave Table 116 Clients gt Connected Table Columns and Links Continued Alphabetical Field Description The device s operating system type OS Detail Additional information on the operating system such as version numbers Phone Number Contact number for the user Specifies the role that a Dell PowerConnect W Series controller assigned to the connected user such as employee Speed The packet and byte counts of data frames successfully transmitted to and received from associated stations If a user is connected to an switch indicates which controller the user is authenticated to Controller Username Displays the name of the user associated to the AP AirWave gathers this data from device traps SNMP polling or RADIUS accounting Usernames appear in italics when a username for that MAC address has been stored in the database from a previous association but AirWave is not getting a username for the current assoc
507. s method is identical to the steps outlined in the AirWave Management Platform Quick Start Guide at support dell com manuals Dell PowerConnect W AirWave 7 4 User Guide Installing AirWave on VMware ESX 4 1 301 AirWave Post Installation Issues on VMware By default AirWave runs the Linux smartd service for detecting physical disk errors using the S M A R T protocol However virtual disks do not support the S M A R T protocol so the AirWave smartd service will fail at startup The service can be disabled by running the following commands at the AirWave command line service smartd stop chkconfig smartd off The first command stops smartd on the active system while the second prevents the service from starting in the future To install VMware Tools on AirWave perform these steps l From the VMware vSphere select the desired VMware instance from the Inventory list 2 Select Inventory gt Virtual Machine gt Guest gt Install Upgrade VMwareTools 3 Run the following commands at the AirWave console mkdir media cdrom mount dev cdrom media cdrom tar xvzi media cdrom VMware tar gz C tmp tmp vmware tools distrib vmware install pl default 4 Reboot the virtual machine once the VMware Tools install is complete 302 Installing AirWave on VMware ESX 4 1 Dell PowerConnect W AirWave 7 4 User Guide Numerics 802 11 counters cccccceeeeeeeeeeeeeeeee 74 125 126 196 A AAA SCIVE Seica eae r i ea
508. s samples This produces a more accurate representation because signals obtained from the client s card the signal level at which a client hears the AP can vary from vendor to vendot The signal levels at which APs can heara client are already normalized Using multiple samples alleviates spikes or troughs that come from using a single sample To start a client survey follow these steps l Drag the client to the proper location 2 Select the client to see the Properties pop up menu as shown in Figure 200 Figure 200 Client Surveys Location MAC 00 19 D2 92 08 7C Surveys and Training BW kbps 5 min avg o Power _ r Duration 2omw Suin 100mW OK Location Static Surveys and Training Training Select the Surveys and Training option 4 Select the appropriate transmit power for the wireless client Leave the default to 30mW if you are unsure Select the Duration or the time that you want to sample the client s signal measurements Longer durations will increase Path Loss accuracy and location accuracy 6 Select OK to begin the survey Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 269 To display survey locations select the Display menu and select Surveys Note the following information about this procedure Ensure the client will remain in the same location for at least the duration of the survey You should delete and resurvey an area or a floor plan after a remodel or significant in
509. s used by the administrator to manually authorize the first Virtual Controller for an organization that appears in the APs Devices gt New page in AMP Any string is acceptable 2 NOTE Always ensure the protection of your organization s shared secret Knowledge of this shared secret the organization string and communication protocol could allow a rogue device to masquerade as an Dell PowerConnect W Instant device At this point the admin in our example should send the Organization String Shared Secret key and AMP IP address to the on site installers setting up Dell PowerConnect W Instant hardware inside the storefronts Entering the Organization String and AirWave Information into the IAP For the initial IAP Virtual Controller set up in each location the on site installer logs in to the first AP s web interface via the Dell PowerConnect W Instant configuration SSID and navigates to Settings gt AirWave The installer then enters the correct Organization String the AMP IP address and the Shared Secret key as shown in Figure 229 Figure 229 Dell PowerConnect W nstant UI Settings gt AirWave settings Basic Admin AirWave Date amp Time Advanced Organization Acme New York Times AirWave IP 10 4 00 0 Shared key jeeseee Retype shared key sesse Dell PowerConnect W AirWave 7 4 User Guide Setting Up Dell PowerConnect W Instant in AirWave 297 Receiving the Virtual Controller as a New Device in AMP After
510. sco Catalyst Switch Templates cccsssessssssssssssecssssssesesesssseseesseesesseseeaseees 162 Configuring Symbol Controller HP WESM Templates ccccccsessssesssessessseesesesesseseeaseees 163 Configuring a Global Template sic ccs scssssszcscrscastcnnstasendesine touedescersesaca taasantsonarmnaeuenttasvenaesttayaaeandees 165 Chapter 7 Using RAPIDS and Rogue Classification cccsssesssssesesesseessesessesssesesesseeeessssersesen 167 Introduction to RAPIDS ou eee ccscssssesseecsesessesesesecseseesssesecsesesasesesassesaensesassuseansesessusesatseseeonses 167 Viewing Overall Network Health on RAPIDS gt OVervieW ccesesseceessssesssecessessesseesesseeees 168 CEM UD RAPIDS erarnan AA a 169 Basie COmmOUTa UO Denia 169 Rogue Containment Options cceeseescscssssesesesscsessesseececsesecsesesecsesesaesesessusecaseesesaesesaseees 171 Additonal gt GUNN NUS ceses 172 D fining RAPIDS RUlES os scrsitesnnontasazaina dee anstansiacestesnstns pinsinaebononaes veennmsssauatanneentsdigtiaaedseonnpmesiaitnis 172 Controller Classification With WMS Offload ce eccsseseseescecsessesseecesseseesssesesseseeatenss 172 Pevice OIL SC OU oeann E EEEE a EEE 173 Rogue DEVICE Threat Level sscssscssecansceseraasznssnecusseceucsouisardonannitiatubeeencnnniasaateNee 173 Viewing and Configuring RAPIDS Rules csssessssescsssssscsseesecseseesssesecseecassesesaeseees 174 6 Contents Dell PowerConnect W AirWave 7 4 User Gu
511. scovered Down Device If the device status on the APs Devices gt List page remains Down after it has been added to a group the most likely source of the problem is an error in the SNMP community string being used to manage the device Perform the following steps to troubleshoot this scenario 1 Select the Name of the down device in the list of devices on the APs Devices gt List or APs Devices gt Down page This automatically directs you to the APs Device gt Monitor page for that device 2 Locate the Status field in the Device Info section If the Status is Down it includes a description of the cause of the problem Some of the common system messages are as follows in lable 88 Table 88 Common System Messages for Down Status Message Meaning AP is no longer associated This means the AP no longer shows up in any controller s AP list on the AirWave server Either with controller the AP was removed from the controller or it has roamed to another controller that AirWave does not have visibility to or it is offline Controller is Down When a controller goes down AMP automatically marks all associated thin APs down because communication to thin APs are via the controller and AirWave assumes that if the Controller has gone offline then all associated APs are down as well until reassociated another Controller Downloading The AP is in the process of downloading firmware or configuration only applies to Cisco WLC thin APs and some
512. selecting it from the list and selecting Delete Monitoring and Supporting WLAN Clients The AMP Clients pages support WLAN users in AirWave This section describes the Clients pages as follows Overview of the Clients Pages Monitoring WLAN Users in the Clients gt Connected and Clients gt All Pages Supporting Guest WLAN Users With the Clients gt Guest Users Page Supporting RFID Tags With the Clients gt Tags Page See also Evaluating and Diagnosing User Status and Issues For information about creating AirWave users and AirWave user roles refer to Creating AirWave Users Creating AirWave User Roles If you need to create an AirWave user account for frontline personnel who are to support Guest WLAN users refer to Supporting Guest WLAN Users With the Clients gt Guest Users Page on page 199 Overview of the Clients Pages The Clients pages display multiple types of user data for existing WLAN clients and VPN users The data comes from a number of locations including data tables on the access points information from RADIUS accounting servers and AirWave generated data AirWave supports the following Clients pages Clients gt Connected Displays active users that are currently connected to the WLAN Refer to Monitoring WLAN Users in the Clients gt Connected and Clients gt All Pages on page 197 Clients gt All Displays all users of which AirWave is aware with related information Non active users are listed i
513. ser Creation Options are set to Create and user Specified as User Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 113 Table 72 Device Communication and Location Fields and Default Values Continued Setting Default Description Privacy Taken from Device Setup gt SNMPv3 privacy password Password Communication Confirm SNMPv3 Auth Taken from Device Setup gt Drop down menu that allows you to enable the SNMPv3 authentication Protocol Communication protocol to the device being added SNMPv3 Privacy Taken from Device Setup gt Drop down menu that allows you to enable SNMPv3 privacy protocol to Protocol Communication the device being added Telnet SSH Taken from Device Setup gt Telnet username and password for existing Cisco IOS APs AirWave uses Username amp Communication the Telnet username password combination to manage the AP and to Password enable SNMP if desired onan NOTE New out of the box Cisco I0S based APs typically have SNMP disabled with a default telnet username of Cisco and default password of Cisco This value is required for management of any existing Cisco IOS based APs enable Taken from Device Setup gt Password that allows AirWave to enter enable mode on the device Password Communication Confirm HTTP Username Taken from Device Setup gt HTTP password used to manage the device initially and to enable SNMP if amp Password Communication desire
514. ser Guide Configuring and Using Device Groups in AirWave 93 Defining and Configuring LWAPP AP Groups for Cisco Devices The Groups gt Cisco WLC Config gt WLANs gt Advanced gt AP Groups page allows you to add edit delete AP Groups on the Cisco WLC LWAPP AP Groups are used to limit the WLANs available on each AP Cisco thin APs are assigned to LWAPP AP Groups Viewing and Creating Cisco AP Groups l Go to the Groups gt Cisco WLC Config page and select WLANs gt Advanced gt AP Groups in the navigation pane at left This page displays the configured LWAPP APs Figure 52 illustrates this page Figure 52 Groups gt Cisco WLC Config gt WLANS gt Advanced gt AP Groups Page Illustration WLANs Lss00 8021x EhAdvanced Lap Groups AP Groups LWAPP AP Groups VLAN Enabled Yes I No Group Access Points Controller Wireless Security LWAPP AP Group i paar Name B02 Commands Description Limit to 5 LWAPP AP Group Interface Mapping SSID 10 22 42 11 ma Specify Interface Name Yes L No Interface management a NAC State Enabled Disabled Add Cancel e Add Caneel l Save and Apply l Save Revert l Revert All 2 To add a new LWAPP AP group select Yes in the AP Groups section Additional controls appear 3 Select Add to create a new LWAPP AP group To edit an existing LWAPP AP group select the pencil icon next to that group Add one or more SSIDs and the interface VLAN ID mapp
515. session cookie to use in subsequent requests Use your browser to navigate to the static IP address assigned to the internal page of the AirWave as shown in Figure 2 Enter the User Name and Password as admin admin for your initial login and then select Log In Figure 2 AirWave Login Form Welcome to AirWave Management Platform AirWave Username Password If desired you can set one of the available languages for your login English and Japanese Chinese is planned but not yet complete as of 7 4 0 AirWave will remember your selected language until you log out and select another After successful authentication your browser launches the AirWave Home gt Overview page NOTE AirWave pages are protected via SSL Some browsers will display a confirmation dialog for your self signed certificate K Signing your certificate will prevent this dialog from displaying Changing the default login and password on the AMP Setup gt Users page is recommended Refer to the procedure Creating AirWave User Roles on page 46 for additional information 28 Installing and Getting Started Dell PowerConnect W AirWave 7 4 User Guide Chapter 3 Configuring AMP This chapter contains the following procedures to deploy initial AMP configuration e Formatting the Top Header on page 29 e Customizing Columns in Lists on page 30 e Resetting Pagination Records on page 31 e Using the Pagination Widget on page 3
516. sibility Alternatively this field allows you to display reports by Subject on the Reports gt Generated page Email Report Select Yes to display sender and recipient fields Enter the Sender Address where marked to Indicate the address that appears in the From field of the emailed report Enter recipient email addresses separated by commas when using multiple email addresses NOTE AirWave will not attempt to email a report with an excessively large number of rows in the detail section In the report restrictions section you can customize any detailed information contained in a chosen report Figure 185 shows a sample Report Restrictions page Figure 185 Report Restrictions Illustration Restricts Group All Groups wa Folder All Folders w SSID All SSIDs Ww Number of items to include in memory CPU aooo O summary Greater than or equal to 1 Usage by SSID Interval nterna SSID Max Users Max BW In kbps Max BW Out kbps Avg Users Avg BW In kbps Avg BW Out kbps T Fee eS eS Se eS By default all data will be included Deselect the checkbox to hide specific information The list can also be reordered by dragging and dropping the separate lines The order displayed here will match the column order in the report 3 Do one of the following Select Add and Run to generate the report immediately in addition to saving report settings Select Run Now to generate the report im
517. sired change date in the Start Date Time field AirWave takes the time zone into account for the group if a time zone other than AirWave System Time has been configured on the Groups gt Basic configuration page Cancel Cancels the application of changes immediately or scheduled NOTE To completely nullify the change request select Revert on one of the group configuration pages after you have selected Cancel 7 Apply changes to multiple groups by selecting the appropriate group or groups and selecting Preview Modifying Multiple Devices AirWave provides a very powerful utility that modifies all APs or a subset of access points unrelated to the typical AirWave group construct This utility provides the ability to delete simultaneously multiple devices migrate Dell PowerConnect W AirWave 7 4 User Guide Configuring and Using Device Groups in AirWave 101 multiple devices to another group and or folder update credentials and optimize channels Perform these steps to modify multiple devices l To modify multiple devices go to one of the following pages with a device list APs Devices gt List APs Devices gt Up APs Devices gt Down APs Devices gt Mismatched Groups gt Monitor configuration pages Each of these pages displays a list of devices Controller monitoring pages also have lists of their thin APs which can be modified using Modify Devices 2 Select Modify Devices to make the checkboxes at the left of al
518. ss Points 2 AP10 64 96 62 60 0 1 00 Sales Office hello Cisco4400 Top Access Points 3 AP0018 19bd bid0 71 65 68 90 0 0 00 ap lab Cisco4400 Top Access Points All tables in RF Health indicate the rank device type number of users bandwidth location controller folder 248 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide and group and all are sorted according to rank Selecting a value under the Device column in any table will take you to the APs Devices gt Monitor gt Radio Statistics page for the band indicated in the table title 5 GHz or 2 4 GHz Every list contains Rank Device name not type Channel Changes Average Noise Average Channel Utilization Clients Usage Location Controller name Speed Goodput Folder and Group The third column in the list after Device will be the column the list is sorted by If that column would otherwise be in the list Channel Changes it does not show up in the list where it would otherwise Note that sometimes the sorted column is not one of those common ones such as the Interfering Devices section AirWave limits data storage to 183 days approximately six months per radio If you create an RF Health Report with a date range longer than 183 days it will only include Channel Changes Transmit Power Changes Average Utilization Mac Phy Errors and Average Noise based on whatever part of the report intersects the last 183 days This differs from mo
519. ssed particular thresholds Available conditions are Interference Radio Type Time Busy Time Receiving and Time Transmitting Setting Triggers for Discovery Perform the following steps to configure triggers related to device discovery a Choose a trigger type from the Discovery category listed in the Type drop down menu See Figure 133 Table 110 Discovery Trigger Types and Condition Settings Discovery Trigger Options Description New Device Discovered This trigger type flags the discovery of a new AP router or switch connected to the network an device that AirWave can monitor and configure Once you choose this trigger type select Add New Trigger Condition to specify a Device Type Access Point Controller Remote AP or Router Switch b Repeat this procedure for as many triggers and conditions as desired Refer to the start of Creating New Triggers on page 187 to create a new trigger Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 191 Setting Triggers for Clients Perform the following steps to configure user related triggers a Choose a trigger type from the Clients category listed in the Type drop down menu See Figure 133 Table 111 itemizes and describes the Client related trigger types and condition settings for each discovery trigger type Table 111 Client Trigger Types and Condition Settings Client Trigger Option New Client This
520. ssible available graphical elements widgets Select any blue widget tile with a verbal description enclosed and it immediately turns into a graphical element with a description Drag the widgets you want to appear on the Overview dashboard across to the gridlines and arrange them in the right section within the gridlines A widget snaps back to the nearest available gridline if you drop it across two or more lines and turns red if you attempt to place it over gridlines already occupied by widgets Green widgets are properly placed and set to appear when you select Save Widgets that remain in the left section will not appear although they can be reinstated by selecting Restore Defaults Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 33 Customized Search You can customize the Full search results to display only desired categories of matches on the Home gt User Info page Go to the Search Preferences section and select Yes in the Customize Search field then select or unselect categories of results and save your changes Customized search is turned off by default and all boxes are selected Figure 14 Home gt User Info Customized Search Preferences Search Preferences Customize Search ie Yes No APs Devices Clients Connected Clients Historical VPN Sessions Connected VPN Sessions Historical Search Preferences Rogue Clients Folders Groups Tags a 41 lt 1 41 41 l
521. ssion Data by Network Driver List or Chart Session Data by EAP Supplicant List or Chart Session Data by Asset Group List or Chart Session Data by Asset Category List or Chart Session Data by Connection Mode List or Chart Session Data by SSID List or Chart Session Data by Role List or Chart Session Data by VLAN List or Chart Session Data by Cipher List or Chart Summary Sessions Session Data By Client 250 Creating Running and Emailing Reports Dell PowerConnect W AirWave 7 4 User Guide Figure 183 Client Session Detail Partial View Session Data by Cipher ath KERSE ERAR suden Yo ot Time E p Amount ofr Ime Number a 29 15 85 13 days 15 hrs 16 mins 25 35 214 46 1 12 6 52 144 WEP 1 0 559 16 hrs 52 mins 1 31 0 04 0 00 45 64 oF 1 3 of 3 Ciphers Page lw of 1 Number of Users by Cipher Amount of Time Spent by Cipher MB Used by Cipher DAES B3 Ge DAES 73 3 DAES 08 9 E unknown 15 8 unknown 25 4 E unknown 1 1 O WEF 0 S O WEF 1 3 O WEF D 0e Number of sessions 665 Number of unique users Ii Number of guest users D Number of unique APs 124 Average session duration 1 hr 55 mins Total traffic MB 18994 40 Average traffic per session MB 25 43 Average traffic per user MB 111 0 Average bandwidth per user Kbps 51 06 Average signal quality 38 25 Sessions Export CSV eee ia RRA pE gt gt Rote Controller Group Device Location Co 00 26 54 08 4A 2D logon
522. ssociation and authentication traps from Cisco WLC controllers to give real time information on users connected to the wireless network traps from Cisco WLC Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 41 Table 17 AMP Setup gt General gt Additional AMP Services Fields and Default Values Continued Default Description Enable AMON data Yes Allows AMP to collect enhanced data from Dell PowerConnect W Series devices on collection certain firmware versions see the Dell PowerConnect W AirWave 7 4 Best Practices Guide in Home gt Documentation for more details 10 Locate the Performance section Performance tuning is unlikely to be necessary for many AirWave implementations and likely provides the most improvements for customers with extremely large Pro or Enterprise installations Contact Dell support at support dell com if you think you might need to change any of these settings Table 15 describes the settings and default values of this section Table 18 AMP Setup gt General gt Performance Fields and Default Values Default Description Monitoring Based on the Optional setting configures the throughput of monitoring data Increasing this setting Processes number of allows AirWave to process more data per second but it can take resources away cores for your from other AirWave processes Contact Dell support at support dell com if you think server you might need to increase this setting for your network
523. st reports because other data like bandwidth and users maxes out at 425 days and AirWave validates reports so you can only run them over a 366 day duration Using the Rogue Clients Report The Rogue Clients report tracks the number of valid users that connected to rogues in the specified time frame and can be filtered by rogue classification Ad hoc devices can be included and specific details that should be included about the clients can be selected By default the minimum RAPIDS classification is Suspected Rogue and the maximum is Contained Rogue Figure 181 Reports gt Detail gt Rogue Clients Report Page Illustration T XML XHTML export CSV export 10 17 2011 12 00 AM to 10 24 2011 12 49 PM it Email this report Generated on 10 24 2011 12 50 PM ah L Print report Rogue Clients Report for All Groups and Folders Clients Per Classification RAPIDS Classification Number of Misassociations w Suspected Rogue 54 G Suspected Rogue 100 0 Misassociations by Unique Rogue APs 1 2 w of 16 Misassociations by Unique Rogue APs Pagelwof8 gt gt Export CSV Rogue AP SSID Number of Misassociations a RAPIDS Classification Unknown 6B 69 AD comp psk 1 Suspected Rogue Locally Ad F9 F4 06 AndroidAP 1 Suspected Rogue 1 2 of 16 Misassociations by Unique Rogue APs Pagelwof8 gt gt Misassociations by Unique MAC addresses 1 2 w of 13 Misassociations by Unique MAC addresses Pagel wof6 gt gt Export CSV MAC Address Username N
524. staller Information for the Floor Plan Locate the Optional Information section and enter the following information in lable 148 Table 148 Optional Information for the Floor Plan STATI Default Description Owner The owner of the floor used in diagnostics and alerts Installer Planner The person in charge of planning the RF layout for the floor The person in charge of installing RF equipment for the floor Controlling the Layers in the Uploaded Floor Plan CAD only Follow these steps for CAD images l Find the CAD Layers section on the page 2 Unselect the layers which are not required There is slight delay because each request makes a round trip to the server Error Checking of CAD Images VisualRF will check for errors in your uploaded CAD image You can view any issues as follows l Locate the CAD Info section as shown in Figure 224 2 Review the CAD version units of measurement and raw width and height numbers 284 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Figure 224 Checking for CAD errors CAD Info 2 Name Value FUW Version 3 03 E Source File fv px 3 dwg File Type DWG Version 2004 Layout Model Last Steps in Editing an Uploaded Image Click the Save and Close button to begin provisioning APs or Save and New to upload another floor plan After clicking Save and Close you is redirected back into QuickView where you can provision APs IDFs and wired infrastructure P
525. stem gt Alerts View or acknowledge alerts sent out by the system and use the Triggering Agent links to drill down to the device that triggered the alert Refer to Viewing Alerts on page 194 System gt Backups View the backup files that are run nightly Refer to Backing Up AirWave on page 224 System gt Configuration Change Jobs Manages configuration changes in AirWave Refer to Using the System gt Configuration Change Jobs Page on page 216 System gt Firmware Upgrade Jobs Displays information about current and scheduled firmware upgrades Refer to Using the System gt Firmware Upgrade Jobs Page on page 216 System gt Performance Displays basic AirWave hardware information as well as resource usage over time Refer to Using the System gt Performance Page on page 217 Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 183 Using the System gt Status Page The System gt Status page displays the status of all of AirWave services Services will either be OK Disabled or Down If any service is Down displayed in red please contact Dell support at support dell com The Reboot System button provides a graceful way to power cycle your AirWave remotely when it is needed The Restart AirWave button will restart the AirWave services without power cycling the server or reloading the OS Figure 128 illustrates this page Figure 128 System gt Status Page
526. strated in Figure 156 From here you can click the device name to go to its APs Devices gt Monitor page or the link under Firmware File column to go to the Device Setup gt Upload Firmware amp Files page Figure 156 System gt Firmware Upgrade Job Detail Page Illustration Firmware Server Log Details for firrmware upgrade job Firmware upgrade for 5500 6 0 196 0 Firmware upgrade job is stopped because too many upgrades have failed Restart the upgrade job Job Information AMP Administration admin 4 7 2011 2 57 PM Failed Devices being upgraded There are 3 APs that you cannot see 0 of those APs are currently being upgraded Order in Queue a Current Version wie5500 1 7 0 116 0 6 0 199 4 1 0 1 si Q_AIR CTS5500 K9 6 0 199 4 aes Select All Unselect All Cancel and Delete Upgrades Using the System gt Performance Page The System gt Performance page displays basic AirWave hardware information as well as resource usage over time AirWave logs performance statistics such as load average memory and swap data every minute The historical logging is useful to determine the best usable polling period and track the health of AirWave over time The page is divided into four sections e System Information e Performance Graphs e Database Statistics e Disk Usage Figure 157 illustrates this page and Table 123 describes fields and information displayed Dell PowerConnect W AirWave 7 4 User Guide Performing D
527. t AP This type of network usually indicates an infrastructure network for example This may be more of a threat Unknown The network type is not known Encryption Type Displays the encryption that is used by the device Possible contents of this field include the following encryption types Open No encryption WEP Wired Equivalent Privacy WPA W i Fi Protected Access Generally this field alone does not provide enough information to determine if a device is a rogue but it is a useful attribute If a rogue is not running any encryption method you have a wider security hole than with an AP that Is using encryption more than one channel if it contains more than one radio LAN LAN MAC Address Address The LAN The LAN MAC address ofthe rogue device address of the The LAN MAC address ofthe rogue device device This field displays the OS of the device as known OS is the result of a running an OS port scan ona device An IP addresses Is required to run an OS scan The OS reported here is based on the results of the scan Displays the model of rogue device if known This is determined with a fingerprint scan and this information may not always be available IP Address Displays the IP address of the rogue device The IP address data comes from fingerprint scans or ARP polling of routers and switches Last Discovering AP Displays the most recent AP to discover the rogue device The device name in this column is take
528. t 2 25 2011 7 27 AM 5 23 2011 11 00 AM Username Location AP Device w Role Y VLAN Connection Mode w ChBWw Forward Moder Sunnyvale gt 1344 Crossman gt HO bd sahmed Sunnyvale gt 1344 Crossman gt HO AL33 ee 65 802 11n 5 GHz HT20 Tunnel Encrypted cmorrison arubanetworks com Sunnyvale gt 1344 Crossman HO AL2 employee 65 802 11n 5 GHz HT20 Tunnel Encrypted Sunnyvale gt 1344 Crossman gt HO 130C employee 650 802 11n 5 GHz HT20 Tunnel Encrypted Performing Daily Administration in AirWave 197 Table 116 Clients gt Connected Table Columns and Links Alphabetical Field Description AOS Device Type The type of client device determined by the Dell PowerConnect W Series controller a fallback in case the rules set in AMP Setup gt Device Type Setup were unable to determine the device type AP Device Displays the name of the AP to which the MAC address is associated as a link to this AP s APs Devices gt Monitor page The type of authentication employed by the user WPA2 EAP PEAP is the standard setting EAP is reported by Dell PowerConnect W Series devices via SNMP traps Association Time The first time AirWave recorded the user for this association Auth Time The how long ago the user authenticated NOTE This value displays as a negative number for unauthenticated users Auth Type RADIUS accounting servers integrated with AirWave will provide the RADIUS Accounting Auth type Web PAP Captive
529. t 1 41 lt 1 41 41 Rogues Select All Unselect All Setting Severe Alert Warning Behavior You can control the alert levels you can see on the Alerts top header stats link from the Home gt User Info page When a trigger is assigned a severity of Critical it generates a severe alert When a severe alert exists a new component named Severe Alerts appears at the right of the Status field in bold red font Only users who are enabled for viewing critical alerts on the Home gt User Info page can see severe alerts The Severe Alert Threshold dropdown menu located in the Top Header Stats section of the Home gt User Info page is shown in Figure 15 Figure 15 Home gt User Info gt Severe Alert Threshold Dropdown Menu Top Header Stats Fiter Level For Rogue Count Suspected Rogue Customize Header Columns Yes No New Devices Up Wired amp Wireless Up Wired Up Wireless Down Wired amp Wireless Down Wired Down Wireless Mismatched Rogues Users Alerts Severe Alerts Stats Select All Unselect All Severe Alert Threshold Normal v Normal Include Device Types g Minor Major rs Critical J 34 Configuring AMP Dell PowerConnect W AirWave 7 4 User Guide Defining General AirWave Server Settings This section describes all pages accessed from the AMP Setup tab and describes two pages in the Device Setup tab the Communication and Upload Files pages Once required and optio
530. t New from the drop down list 3 Enter the Server Name Server Port default 2002 Username Password and Secret 4 Select Save Enabling Rogue Alerts for Cisco WLSE l Go to the Faults gt Network Wide Settings gt Rogue AP Detection page 2 Select the Enable 3 Select Apply Additional information about rogue device detection is available in Configuring Cisco WLSE Rogue Scanning on page 62 Configuring WLSE to Communicate with APs Go to the Device Setup gt Discover page Configure SNMP Information Configure HTTP Information Configure Telnet SSH Credentials Configure HTTP ports for IOS access points Configure WLCCP credentials Configure AAA information 2 ee YS Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 59 Discovering Devices There are three methods to discover access points within WLSE as follows Using Cisco Discovery Protocol CDP Importing from a file Importing from CiscoWorks Perform these steps to discover access points l Go to the Device gt Managed Devices gt Discovery Wizard page 2 Import devices from a file 3 Import devices from Cisco Works 4 Import using CDP Managing Devices Prior to enabling radio resource management on IOS access points the access points must be under WLSE management NOTE AirWave becomes the primary management monitoring vehicle for IOS access points but for AirWave to gather Rogue information the WLSE must be
531. t Save floppy disk icon in the top right of the QuickView window Ki NOTE The floor is submitted to one of the core threads to recalculate path loss and then to one of the location caching threads to recalculate client locations All changes may not be visible on a refresh until this process complete Automatically Provisioning APs onto a Floor Plan To automatically provision your access points onto your floor plan l Select Draw Region from the Edit menu A new provisioning popup appears as shown in 4 with a crosshair pointer Figure 226 Planning Region Drawing and Selection Illustration _ IDF _ Location Probability 2 Draw your polygon as follows a Left click to initiate the process The tool will automatically shade in your provisioning area Complete the polygon by double clicking 3 Once you have finished drawing the region enter a name for the region and select a Region Type of Planning Then select OK 4 Enter the following information into the Autoprovision APs window as described in Table 149 and illustrated in Figure 227 Table 149 Fields in the Autoprovision APs Window Field Description Device Selection AP Type The type of AP used in this planning region Radio Section Whether they PHY is set to 11n or no radio Transmit power of the APs 286 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Table 149 Fields in the Autoprovision APs Window Continued Field Desc
532. t checked for PCI compliance When Enabled A device fails requirement 2 1 1 if the passphrases SSIDs or other security related settings are on a list of forbidden values that AirWave establishes and tracks The list includes common vendor default passwords The user can input new values to achieve compliance When Disabled network devices are not checked for forbidden information and PCI Compliance is not established Using strong encryption in wireless networks When Enabled PCI Requirement 4 establishes the standard by which payment cardholder data is encrypted prior to transmission across open public networks PCI disallows WEP encryption as an approved encryption method after June 20 2010 A device fails requirement 4 1 1 if the desired or actual configuration reflect that WEP is enabled on the network or if associated users can connect with WEP When Disabled AirWave cannot establish a pass or fail status with regard to PCI encryption requirements on the network Using intrusion detection or intrusion prevention systems to monitor all traffic When Enabled AirWave reports pass or fail status when monitoring devices capable of reporting IDS events Recent IDS events are summarized in the PCI Compliance report or the IDS Report When Disabled AirWave does not monitor the presence of PCl compliant intrusion detection or prevention systems nor can it report Pass or Fail status with regard to IDS events Changing vendor supplied def
533. t product lines from the same vendor for accurate display even in multi vendor and multi architecture environments Full planning capabilities based on speed or signal requirements Useful Terms VisualRF The AirWave service that calculates location calculates path loss and provides floor plan editing capabilities VisualRF Plan Makes the planning portions of VisualRF available in an offline software package that does not require a server For more information about VisualRF Plan see About VisualRF Plan on page 293 QuickView Flash front end for VisualRF which displays information generated by the backend service mW 1 1000 of a Watt It is a linear measurement always positive generally used to represent transmission dB Decibels difference ratio between two signal levels dBm dB as compared to mW It is a logarithmic measurement integer which is typically used in place of mW to represent receive power level AMP normalizes all signals to dBm so it is easy to evaluate performance between various vendors RSSI Received Signal Strength Indicator IEEE defines RSSI is a mechanism by which RF energy is to be measured by the circuitry on a wireless NIC 0 255 RSSI is not standard across vendors Each vendor determines their own RSSI scale values AP to AP Signal Neighbor Some APs Controllers have the ability to report the signal strength of APs that they hear AMP uses these signal strength readings to dynam
534. t should receive the most attention Find the port and switch at which the device is located and shut down the port or follow wiring to the device To manage the rogue remove it from the network and acknowledge the rogue record If you want to allow it on the network classify the device as valid and update with notes that describe it NOTE Not all rogue discovery methods will have all information required for resolution For example the switch router K information port or IP address are found only through switch or router polling Furthermore RSSI signal channel SSID WEP or network type information only appear through wireless scanning Such information can vary according to the device type that performs the scan Score Override On RAPIDS gt Score Override page you can change the OUI scores that are given to MAC addresses detected during scans of bridge forwarding tables on routers or switches Figure 125 Figure 126 and Table 103 illustrate and describe RAPIDS Score Override Perform these steps to create a score override 180 Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7 4 User Guide Once a new score is assigned all devices with the specified MAC address prefix receive the new score 2 NOTE Note that rescoring a MAC Address Prefix poses a security risk The block has received its score for a reason Any devices that fall within this block receive the new score l Navigate to the RAPIDS gt Sco
535. t toggles Overlays Figure 191 Overlays Menu Speed selected Overlays Type Client Transmit Power Floors Frequencies Rates T Heatmap ch usiization T voice 0 mW zl cet CO Above M 5 Guz z54Mbps lt 450Mbps mt Speed TT sensor Coverage C Wired Range petow M sa cue lt 300Mbps The Overlays menu contains three common sections Type Floors and Frequencies Selecting options in these sections can display additional menu sections that affect the data overlays on the floor plan you are viewing Type section Heatmap Evaluate coverage based on signal levels by providing the highest dBm energy level for all areas of a floor plan When this option is selected the Signal Cutoff drop down menu displays Speed Evaluate coverage based on xmit power of client by providing the highest data rate a user will receive for all areas of a floor plan When this option is selected the Client Transmit Power drop down menu displays Additionally a Rates interface appears with 54Mbps 300Mbps and 450Mbps Ch Utilization View how much airtime is used in the environment Airtime usage is a good measure of how busy an area is When you select this option a new Data Set menu appears where you can select the Current or Maximum Total Receive Transmit or Interference information to display on the Floor Plan Sensor Coverage Provides the farthest area which a sensor can hear When this option is selected the Client Transmit Power drop do
536. table values range from 1 to 128 88 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Table 62 Groups gt Radio gt Radio Settings Fields and Default Values Continued Setting Default Description Maximum Data Retries 32 The maximum number of attempts the AP makes to send a packet before giving up and dropping the packet Acceptable values range from 1 to 255 Beacon Period 19 5000 a Time between beacons in microseconds msec DTIM Period 1 255 DTIM alerts power save devices that a packet Is waiting for them This setting configures DIIM packet frequency as a multiple of the number of beacon packets The DTIM Interval indicates how many beacons equal one cycle Ethernet Encapsulation RFC1042 This setting selects either the RFC1042 or 802 1h Ethernet encapsulation standard for use by the group Radio Preamble This setting determines whether the APs uses a short or long preamble The preamble is generated by the AP and attached to the packet prior to transmission The short preamble is 50 percent shorter than the long preamble and thus may improve wireless network performance NOTE Because older WLAN hardware may not support the short preamble the long preamble is recommended as a default setting in most environments 4 Certain wireless access points offer proprietary settings or advanced functionality that differ from prevailing industry standards If you use these
537. te above a device table will take you to the appropriate Management page APs Devices gt Manage For more information see Configuring and Managing Devices on page 134 Auditing Device Configuration When you have added a newly discovered device successfully to a Group in Monitor mode the next step is to verify device configuration status Determine whether any changes will be applied to that device when you convert it to Managed read write mode AirWave uses SNMP or Telnet to read a device s configuration SNMP is used for Cisco controllers Dell PowerConnect W Series devices and wired routers and switches use Telnet SSH to read device configuration See Individual Device Support and Firmware Upgrades on page 144 for more details Perform these steps to verify the device configuration status l Browse to the APs Devices gt List page 2 Locate the device in the list and check the information in the Configuration column 3 If the device is in Monitor mode the lock symbol appears in the Configuration column indicating that the device is locked and will not be configured by AirWave 4 Verify the additional information in the Configuration column for that device A status of Good indicates that all of the device s current settings match the group policy settings and that no changes will be applied when the device is shifted to Manage mode A status of Mismatched indicates that at least one of the device s current config
538. ter the following information Name Enter the ID by which you log into and operate in AirWave Email Address Enter the email address to be used for alerts triggers and additional AirWave functions that support an email address Phone Enter the area code and phone number if desired Notes Enter any additional text based information that helps other AirWave users or administrators to understand the functions roles or other rights of the user being created Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 215 Using the System gt Configuration Change Jobs Page Schedule configuration change jobs are summarized on the System gt Configuration Change Jobs page Perform the following steps to use this page illustrated in Figure 154 Figure 154 System gt Configuration Change Jobs Page Illustration Subject a Description Scheduled Time User Folder Group APO2 Change Radio Status on AP APO2 802 11bg and AP APO2 2 112 September Sth 2007 at 12 00 am edmin Top gt controler thin ap gt trapeze Access f To run at September 9th 2007 at 12 00 am AP APO2 802 11b9 Radio none Enabled AP APO2 802 11a Radio none Enabled Apply Changes Now Delete Cance Schedule specify numeric dates with optional 24 hour times ike 7 4 2003 or 2003 07 04 for July 4t 03 or 7 4 2003 13 00 for July 4th 2003 at 1 00 Ph or specify relative times ike at noon tomorrow at midn
539. terior movement Surveys should be conducted during normal business hours to reflect normal RF activity on the floor l la clients automatically inherit the proper transmit power from the 11g configuration Example 30mW Pre 2006 laptops equate to 20mW for la clients AMP dynamically assigns a transmit power to every client based on OUI as shown in Table 144 This step increases the accuracy for surveys by allowing an override Table 144 Auto assigned Client Type and Transmit Power Client Type Transmit Power 11g Post 2006 Laptops 100 mW SOHO WLAN Cards D Link Net Gear LINKSYS Cisco Cards Adding Location Probability Regions Location probability regions are optional regions that can be used to increase the accuracy of device location in VisualRF VisualRF calculates device locations based on probability VisualRF determines the probability of a device being located in every grid cell and places the device where the probability is the highest Probability regions will add or remove up to 20 chance from the device location probability They can be used to push users into regions where they are more likely to be located like conference rooms and cubical farms or they can be used to pull users out of regions where they are less likely to be like parking lots and courtyards To add a probability region to a floor plan follow these steps A WW NO Select the Edit menu and click the Draw Region option
540. terval This rogue scan will not break a user s association to the network Rogue Scanning If rogue scanning is enabled this setting controls the frequency with which scans are Interval 5 480 min conducted in minutes Frequent scans provide the greatest security but AP performance and throughput available to user devices may be impacted modestly during a rogue scan 8 Select Save when radio configurations as described above are complete select Save and Apply to make the changes permanent or select Revert to discard all unapplied changes 90 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide Cisco WLC Group Configuration The Groups gt Cisco WLC Config page consolidates the settings for Cisco WLC devices from all group pages The Groups gt SSIDs subtab applies to all device types except for Cisco WLC which have WLANs configured on the Cisco WLC Config page It is not recommended to have Symbol 4131 and Proxim APs in the same group as Cisco devices Also it is recommended that users set device preferences to Only devices in this group This topic describes how to access and navigate the Groups gt Cisco WLC Config page Accessing Cisco WLC Configuration Go to the Cisco WLC Config page in one of these two ways l In Groups gt List select a group that has been defined to support Cisco devices and the Cisco WLC Config option appears in the subtabs 2 In Groups gt List create a new gr
541. that have superior or problematic uptime availability and can help with additional analysis in multiple ways Locations device groups or other groupings within a network can be identified as needing attention or can be proven to have superior performance when using this report As of AirWave 7 4 the Device Uptime Report contains four new columns that track bootstrap count number of times the device has gone down for a firmware change reboot count downtime duration and downtime duration percent As mentioned above you can optionally ignore device downtime during planned maintenance periods in this report and you can restrict the report to business days only Figure 170 and Table 131 illustrate and describe the Device Uptime report Figure 170 Device Uptime Report Illustration Daily Device Uptime Report for All Groups Folders and SSIDs 10 16 2011 12 00 AM to 10 17 2011 12 00 AM Generated on 10 17 2011 12 32 AM Average Uptime by Device SNMP Uptime ICMP Uptime 49 7790 54 19 Average Uptime by Any AP SNMP Uptime ICMP Uptime 50 76 53 99 Average Uptime by Any Controller 35 45 46 39 Average Uptime by Any Switch 67 4750 F402 Average Uptime by Group 1 3 of 21 Goups Pagelweof Export CSV Group a SNMP Uptime ICMP Uptime 10 15 75 85 100 00 100 009 2000 40 00 40 14 400 new 100 009 100 005 1 3 of 21 Groups Pagelwof Average Uptime by Folder 1 3 of 24 Folders Page lweof Espot CSV Folder a SNM
542. the Group Other devices are not able to associate to APs in the Group even if the users of those devices are authorized users on the network Perform the following steps to use the MAC ACL function l Browse to the Groups gt MAC ACL configuration page Figure 59 illustrates this page Figure 59 Groups gt MAC ACL Page Illustration Group infrastructure These settings apply to Proxim Cisco vx Works Symbol and ProCurve 520 devices MAC ACL Wise MAC ACL Authorized MAC Addresses This list will nok be set on Cisco VxWorks APs b Yes Use manual setting on each device Save Save and Apply Revert 2 Select Yes on the Use MAC ACL drop down menu Enter all authorized MAC addresses separated by white spaces 3 Select Save when configurations are complete to retain these settings Select Save and Apply to make the changes permanent or select Revert to discard all unapplied changes Specifying Minimum Firmware Versions for APs in a Group This configuration is optional AirWave allows you the option of defining the minimum firmware version for each AP type in a group on the Groups gt Firmware configuration page At the time that you define the minimum version AirWave automatically upgrades all eligible APs When you add APs into the group in the future you will be able to upgrade APs manually The firmware for an AP is not upgraded automatically when it is added to a group Perform the following steps to make
543. the Modify Devices link or when New Devices are added into AirWave Configuring and Managing Devices This section contains the following topics describing individual device configuration within device groups Moving a Device from Monitor Only to Manage Read Write Mode Configuring AP Settings Configuring Device Interfaces tor Switches Individual Device Support and Firmware Upgrades While most device configuration settings can be efficiently managed by AirWave at a Group level certain settings must be managed at the individual device level For example because devices within a Group are often contiguous with one another and have overlapping coverage areas it makes sense to manage these devices individually to avoid RF interference K NOTE Any changes made at an individual device level will automatically override Group level settings AirWave automatically saves the last 10 device configurations for reference and compliance purposes Archived device configurations are linked on the APs Devices gt Audit page and identified by name By default configuration is tracked by the date and time it was created device configurations are also archived by date It is not possible to push archived configurations to devices but archived configurations can be compared to the current configuration the desired configuration or to other archived configurations using the drop down menus on the APs Devices gt Audit page This applies to startup or t
544. the most recent daily version of any report An Admin user can see and edit all report definitions in AirWave Users with Monitor Only roles can see reports and definitions only if they have access to all devices in the reports The Reports gt Generated page contains three primary sections as follows e Generated reports configured for the current role and for additional roles e Generated reports for other roles e The latest daily reports for immediate online viewing Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 229 Figure 163 Reports gt Generated Page Example Generated reports Visit the Report Definitions page to run new reports 1 20 wof959Reports Pace iwof48 gt gt Generation Time w Title Type Subject Report Start Report End 5 21 2009 3 24 AM test Network Usage All Groups Folders and SSIDs 11 21 2008 2 51 AM 5 21 2009 2 51 AM E 5 21 2009 3 05 AM yourdomain user session User Session All Groups Folders and SSIDs 5 20 2009 2 00 AM 5 21 2009 2 00 AM 5 21 2009 3 05 AM yourdomain radius authentication issues RADIUS Authentication Issues All Groups Folders and SSIDs 5 20 2009 2 00 AM 5 21 2009 2 00 AM F 5 21 2009 2 48 AM yourdomain new users New Users All Groups Folders and SSIDs 5 20 2009 2 00 AM 5 21 2009 2 00 AM 5 21 2009 2 48 AM yourdomain new rogue devices New Rogue Devices All Groups and Folders 5 20 2009 2 00 AM 5 21 2009 2 00 AM E 5 21 2009 2 48 AM yourdomain network us
545. the two encryption types shown Static CKIP Cisco Key Integrity Protocol WPA Wi Fi Protected Access protocol WPA PSK Combines WPA with Pre Shared Key encryption WPA2 Wi Fi Protected Access 2 encryption WPA2 PSK Combines the two encryption methods shown xSec FIPS compliant encryption including Layer 2 header info 6 Locate the EAP Options area on the Groups gt SSIDs page and complete the settings Table 59 describes the settings and default values Table 59 Groups gt SSIDs gt EAP Options Section Field and Default Value Setting Default Description WEP Key Rotation 120 Time in seconds between WEP key rotation on the AP Interval 7 Locate the RADIUS Authentication Servers area on the Groups gt SSIDs configuration page and define the settings lable 60 describes the settings and default values Table 60 Groups gt SS Ds gt RADIUS Authentication Servers Fields and Default Values Default Description RADIUS Authentication Server Drop down menu to select RADIUS Authentication servers previously entered on 1 3 the Groups gt RADIUS configuration page These RADIUS servers dictate how Cisco WLC Proxim only wireless clients authenticate onto the network Authentication Profile Name Sets the Authentication Profile Name for Proxim AP 600 AP 700 AP 2000 AP Proxim Only 4000 Authentication Profile Index Sets the Authentication Profile Index for Proxim AP 600 AP 700 AP 2000 AP Proxim Only 4000 8
546. this firmware configuration 98 Configuring and Using Device Groups in AirWave Dell PowerConnect W AirWave 7 4 User Guide l Browse to the Groups gt Firmware configuration page Figure 60 illustrates this page Figure 60 Groups gt Firmware Page Illustration Groupe Access Points Firmware Upgrade Options Configure the File Server IF Address to use when upgrading devices in this group The firmware file definition must be configured to use the per group setting Firrrware File Server IP Address Desired Version Choose the desired firmware version to be applied to the devices in this group Upload firmware files on the Device Setup Upload Firmware amp Files page Aruba 200 hone tsi Aruba 2400 NONE J Aruba 2400 E ROHE 7 Aruba Jo home H Aruba 5000 6000 hoe Sd Aruba foe hme A Aruba 300 HOHE Aruba 800 4 none A Aruba 800 E none Azalea AP none El Azalea MSRA000 none H Start or schedule firmware upgrade job Upgrade Save desired version preferences without upgrading now Save b For each device type in the group specify the minimum acceptable firmware version If no firmware versions are listed go to the Device Setup gt Upload Firmware amp Files configuration page to upload the firmware files to AirWave Select Upgrade to apply firmware preferences to devices in the group Select Save to save the firmware file as the desired version for the group If you have opte
547. tials then combine scan networks and scan credentials to create scan sets The next two procedures in this section describe these tasks Adding Credentials for Scanning The next step in SNMP HTTP device discovery is to define the scan credentials that govern scanning of a given network New APs inherit scan credentials from the System Credentials that you configure on the Device Setup gt Communications page Perform these steps to define scan credentials for SNMP HTTP scanning 108 Discovering Adding and Managing Devices Dell PowerConnect W AirWave 7 4 User Guide l Locate the Credentials section on the Device Setup gt Discover page This page displays scan sets networks and credentials that have been configured so far and allows you to define new elements for device scanning 2 To create a new scan credential select Add New Scan Credential Figure 65 illustrates this page Figure 68 Device Setup gt Discover gt Add Edit New Scan Credential Section Illustration Cr eder itials i pi Confirm Community String PY rE 3 Enter a name for the credential in the Name field for example Default This field supports alphanumeric characters both upper and lower case blank spaces hyphens and underscore characters 4 Choose the type of scan to be completed SNMPv1 SNMPv2 or HTTP In most cases perform scans using SNMP for device discovery but consider the following factors in your decision SNMPv1 and SNMP v2 d
548. tio isossa ai iA 61 Primary or Secondary WDS ssssnssenenenennnnensnsnnensrurnunnnsrsnnnrnrsrnnrnnnrsnnnrsnururnnnnrsnnnnrersrennns 61 Configuring ACS for WDS Authentication cceccsssseseessssssseesesesesseseesseesessesesaseneeees 61 Configuring Cisco WLSE Rogue SCanning cceccsseseccssssesesececssssesseesesseseeaseesesseseeateneeees 62 Configuring AGS Servel Sse ssecasersenscnassnenesaccoescasessiecnseictuarstseuuersbavevetcases saucarieonssavsntdibincsetitaivoomntoevaven 63 Integrating AirWave with an Existing Network Management Solution NMS sesse 64 Auditing PCI Compliance on the N twork ccesessesescssssesssscecsessssesesecesseseesssecessesesatsesesaeseees 65 Introduction to PCI Requirements ccccccssssesssscsessssesssesscsessesesececsesecassecessesesaesesesaeseeasenes 65 PCI Auditing in the AirWave Interface ccsesscssssssssscscssssesssesecseseesssesessesecsssesesseseeasenes 65 Enabling or Disabling PCI AUuditing cecssssescssssssesssssscssssesssecesseseeseesesseseeassesesansesasenes 66 Deploying WMS Offload uu cc ceeesssssessssesssecscseseesssesessesesasseseseasesassesecassusesansesesensecassesesanseaaes 67 Overview Of WMS Offload in AirWave cccccseessesccssssesssecesseseesssecesseseesssesessesesasneeeas 67 General Configuration Tasks Supporting WMS Offload in AirWave ccceeeeeee 68 Additional Information Supporting WMS Offload ccc eeseessessssesseeceeseseesse
549. tional Planner Owner or Installer Information for the Floor Plan 284 Controlling the Layers in the Uploaded Floor Plan CAD only uu eeeeeeeeeeeees 284 Error Checking of CAD Mages cccsssessscssssesesececseseeseseseesesecaesesessusesassesesanseeasenss 284 Last Steps in Editing an Uploaded Image ccscssesescsssscssssesssscscsessesesesesseseeaseees 285 Provisioning Existing Access Points onto the Floor Plan uuu seeeeeseseeeeseeeeeeeen 285 Automatically Provisioning APs onto a Floor Plann cesssesesssseeessessesseesssseeeeseeeseees 286 Tweaking a Planning R QION cccscsecssssssscsessesssessssseercseseeseseesesaeseseeseeseseesesateesaesaeeeeess 287 Auto Matching Planned DeVICES cccccsssesssssssessescssssesecseseesseecsesseseseeseeaseessusesseseeseeaees 288 Printing a Bill of Materials Report e ennnenonennnnnnnnnnnnnnenenensnsnsnnnnnnnnnnnnnnnnennnnnnrnrnrnenernrnrnrnnns 288 Importing and Exporting in VISUAIRF 1 00 cceessescssssesssseseesseecseseeseseesesaeseseesaeseseesesateessnsasensess 289 Exporting a CAMPUS cccceccssssesesscsssseeecseseeseseeseesesecseseeseseesesausessusaesesaesesanseceusaesesaeseeansetees 289 porno Trom CAD oere 289 Batch Importing CAD FICS snrsrcrcuusrasununnnnninnnna aa 290 PECUT EMEN oran euuatecr ace temaann eterna 290 Pre PROCESSING SLEDS curoni neiise a E aR 290 Upload Processmio te 2 0 Syne nr en 290 Post Processing Steps ccctccesccarssksinrasdenctscndsonc
550. tional Status Device Setup Mismatched Ignored Type T ethernetCsmaci ethernetCsmaci ethemetCsmaci ethernetCsmaci eathernetCsmaci ethernetCsmaci ethernetCsmaci ethemetCsmaci ethernetCsmaci ethernetCsmaci Operational Status Up Up l The Interfaces page includes a summary of all the interfaces at the top In case of the stacked switches the master includes the interfaces of all the members including its own The physical and the virtual interfaces are displayed in separate tables labeled Physical Interfaces and Virtual Interfaces VLANs are listed below the interface AirWave monitors Up Down status and bandwidth information on all interfaces You can edit multiple interfaces concurrently by selecting one of the two Edit Interfaces hyperlinks Interface labels are used to group one or more interfaces for the purpose of defining interface bandwidth triggers Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 131 Understanding the APs Devices gt Interfaces Page Monitoring Data for Wired Devices Routers and Switches on page 130 showed you how to view high level interface information for all physical and virtual interfaces on an entire router or switch Select any interface hotlink in the Interface column of the Physical or Virtual Interfaces tables on the stacked switches to go to an Interface Monitoring page displaying data relevant to that specific interface
551. to AirWave from APs Devices gt New Page on page 111 To delete a device altogether from AirWave select the corresponding check box for each device and select Delete Dell PowerConnect W thin APs can have Dell PowerConnect W AP Group specified and Cisco thin APs can have LWAPP AP Group specified when they are authorized Enabling Cisco Discovery Protocol CDP CDP uses the polling interval configured for each individual Cisco switch or router on the Groups gt List page AirWave requires read only access to a router or switch for all subnets that contain wired or wireless devices The polling interval is specified on the Group gt Basic page Authorizing Devices to AirWave from APs Devices gt New Page Once you have discovered devices on your network add these devices to a group and specify whether the device is to be placed in Manage Read Write or Monitor Only mode To configure a new group refer to Configuring and Using Device Groups in AirWave on page 69 In Manage Read Write mode AirWave compares the device s current configuration settings with the Group configuration settings and automatically updates the device s configuration to match the Group policy Dell PowerConnect W AirWave 7 4 User Guide Discovering Adding and Managing Devices 111 In Monitor Only mode AirWave updates the firmware compares the current configuration with the policy and displays any discrepancies on the APs Devices gt Audit page but
552. tom report as soon as you set the parameters You must save its definition separately if you want to remember the parameters Report definitions for other roles section This section supported for admin users displays additional reports that have been scheduled for other roles This section of the page adds the Role column and other columns are the same Each pane includes a Latest Report column with the most recently run reports for each definition and role created Run and Delete buttons allow you to select a report from the definitions table to run or delete Once you define a report from the Definition page it appears on the Generated page The Reports gt Definition page is shown in Figure 161 and Table 127 describes the fields available when you select a specific report definition Table 127 Reports gt Definition Page Fields and Descriptions Field Description Report Definition Displays a field for entering report title and dropdown menu shown in Figure 162 displaying all possible report types Report Restrictions Displays dynamic fields that include spaces for selecting attributes and entering data relevant to your selected report type scope such as groups folders SSID Device Search filter report start and end times Scheduling Options Reveals options for one time or regularly scheduled reporting by selecting Yes Options include report frequency start time and current system time Report Visibility Allows you to dete
553. trigger type indicates a new user has associated to a device within a defined set of groups or folders A Filter on connection mode field appears to allow you to filter by Wired or Wireless clients Note that the New Client trigger type does not require the configuration of any condition settings so the Condition Description section disappears Connected Clients This trigger type indicates a device based on an input list of MAC addresses has associated to the wireless network It is required to define one or more MAC addresses with the field that appears Client Usage This trigger type indicates that the sustained rate of bandwidth used by an individual user has exceeded a predefined threshold for more than a specified period in seconds such as more than 1500kbps for more than 120 seconds Once you choose this trigger type select Add New Trigger Condition to specify the bandwidth characteristics that triggers an alert You can apply multiple conditions to this type of trigger The Value field requires that you input a numerical figure for kilobits per second kbps New VPN User This trigger type indicates a new VPN user has associated to a device within a defined set of groups or folders Note that the New VPN User trigger type does not require the configuration of any condition settings so the Condition section disappears Connected VPN This trigger type indicates a VPN device based on an input list of MAC addresses has associated t
554. ttings section and enter or revise the following information lable 27 lists the settings and default values Table 27 Device Setup gt Communication gt SNMP Settings Fields and Default Values Setting Default Description SNMP Timeout Sets the time in seconds that AirWave waits for a response from a device after sending an SNMP request SNMP Retries Sets the number of times AirWave tries to poll a device when it does not receive a response within the SNMP Timeout Period or the Group s Missed SNMP Poll Threshold setting 1 100 If AirWave does not receive an SNMP response from the device after the specified number of retries AirWave classifies that device as Down Dell PowerConnect W AirWave 7 4 User Guide Configuring AMP 53 3 Locate the SNMP v3 Informs section Select Add New SNMP v3 User to reveal its configuration section AMP users will need to configure all v3 users that are configured on the controller the SNMP Inform receiver in the AMP will be restarted when users are changed or added to the controller Username Username of the SNMP v3 user as configured on the controller Auth Protocol Can be MD5 or SHA The default setting is SHA Auth and Priv Passphrases Enter the auth and priv passphrases for the user as configured on the controller Priv Protocol Can be DES or AES The default setting is DES 4 Locate the Telnet SSH Settings section and complete or adjust the default value for the field Table 28
555. u will also be able to zoom in on a room or doorway to increase the accuracy of your sizing Removing Color from a Floor Plan Image To remove color locate the Image Manipulation section and select B amp W in the Image field Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 283 Assigning Campus Building and Floor Numbers Locate the Floor Info Section and assign the following information as detailed in Table 147 and illustrated in Figure 223 Table 147 Assigning numbers STATI Default Description Building drop down Use this drop down to associate the floor with a building which associate it to a Campus as well Floor Number The floor number You can enter negative numbers for basements NOTE Each floor plan within a building must have a unique floor number Floor Name A descriptive name for the floor It inherits the floor number as a name if nothing is entered Number Ceiling Height Specifies the height from the floor to the ceiling This will default to the ceiling height for the building but you can override here if needed for atria or basements Ceiling Attenuation Specifies the attenuation characteristics in dB of the ceiling or the floor above Figure 223 Entering Floor Info for the Uploaded Floor Plan Image Floor Info Assign to building New Jersey N 7 Floor Number 4 Floor Name Floor 4 Ceiling Height ft 10 Ceiling Attenuation dBm i0 Assigning Optional Planner Owner or In
556. ubscriber loop control no bridge group 1 source learning no bridge group 1 unicast flooding no ip address no ip route cache rts threshold 2312 speed basic 6 0 basic 9 0 basic 12 0 basic 18 0 basic 24 0 36 0 48 0 54 0 ssid decibel ios a authentication open guest mode station role root SENDIFS Configuring Cisco Catalyst Switch Templates Cisco Catalyst Switch templates are configured much like Cisco IOS templates with the addition of the interfaces and switch_command for stacked switches variables Interfaces can be configured on the Device Interface pages as shown in Configuring Device Interfaces for Switches on page 141 You can import interface 162 Creating and Using Templates Dell PowerConnect W AirWave 7 4 User Guide information as described in this section or by fetching a template from that device as described in Configuring General Templates on page 156 2 NOTE Just one template is used for any type of Cisco IOS device and another is used for any type of Catalyst Switch regardless of individual model Configuring Symbol Controller HP WESM Templates This section describes the configuration of templates for Symbol controllers and HP WESM devices Symbol controllers RFS x000 5100 and 2000 can be configured in AirWave using templates AirWave supports Symbol thin AP firmware upgrades from the controllers manage page A sample running configuration file template is provided in this topic for reference A t
557. ucent NOTE Use the graphical Dell Config feature in support of Dell devices particularly for AOS 3 3 2 x and later Refer to the Dell PowerConnect W AirWave 7 4 Configuration Guide at support dell com manuals for additional information Cisco Aironet IOS autonomous APs Cisco Catalyst switches HP ProCurve 530 and WeSM controllers Nomadix Symbol Trapeze 3Com Nortel Enterasys Template Variables Variables in templates configure device specific properties such as name IP address and channel Variables can also be used to configure group level properties such as SSID and RADIUS server which may differ from one group to the next The AirWave template understands many variables including the following Dell PowerConnect W AirWave 7 4 User Guide Creating and Using Templates 151 Sap_include_1 through ap_include_10 S6channel Shostname Sip_address Ssofdmpowers The variable settings correspond to device specific values on the APs Devices gt Manage configuration page for the specific AP that is getting configured NOTE Changes made on the other Group pages Radio Security VLANs SSIDs and so forth are not applied to any APs that are configured by templates Viewing and Adding Templates Perform these steps to display add or edit templates l Goto the Groups gt List page and select a group for which to add or edit templates This can be a new group created with the Add button or you can edit an existing
558. ucture The WIP module provides wired and wireless AP detection classification and containment detects DoS and impersonation attacks and prevents client and network intrusions Cisco WLSE 1100 and 1200 IOS AMP fetches rogue information from the HTTP interface and gets new AP information from SOAP API This system provides wireless discovery information rather than rogue detection information AirMagnet Enterprise Retrieves a list of managed APs from AMP AirDefense Uses the AirWave XML API to keep its list of managed devices up to date WildPackets OmniPeek Retrieves a list of managed APs from AMP Dell PowerConnect W AirWave 7 4 User Guide Using RAPIDS and Rogue Classification 167 Viewing Overall Network Health on RAPIDS gt Overview The RAPIDS gt Overview page displays a page of RAPIDS summary information see Figure 117 Table 93 defines the summary information that appears on the page Figure 117 RAPIDS gt Overview Page Illustration IDS Events att Ek lect T Bien Attack a Last 2 Hours Deauth Broadcast Power Save DoS Attack 0 2 2 Station Associated to Rogue AP 0 2 3 Station Unassociated from Rogue AP O 1 1 Wireless Bridge Detected B 128 252 5 Attack Types 8 134 291 Rogue Data Rogue 0 Suspected Rogue 0 Unclassified 1918 Suspected Neighbor 0 Neighbor 187 Suspected Walid 0 Valid 0 Total 2105 O Unclassified 91 1 O Neighbor a 9 Operating System Devices Linux 1 Unknown 2 Not scanned
559. ue 5 Yes e Detected Wirelessly Suspected Neighbor 5 Yes He OUT block contains SOHO or enterprise APs Suspected Neighbor 5 Yes e OUI block does not contain APs Suspected Valid 5 Yes He 7 RAPIDS Classification Rules Select All Unselect All Save and Apply Table 100 defines the fields in the RAPIDS gt Rules page Table 100 RAPIDS gt Rules Page Field Description Default Classification Sets the classification that a rogue device receives when it does not match any rules Add New RAPIDS Select this button to create a RAPIDS classification rule Classification Rule Rule Name Displays the name of any rule that has been configured Rule names should be descriptive and should convey the core purpose for which it was created Classification Displays the classification that devices receive if they meeting the rule criteria Threat Level Displays the numeric threat level for the rogue device that pertains to the rule Refer to Rogue Device Threat Level on page 173 for additional information Enabled Displays the status of the rule whether enabled or disabled Reorder Drag and Drop Icon Changes the sequence of rules in relation to each other Select then drag and drop the icon for any rule to move it up or down in relation to other rules A revised sequence of rules must be ps saved before rogues are classified in the revised sequence NOTE The sequence of rules is very important for proper rogue classifi
560. ugging no service pad actual ntp clock period 2861929 actual ntp server 209 172 117 194 radius server attribute 32 include in access req format sh 10 Once the template is correct and all mismatches are verified on the APs Devices gt Audit configuration page use the Modify Devices link on the Groups gt Monitor configuration page to place the desired devices into Management mode This removes the APs from Monitor mode read only and instructs the AP to pull down its new startup configuration file from AirWave K NOTE Devices can be placed into Management mode individually from the APs Devices gt Manage configuration page Using Template Syntax Template syntax is comprised of the following components described in this section Using AP Specific Variables Using Directives to Eliminate Reporting of Configuration Mismatches Using Conditional Variables in Templates Using Substitution Variables in Templates Using Directives to Eliminate Reporting of Configuration Mismatches AirWave is designed to audit AP configurations to ensure that the actual configuration of the access point exactly matches the Group template When a configuration mismatch is detected AirWave generates an automatic alert and flags the AP as having a Mismatched configuration status on the user page However when using the templates configuration function there will be times when the running config file and the startup config file do not match under normal circumstan
561. umber of Misassociations a 10 9A DD 34 DA 40 1 8C 58 77 05 00 34 ssastry arubanetworks com 1 1 2 w of 13 Misassociations by Unique MAC addresses Pagel wof6 gt gt Rogue Clients 1 3 w of 54 Rogue Clients Page 1 w of18 gt Export CSV MAC Address a Username Rogue AP SSID First Heard ChBW Radio Mode SNR Channel Signal Location RAPIDS Classification 00 1D E0 21 01 49 Murata Man A0 06 24 D B Cooper3 10 21 20111 02PM_ 802 11b 11 Suspected Rogue 00 22 FA 38 9B AE Aruba 18 B4 80 qa SLB 10 21 2011 2 31 PM HT20 802 11n 2 4 GHz 27 1 58 Suspected Rogue 00 22 FA 38 9B AE Wistron 7E 9D EC FSL_AP2an 10 22 2011 7 35 AM HT20 802 11n 5 GHz 13 48 74 Suspected Rogue 1 3 w of 54 Rogue Clients Page 1w of18 gt gt Dell PowerConnect W AirWave 7 4 User Guide Creating Running and Emailing Reports 249 Using the Rogue Containment Audit Report The rogue containment audit report that lets you know if any containment is failing Figure 182 illustrates the fields and information in this report type Figure 182 Reports gt Detail gt Rogue Containment Audit Report Page Illustration 7 TE XML XHTML export Rogue Containment Audit Report for All Groups and Folders CSV export Generated on 12 1 2009 4 33 PM L Email this report Print report 1 8 of amp Rogues Contained Page 1wofi Export to CSY Controller Rogue BSSID Containment State Desired Containment State Location Airespace 5500 Apple ED 3B8 17 00 03 93 ED 3B
562. up gt General gt Firmware Upgrade Defaults Fields and Default Values Default Description Allow firmware upgrades in monitor only mode If Yes is selected AirWave upgrades the firmware for APs in Monitor Only mode When AirWave upgrades the firmware in this mode the desired configuration are not be pushed to AirWave Only the firmware is applied The firmware upgrade may result in configuration changes AirWave does not correct those changes when the AP Is in Monitor Only mode Defines the number of jobs AirWave runs at the same time A job can include multiple Simultaneous Jobs 1 Simultaneous Devices 20 Defines the number of devices that can be in the process of upgrading at the same time Per Job AirWave only runs one IFIP transfer at a time As soon as the transfer to a device has 1 1000 completed the next transfer begins even if the first device is still in the process of rebooting or verifying configuration Failures before stopping 0 20 Sets the default number of upgrade failures before AirWave pauses the upgrade process User intervention is required to resume the upgrade process Setting this value to 0 disables this function 9 Locate the Additional AMP Services section and adjust settings as required Table 17 describes the settings and default values of this section Table 17 AMP Setup gt General gt Additional AMP Services Fields and Default Values Default Description Enable FTP Server Enables or
563. up and running If the watched AirWave is unreachable for the specified number of polls the Failover AirWave automatically restores the most recent saved backup from the watched AirWave and begins polling its APs Navigation Section of AirWave Failover The Navigation section displays tabs to all main GUI pages within AirWave Failover The top bar is a static navigation bar containing tabs for the main components of AirWave while the lower bar is context sensitive and displays the subtabs for the highlighted tab Table 125 describes the contents of this page Table 125 Contents of the Navigation Section of Failover Main Tab Description Subtabs Home The Home page provides basic AirWave Failover information including system Overview name hostname IP address current time running time software version and User Info watched AirWave information Watched AMPs License The System page provides information related to AirWave operation and Status administration including overall system status performance monitoring and Triggers backups Alerts Event Log Backups Performance AMP Setup The Setup page provides all information relating to the configuration of AirWave General itself and its connection to your network Network Users TACACS Adding Watched AirWave Stations Navigate to the Home gt Watched AMPs page to begin backing up and monitoring AirWave stations Once an AirWave installation has been added to the Watc
564. upport the highest numbers of users This list provides links to additional information or configuration pages for each device to make adjustments as desired Most Utilized by Bandwidth By default this list displays the 10 devices that consistently have the highest bandwidth consumption during the time period defined for the report This list provides links to additional information or configuration pages for each device Least Utilized by Maximum Number of Simultaneous Users By default this list displays the 10 devices that are the least used according to the number of users Least Utilized by Bandwidth By default this list displays the 10 devices that are the least used according to the bandwidth throughput Devices This list displays all devices in AirWave By default it is sorted alphabetically by device name Ki NOTE You can specify the number of devices that appear in each of the first four categories in the Reports gt Definitions gt Add page Any section of this report can be sorted by any of the columns For example you can specify a location and then sort the Devices list by the Location column to see details by location or you can see all of the APs associated with a particular controller by sorting on the Controller column If the AP name contains information about the location of the AP you can sort by AP name If sorting the Devices list does not provide you with sufficient detail you can specify a Group or
565. uration settings do not match the group policy and will be changed when the device is shifted to Manage mode 5 If the device configuration is Mismatched select the Mismatched link to go to the APs Devices gt Audit page The APs Devices gt Audit page lists detailed information on all existing configuration parameters and settings for an individual device The group configuration settings are displayed on the right side of the page If the device is moved from Monitor to Manage mode the settings on the right side of the page overwrite the settings on the left Figure 95 illustrates this page Figure 95 APs Devices gt Audit Page Illustration Device Configuration of ArubaS3500 in group aruba gui no wms in folder Top gt aruba gt This Device is in monitor only with frmware upgrades mode Configuration read from device at 5 24 2011 4 43 PM Configuration Good Audit Audit the device s current configuration Show Archived Device Configuration Show only mismatched settings Refresh this page ToS Name corvina ga 1 SerialNumber AUOO00180 Uptime 22 days 0 hrs 52 mins Current Device Contiguratic Contact Steve Description ArubaOS MODEL ArubaS3500 24T Version 7 0 0 0 28131 Location AW Server Room ObjectID 1 3 6 1 4 1 14823 1 1 25 6 Review the list of changes to be applied to the device to determine whether the changes are appropriate If not you need to change the Group settings or reassign the device to another Group
566. urther in Table 143 Table 143 Elements Read From Controllers to Increase Location Accuracy AP to AP Signals Dynamic Unassociated Rogue AP Attenuation Client Signal STE MFG Model Client Signal Associated AP Yes Yes Yes Yes Cisco LWAPP Yes Yes Cisco lOS Yes Cisco VxWorks Yes Trapeze Yes Meru Proxim Yes Symbol Auton AP Yes Symbol Thin AP Yes Proxim AP 2000 Yes Proxim AP 4000 Yes ProCurve WeSM Yes ProCurve 530 Yes ProCurve 420 Yes AirWave provides four main methods to increase accuracy once your access points are deployed Adding Exterior Walls increases location accuracy by reducing the statistical probability of placements outside the office confines See Adding Exterior Walls on page 268 Client Training for Stationary Devices ensures non mobile clients like desktops or scales will always remain in a defined static location Statically assigning non mobile devices reduces the CPU load on your server Dell PowerConnect W AirWave 7 4 User Guide Using VisualRF 267 because VisualRF does not evaluate any signal metrics for this MAC address when associated with an AP on the floor plan See Location Training for Stationary Devices on page 268 Remote Client Surveys provides additional attenuation inputs for corners and low coverage areas without the burden of actually carrying a laptop to the physical location See Adding Client Surveys on page 269 Location Probability Regions Probability regi
567. ushed line the lines immediately below the line and indented are ignored as well In the example below if you were to bracket NTP server the NTP clock period would behave as if it were bracketed because it belongs or is associated with the NTP server line NOTE The line lt ignore_and_do_not_push gt ntp clock period lt ignore_and_do_not_push gt will cause lines starting with ntp clock K period to be ignored However the line lt ignore_and_do_not_push gt ntp lt ignore_and_do_not_push gt causes all lines starting with ntp to be ignored so it is important to be as specific as possible Push and exclude Command Instead of using the full tags you may use the parenthesis shorthand substring The push and exclude directive is used to push commands to the AP that will not appear in the running config file For example some no commands that are used to remove SSIDs or remove configuration parameters do not appear in the running config file of a device A command inside the push and exclude directive are included in the startup config file pushed to a device but AirWave excludes them when calculating and reporting configuration mismatches K NOTE The opening tag may have leading spaces Below are some examples of using directives line con 0 lt push_and_exclude gt no stopbits lt push_and_exclude gt line vty 5 15 ntp server 209 172 117 194 lt ignore_and_do_not_push gt ntp clock period lt ignore_and_do_not_push
568. ustrated in Figure 132 Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 187 Figure 132 Add New Trigger Page Illustration Trigger Type Device Down Severity Morrnal Send Alerts for Thin APs when Controller is Down yes jo Conditions Matching conditions fay any Available Conditions Device Type Add New Trigger Condition Option Condition Yalue Device Type 7 lis ba Access Point b v Trigger Restrictions Folder Top gt Include Subfolders f ves No Group All Groups ka Alert Notifications Additional Notification Options M Email M NMS NMS Trap Destinations E acceptance test corp airwave com M gauss corp ainwave com Select All Unselect All Sender Address me company com Enter multiple email addresses of the form user domain separated by spaces commas or semicolons Recipient Email Addresses IMeM company com Logged Alert visibility Ey Triggering Agent a Suppress Until Acknowledged f ves No 2 Configure the Trigger Restrictions and Alert Notifications This configuration is consistent regardless of the trigger type to be defined a The Trigger Restrictions settings establishes how widely or how narrowly the trigger applies Define the folder subfolder and Group covered by this trigger lable 107 describes the options for trigger restrictions Table 107 System gt Trigger Details Fields and Default Values Notification
569. uth Password SNMPv3 Auth Protocol MDS Privacy Password Confirm Privacy Password SNMPv3 Privacy Protocol DES Table 90 Groups gt Templates gt Add Template Fields and Default Values Default Use Global Template 154 Creating and Using Templates Description Uses a global template that has been previously configured on the Groups gt Templates configuration page Available templates will appear in the drop down menu If Yes is selected you can also configure global template variables For Symbol devices you can select the groups of thin APs to which the template should be applied Dell PowerConnect W AirWave 7 4 User Guide Table 90 Groups gt Templates gt Add Template Fields and Default Values Continued Setting Name Default Description AP Type Cisco IOS Any Model Reboot APs After Configuration Changes Selects an AP from which to fetch a configuration The configuration will be turned into a template with basic AP specific settings like channel and power turned into variables The variables are filled with the data on the APs Devices gt Manage page for each AP Defines the template display name Determines that the template applies to APs or devices of the specified type If Cisco IOS Any Model is selected the template applies to all IOS APs that do not have a version specific template specified Determines reboot when AirWave applies the template
570. vcssoteveccansaiteaincassscticteoiescctzavees 49 user interface AMP Setup gt Device Type Setup 58 AMP Setup gt General 2an 35 AMP Setup gt MDM Servet 0 cee 208 AMP Setup gt Network 0 ceceeeeeeeeeeee 43 AMP Setup gt NMS 64 AMP Setup gt Roles 44 46 AMP SOU Usi nnaspan 44 45 APs Devices gt Audit36 112 120 133 134 135 157 APs Devices gt Ignored n se 116 APs Devices gt Interfaces 131 132 141 APs Devices gt List c cccceeeecceeeeeceeeeeeeeeeeenees 117 APs Devices gt NeW 111 112 116 297 buttons and 1COMS ceeeeecceeeeeeeeeeeeeceeeceaeeeeeeees 26 Clients gt Clients Detail oo eee 208 Clients gt Conmnected cccccssseeeeeeeeeeeeeeeeees 197 Clients gt Diagnostics 207 Clients gt Guest Users cccccseeeseeeeeeeeeeeeeeees 200 Index 307 COS TAS aol 202 Systemi gt STATUS caeeaaeo 184 Clients gt User Detail 0 0 0 eeeeeeeereeeeeees 206 System gt Syslog and Traps csecsen 185 Configuration Change Confirmation 101 System gt Trigger Detail oeenn 188 Device Setup gt Add cccceeeeeeeees 112 115 System gt Triggers sssr 187 Device Setup gt Communication 53 54 View AP Credentials cecccccceceeeeteteeee 147 Device Setup gt Discover or krenen 108 109 110 PTET Device Setup gt Firmware Files 0 0 i NCA MN eters E E E E E 46 flash graphs esesccnenenee
571. ve SSIDs will never expire or be deleted from the database Sets the number of days AirWave retains inactive interface information after the interface has been removed or deleted from the device Setting this value to 0 disables this function and inactive interface information will never expire or be deleted from the database Sets the number of days AirWave retains historical information on interface status Setting this value to 0 disables this function Sets the number of days AirWave retains historical information on interfering devices Setting this value to 0 disables this function Sets the number of days AirWave retains historical information on device events such as syslog entries and SNMP traps Setting this value to 0 disables this function Refer to Viewing Device Events in System gt Syslog amp Traps on page 185 Dell PowerConnect W AirWave 7 4 User Guide Table 15 AMP Setup gt General gt Historical Data Retention Fields and Default Values Continued Setting Default Description months zero disables Setting this value to 0 disables this function Device Uptime 0 120 Sets the number of months AirWave retains historical information on device uptime 8 Locate the Firmware Upgrade Defaults section and adjust settings as required This section allows you to configure the default firmware upgrade behavior for AirWave Table 16 describes the settings and default values of this section Table 16 AMP Set
572. ventory Device Location https amp_host visualrf location xml mac Provide the radio MAC of the client to locate The corresponding site where the user was placed is provided along with the dimensions If a client is heard on multiple floors it will only be placed on the floor that contains the AP it is associated with Sample Device Location Response lt visualrf device_location version 1 xmlns visualrf www example com gt lt device mac 00 13 02 C2 39 28 name Peter site_id 4f674301 4b47 4ac6 8417 4eba3f7df3a6 site_name NewYork gt lt site width gt 124 51 lt site width gt lt site height gt 161 14 lt site height gt lt x gt 82 50 lt x gt qY gt 37 50 lt y gt lt device gt lt visualrft device location gt Sample Site Inventory Response lt amp amp_site_inventory version 1 xmilns amp http www example com xmins xsi http www w3 org 2001 XMLSchema instance gt lt site id b45e7a49 23b5 4db0 891la 2e60bfFf90d2c version 677 gt lt name gt Remax lt name gt lt uom gt ft lt uom gt lt width gt 314 45 lt width gt lt height gt 425 88 lt height gt lt property name site_owner value format gt lt property name name value Remax format _ gt lt property name installer value format _ gt lt property name planner value format gt lt image type background gt lt filename gt var example snapshot b45e7a49 23 2e6d2c 677 background jpg lt filename
573. ver Allow use of the file server defined on the Group Firmware CI Use Group File Server page Firmware File Server IP Address Po Firmware Filename Po rE 3 Select Supported Firmware Versions and Features to view supported firmware versions 2 NOTE Unsupported and untested firmware may cause device mismatches and other problems Please contact Dell support before installing non certified firmware 4 Enter the appropriate information and select Add The file uploads to AirWave and once complete this file appears on the Device Setup gt Upload Firmware amp Files page This file also appears on additional pages that display firmware files such as the Group gt Firmware page and on individual APs Devices gt Manage pages 5 You can also import a CSV list of groups and their external TFTP firmware servers Table 33 itemizes the settings of this page Table 33 Supported Firmware Versions and Features Fields and Default Values Setting Default Description Type Dell Indicates the firmware file is used with the specified type If you select an IOS device PowerConnect from the Type drop down menu you have the option of choosing a server protocol of W Series TFTP or FTP If you choose FTP you may later notice that the firmware files are pushed Controller to the device more quickly With selection of some types particularly Cisco controllers you can specify the boot software version Firmware Version Provides a user configurable f
574. vg In Radio 1 43 6 kbps 11 4 kbps A fully interactive QuickView display opens below the thumbnail on the same page not in a new window as shown in Figure 216 276 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Figure 216 Full QuickView in APs Devices gt Monitor page for an AP partial view Monitor Manage Audit Compliance New Up Down Mismatched Ignored 1 2 M 800 k 400 k oi 400 k 45 13 45 14 45 12 45 13 45 14 45 Show All Maximum Average Show All Maximum Average v Max Users Radio 1 2 users 1 user E v Avg In Radio 1 43 6 kbps 11 5 kbps v Max Users Radio 2 24 users 12 users D V Avg In Radio 2 321 2 kbps 74 7 kbps v Avg Out Radio 1 964 9 kbps 162 1 kbps 8B V Avg Out Radio 2 1 Mbps 302 kbps FE 1 year ago AmA now g This view is focused on enabling quick resolution of AP issues and therefore disables many RF objects by default as follows Users only users associated with radios within access point of focus are displayed APs only the access point in focus is displayed Radios the heatmap represents all radios within the access point of focus Rogues all rogues are off a Client Rogue Surveys all surveys are off a Walls all walls on displayed Lines client to AP of association are displayed Labels all labels are disabled Viewing a Floor Plan s RF Environment View a floor plan s RF environment from VisualRF gt Floor Plans page
575. via AiWave a new Adds a new guest user to a controller via AiWave user to a controller via AirWave generates a user name for privacy protection This name appears on the Guest User detail page Enabled Enables or disables the user status Set the status of the guest user as active enabled or expired disabled Email Email Displays the optional email address of the user Displays the optional email address ofthe user optional email address of the user 200 Performing Daily Administration in AirWave Dell PowerConnect W AirWave 7 4 User Guide Table 117 Clients gt Guest Users Fields Continued Field Description Status Reports current status by the controller If error messages appear in this column select the user with the checkbox at left and select the Repair guest user errors button Guest users associated to the wireless network appear on the same list as other wireless users but are identified as guest users in the Guest User column The Client Detail page for a guest user also contains a box with the same guest information that appears for each user on the Clients gt Guest Users list K NOTE The Enabled Sponsor Name WLAN Profile and Status columns can be filtered using the funnel icon F 5 To add a new guest user select Add and complete the fields illustrated in Figure 140 Table 117 above describes most fields The first three fields are required and the remaining fields are optional Fi
576. vices Usage An area graph displaying the average bandwidth in each direction for the radio Select Show All for other metrics such as max bandwidth in and out average and max mesh overhead or overhead bandwidth and average max Enet0 Channel An area graph that displays the channel changes if any of the radio over time Frequent regular channel changes on an Dell or Cisco WLC AP radio usually indicate that the Adaptive Radio Management feature ARM in AOS is compensating for high noise levels from interfering devices An area graph that displays signal interference noise floor levels in units of dBm Noise from interfering devices above your AP s noise threshold can result in dropped packets For ARM enabled Dell PowerConnect W Series APs crossing the noise threshold triggers an automatic channel change Power A line graph that displays the average and maximum radio transmit power between 0 and 30 dBm over the time range set in the slider You can adjust the transmit power manually in the APs Devices gt Manage page for this radio s AP or enable ARM on Dell PowerConnect W Series APs to dynamically adjust the power toward your acceptable Coverage Index as needed For more information see the Adaptive Radio Management chapter of the Dell PowerConnect W Series ArubaOS User Guide at support del com manuals MAC Phy Errors A line graph displaying the frame reception rate physical layer error rate resulting from poor signal reception
577. wg gt lt access points gt lt access point id 29648 x 177 51 y 293 15 gt lt access point id 29678 x 312 78 y 293 63 gt lt access point id 29748 x 259 15 y 432 62 gt lt access points gt lt walls gt lt wall type 4 x1 135 94 y1 159 43 x2 135 94 y2 453 16 gt lt wall type 4 x1 135 04 y1 453 16 x2 439 83 y2 453 16 gt lt wall type 4 x1 439 83 y1 453 16 x2 439 83 y2 418 16 gt lt walls gt lt filoor gt lt floor name T 0068 number 22 building id 218 gt lt image filename T 0068_WLS_01 dwg gt lt floor gt lt floor name Test JPG number 23 building id 218 width 523 34 height 231 34 gt lt image filename Fliwst IT_dwg jpg gt lt loor gt lt visualrf site_batch gt Common Importation Problems Improper or undefined UNITS or MEASURE Text embedded into the Model view which causes an inconsistent bounding box Large dimensions which cause grainy resolution upon zoom Legacy CAD versions prior to Release 15 or AutoCAD 2000 Importing from a Dell PowerConnect W Series Controller The instructions below will enable you to seamlessly migrate all building campus and floor plan information previously entered into a Dell PowerConnect W Series controller Pre Conversion Checklist Prior to importing floor plans ensure that VisualRF s memory allocation is sufficient for the anticipated number of floor plans To change the memory allocation navigate to the VisualRF gt Setup page and conf
578. wn in Figure 77 Figure 77 Monitoring Page Top Level Data Common to All Device Types Home Helpdesk Groups Beet Users Reports System Device Setup AMP Setup RAPIDS VisualRF Manage Audit Compliance Mew Up Down Mismatched Ignored Monitoring Talisker in group ARM Spectrum in folder Top gt ARMSpectrum Poll Controller Now This Device is in monitor only with firmware upgrades mode Status Up OK Configuration Mlismatched The settings on the device do not match the desired configuration policy Controller Aruba3400 Aruba AP Group default Upstream Device Upstream Port Type Aruba AP 105 Remote Device No Last Contacted 12 30 2010 10 54 AM Uptime 8 days 17 hrs 46 mins LAN MAC Address O00 24 6C C0 00 F6 Serial ALOO00314 IP Address 10 51 55 231 Total Users 0 Bandwidth 0 kbps Notes The alert summary recent events and audit log sections are also the same regardless of device type and these sections appear at the bottom of these pages a portion of which is shown in Figure 78 Figure 78 Monitoring Page Bottom Level Data Common to All Device Types Type Last 2 Hours Last Day Total Last Event Alerts 0 0 0 IDS Events 0 0 0 Incidents 0 0 0 RADIUS Authentication Issues 0 0 0 Recent Events view system event log Time User Event Wed Feb 3 16 46 28 2010 System Configuration verification succeeded configuration is good omitted 19 duplicate messages Fri Jan 29 08 31 38 2010 System Configuration verificat
579. wn menu displays Voice Provides color coded overlay based on number of radios covering each grid cell based on the selected signal cutoff When this option is selected the Signal Cutoff drop down menu displays Wired Range Displays the distance an Ethernet cable can be pulled from an IDF The max range is equal to 300 feet minus 5 percent minus 1 1x the floor height Floors section The Floors section shows the overlay information for adjacent floors to determine how the bleed through from adjacent floors affects the viewed floor Select all options to see all floors or one or more of the following options Above show the data from APs located on the floor above Current default Below show the data from APs located on the floor below Frequencies section Select the desired frequency from the following options 5 GHz lines are always green 2 4 GHz lines are always blue 2 4 5 GHz lines are yellow Display Menu Figure 192 Display Menu Display B Device Types Floorplan features Relations QF Clients Tags JV Interferers M Wals M Surveys M User Association User Neighbors M Tags M Wired Interferers Wr Rogues V Sensors MV Labels M Regions V Rogues V APs V Mesh_ M Surveys Device Types section Clients Turns the display of wireless users on or off Clients on the floor plan are indicated by the icon 260 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Rogues Toggle rogue devices on or off
580. y Table 77 describes the fields and information displayed for the Connected Clients display Table 77 APs Devices gt Monitor gt Connected Clients Fields and Default Values Field Description Username Provides the name of the User associated to the AP AirWave gathers this data in a variety of ways It can be taken from RADIUS accounting data or traps Device Type The type of device the user is using as determined by the Device Type Rules set up by an administrator in AMP Setup gt Device Type Setup For more information refer to Setting Up Device Types on page 58 The role of the connected client such as employee perforce or logon captive portal MAC Address Displays the Radio MAC address of the user associated to the AP Also provides a link that redirects to the Clients gt Client Detail page Radio Displays the radio to which the user is associated Association Time Displays the first time AirWave recorded the MAC address as being associated Duration Displays the length of time the MAC address has been associated Auth Type Displays the type of authentication employed by the user Supported auth types include EAP Extensible Authentication Protocol RADIUS accounting RADIUS accounting servers integrated with AirWave provide the RADIUS Accounting Auth type WPA2 Wi Fi Protected Access 2 encryption No Encryption AirWave considers all other types as not authenticated The information AirWave displays in
581. y every 3 500 square feet For squate or rectangular floor plans ensure access points are deployed on the exterior walls of each floor with access points in the middle as well Refer to Figure 208 for an example Figure 208 Rectangular Floor Plan AP Deployment 400 0 Using QuickView to Assess RF Environments QuickView has four distinct views or entry points client view access point view floor plan view and network campus and building view This section contains the following corresponding topics Viewing a Wireless User s RF Environment on page 274 Viewing an AP s Wireless RF Environment on page 276 Viewing a Floor Plan s RF Environment on page 277 Viewing a Network Campus Building s RF Environment on page 278 Viewing a Wireless User s RF Environment l Navigate to Clients gt List in AMP 2 Click the link under the Location column for the user of interest as shown in Figure 209 A QuickView window of that location opens and indicates the client with a Username label as shown in Figure 210 Figure 209 Link to user s thumbnail the Location column Username Location ARUBANETWORKS maalvin APAC SE TR gt BLDG gt Floor 2 umahindra APAC SE TR gt BLDG gt Floor 2 dkurose APAC SE TR gt BLDG gt Floor 1 jzelnosky f 274 Using VisualRF Dell PowerConnect W AirWave 7 4 User Guide Figure 210 QuickView of the selected device You can also ac
582. y of any existing authorized Virtual Controller in the top level Organization String 4 Set the initial Virtual Controller to Manage Read Write mode and push the good configuration to the subsequent IAPs 5 Set up AMP users to have access to specific folders if desired AMP Pages with Instant Specific Features The following is a summary of AMP pages affected by Dell PowerConnect W Instant support APs Devices gt New When an Dell PowerConnect W Instant device appears in the APs Devices gt New page an admin user can mouse over the value on the Type column to display the device s Shared Secret with AMP APs Devices gt List The Virtual Controller is listed as an additional device even though it is part of the existing set of IAPs You can identify the IAP acting as the Virtual Controller by their identical LAN MAC addresses Clients gt Client Detail Once IAPs are serving clients the IAPs can use user agent strings to extract operating systems and device descriptions of its clients and then populate the Device Description and Device OS fields in Clients gt Client Detail APs Devices gt Audit Dell PowerConnect W Instant configuration fetching can be performed in APs Devices gt Audit The running configuration is stored on the IAP and verified by the template Dell PowerConnect W AirWave 7 4 User Guide Setting Up Dell PowerConnect W Instant in AirWave 299 APs Devices gt Monitor gt Radio Statistics The
583. you to specify the nature of the rogue device in multiple ways Client on Rogue This trigger type indicates that a client has associated to a rogue AP Available conditions include rogue classification and whether the client is valid b Repeat this procedure for as many triggers and conditions as desired Refer to the start of Creating New Triggers on page 187 to create a new trigger Dell PowerConnect W AirWave 7 4 User Guide Performing Daily Administration in AirWave 193 Setting Triggers for AirWave Health After completing steps 1 3 in Creating New Triggers on page 187 perform the following steps to configure IDS related triggers a Choose the Disk Usage trigger type from the drop down Type menu See Figure 133 for trigger types Table 114 describes the condition settings for this trigger type Table 114 Disk Usage Trigger and Condition Settings AirWave Health Trigger Description Disk Usage This trigger type is based on the disk usage of AirWave This type of trigger indicates that disk usage for the AirWave server has met or surpassed a defined threshold Select Add New Trigger Condition to specify the disk usage characteristics that trigger an alert Set one of these triggers at 90 so you receive a warning before AMP suffers performance degradation due to lack of disk space b Repeat this procedure for as many triggers and conditions as desired Refer to the start of Creating New Triggers
584. yslog messages and SNMP traps that AMP receives from the trigger type Device Event These device events are listed by time type source device AP severity facility category and message Most columns can be filtered using the funnel icon F and messages can be filtered by substring using the Search field as seen in Figure 129 You can change the historical data retention from the Device Events Syslog Traps field in AMP Setup gt General Figure 129 System gt Syslog amp Traps Page Illustration Device Events 1 10 w of 41967 Device Events Page 1 wof4197 gt gt Reset filters Choose columns Time w Type Y Source Device w AP w User Severity w Facility w Category w Message 5 24 2011 7 40 PM SNMP Trap lt Unknown gt 00 24 6c c4 c1 50 testdomain AP Status wisxNAccessPointIsDown wisxTrapAPM wisxTrap Time 5 24 2011 22 41 25 U1 5 24 2011 7 40 PM SNMP Trap lt Unknown gt ap125 c0 50 78 AP Status wisxNAccessPointisDown wisxTrapAPM wisxTrap Time 5 24 2011 22 41 25 U1 5 24 2011 7 40 PM SNMP Trap lt Unknown gt 00 24 6c c4 c1 50 testdomain Rogue Detection wisxAPEntryChanged wisxTrapAPMacA wisxTrap Time 5 24 2011 22 41 25 U1 delete 2 wisxTrap TableGenNumber 0 5 24 2011 7 40 PM SNMP Trap lt Unknown gt ap125 c0 50 78 Rogue Detection wisxAPEntryChanged wisxTrapAPMacAi wisxTrap Time 5 24 2011 22 41 25 U1 delete 2 wisxTrap TableGenNumber 0 5 24 2011 7 39 PM SNMP Trap lt Unknown gt 00 1a 1e c0 2b 34
Download Pdf Manuals
Related Search