Dell PowerConnect W-AirWave 7.
Copyright © 2013 Aruba Networks, Inc. Aruba Networks trademarks include , Aruba Networks®, Aruba Wire® less Networks , the registered Aruba the Mobile Edge Company logo, and Aruba Mobility Management System®. Dell™, the DELL™ logo, and PowerConnect™ are trademarks of Dell Inc. All rights reserved. Specifications in this manual are subject to change without notice. Originated in the USA. All other trademarks are the property of their respective owners.
Contents Introduction A Unified Wireless Network Command Center 1 1 AirWave Management Platform 1 VisualRF 2 RAPIDS 2 Master Console and Failover 3 Integrating AirWave into the Network and Organizational Hierarchy Administrative Roles Configuring AirWave 3 4 5 Before You Begin 5 Formatting the Top Header 5 Customizing Columns in Lists 7 Resetting Pagination Records 8 Using the Pagination Widget 9 Using Export CSV for Lists and Reports 9 Defining Graph Display Preferences 10 Cust
Primary Network Interface Settings 25 Secondary Network Interface Settings 26 Network Time Protocol (NTP) Settings 26 Static Routes 27 Creating AirWave Users 27 AirWave User Roles 29 User Roles and VisualRF 29 Creating AirWave User Roles 29 Configuring Login Message, TACACS+, RADIUS, and LDAP Authentication Setting Up Login Configuration Options 34 Setting Up Single Sign-On 34 Setting Up Certificate Authentication 34 Specifying the Authentication Priority 35 Configuring RADIUS Authen
Enabling or Disabling PCI Auditing Deploying WMS Offload 56 57 Overview of WMS Offload in AirWave 57 General Configuration Tasks Supporting WMS Offload in AirWave 58 Additional Information Supporting WMS Offload 58 Configuring and Using Device Groups AirWave Groups Overview Viewing All Defined Device Groups 59 60 61 Configuring Basic Group Settings 62 Adding and Configuring Group AAA Servers 69 Configuring Group Security Settings 70 Configuring Group SSIDs and VLANs 74 Configuring Radio Se
Adding Multiple Devices from a CSV File 110 Adding Universal Devices 111 Assigning Devices to the Ignored Page 112 Unignoring a Device 112 Monitoring Devices 113 Viewing Device Monitoring Statistics 113 Understanding the APs/Devices > Monitor Pages for All Device Types 114 Monitoring Data Specific to Wireless Devices 115 Evaluating Radio Statistics for an AP 120 Overview of the Radio Statistics Page 121 Viewing Real-Time ARM Statistics 121 Issues Summary section 121 802.
Using Directives to Eliminate Reporting of Configuration Mismatches 157 Ignore_and_do_not_push Command 158 Push_and_exclude Command 158 Using Conditional Variables in Templates 158 Using Substitution Variables in Templates 159 Configuring Templates for Dell PowerConnect W-Instant 160 Configuring Templates for AirMesh 161 Configuring Cisco IOS Templates 162 Applying Startup-config Files 162 WDS Settings in Templates 162 SCP Required Settings in Templates 163 Supporting Multiple Radio Ty
Viewing Device Events in System > Syslog & Traps 189 Using the System > Event Log Page 190 Viewing, Delivering, and Responding to Triggers and Alerts 191 Viewing Triggers 191 Creating New Triggers 191 Setting Triggers for Devices 194 Setting Triggers for Interfaces and Radios 195 Setting Triggers for Discovery 196 Setting Triggers for Clients 196 Setting Triggers for RADIUS Authentication Issues 197 Setting Triggers for IDS Events 198 Setting Triggers for AirWave Health 198 Deliverin
Using the System > Performance Page Supporting AirWave Servers with the Master Console 226 229 Using the Public Portal on Master Console 230 Adding a Managed AMP with the Master Console 230 Using Global Groups with Master Console 231 Backing Up AirWave 232 Viewing and Downloading Backups 232 Running Backup on Demand 232 Restoring from a Backup 232 Using AirWave Failover for Backup 233 Navigation Section of AirWave Failover 233 Adding Watched AirWave Stations 233 Logging out of AirWave
Using VisualRF 265 Features 266 Useful Terms 266 Starting VisualRF 267 Basic QuickView Navigation 267 Network View Navigation 268 Type section 268 Floors section 269 Frequencies section 269 Display Menu 269 Device Types section 269 Floorplan Features section 269 Relations section 269 Edit Menu 270 Mesh View Navigation Using the Settings in the VisualRF > Setup Page 271 272 Server Settings 273 Location Settings 274 Location Calculation Timer Settings 275 Attenuation Settin
Creating a New Building in a Campus 295 Importing a Floor Plan 297 Editing a Floor Plan Image 298 Cropping the Floor Plan Image 298 Sizing a Non-CAD Floor Plan 299 Removing Color from a Floor Plan Image 299 Assigning Campus, Building and Floor Numbers 299 Assigning Optional Planner, Owner, or Installer Information for the Floor Plan 300 Controlling the Layers in the Uploaded Floor Plan (CAD only) 300 Error Checking of CAD Images 300 Last Steps in Editing an Uploaded Image 301 Provision
xii | Dell PowerConnect W-AirWave 7.
Chapter 1 Introduction Thank you for choosing Dell PowerConnect W-AirWave. AirWave makes it easy and efficient to manage your wireless network by combining industry-leading functionality with an intuitive user interface, enabling network administrators and helpdesk staff to support and control even the largest wireless networks in the world. The User Guide provides instructions for the installation, configuration, and operation of AirWave.
l l l Core network management functionality: n Network discovery n Configuration of APs & controllers n Automated compliance audits n Firmware distribution n Monitoring of every device and user connected to the network n Real-time and historical trend reports Granular administrative access n Role-based (for example, Administrator contrasted with Help Desk) n Network segment (for example, Retail Store network contrasted with Corporate HQ network) Flexible device support n Thin, thick, mes
Master Console and Failover The Dell PowerConnect W-AirWave Master Console and Failover tools enable network-wide information in easy-tounderstand presentation, to entail operational information and high-availability for failover scenarios.
Administrative Roles The flexibility of AirWave enables it to integrate seamlessly into your business hierarchy as well as your network topology. AirWave facilitates various administrative roles to match each individual user's role and responsibility: l A Help Desk user may be given read-only access to monitoring data without being permitted to make configuration changes. l A U.S.
Chapter 2 Configuring AirWave This section contains the following procedures to deploy initial AirWave configuration: l "Formatting the Top Header" on page 5 l "Customizing Columns in Lists" on page 7 l "Resetting Pagination Records" on page 8 l "Using the Pagination Widget" on page 9 l "Using Export CSV for Lists and Reports" on page 9 l "Defining Graph Display Preferences" on page 10 l "Customizing the Dashboard" on page 10 l "Setting Severe Alert Warning Behavior" on page 15 l "Defining
devices, and serve as shortcuts to frequently viewed subtabs. Figure 1 illustrates the navigation bar. More information on hyperlinks, tabs, and subtabs is a available in the Dell PowerConnect W-AirWave 7.6 Installation Guide. Figure 1: Navigation Bar Displaying Down Device Statistics You can control the Top Header Stats links that appear from the AMP Setup > General page, as described in "Defining General AirWave Server Settings" on page 16.
Figure 2: Home > User Info Top Header Stats Display Options You can also set the severity level of critical alerts displayed for a user role. For details including a description of what constitutes a severe alert, see "Setting Severe Alert Warning Behavior" on page 15. Customizing Columns in Lists Customize the columns for any list table selecting Choose Columns, as shown in the figure below. Use the up/down arrows to change the order in which the column heads appear.
More information about the universal list elements is available in Common List Settings in the Dell PowerConnect W-AirWave 7.6 Installation Guide. You can also control which column heads appear for each user role. Navigate to the Home > User Info page, and then select Yes in the Customize Columns for Other Roles field. This exposes the Choose Columns for Roles drop down menu in all tables shown in Figure 4. The first column shows the user roles that were customized, if any.
Figure 6: Home > User Info > Display Preferences section Using the Pagination Widget The pagination widget is located at the top and bottom of every list table, as shown in Figure 7. Figure 7: Pagination Widget Use the down arrow next to Page 1 to see all the page numbers for that table in a drop down menu. From here, you can jump to any portion of the table. Select the > symbol to jump to the next page, and >| to jump to the last page.
Defining Graph Display Preferences Many of the graphs in AirWave are Flash-based, which allows you to adjust the graph settings attributes as shown in Figure 9. Figure 9: Interactive Graphs on the Home > Overview Page This Flash-enabled GUI allows for custom settings and adjustments as follows: l Drag the slider at the bottom of the screen to move the scope of the graph between one year ago and the current time. l Drag the slider between graphs to change the relative sizes of each.
Figure 11: Customize Overview Page Adding Widgets The Available Widgets section on the left holds all available graphical elements (widgets). Select any blue widget tile with a verbal description enclosed, and it immediately turns into a graphical element with a description. Drag the widgets you want to appear on the Home > Overview dashboard across to the gridlines and arrange them in the right section, within the gridlines.
Widget Description The Configuration Compliance pie shows the percentage of devices that are mismatched, good, unknown, and those with auditing disabled. It also provides a summary of the total number of devices that are mismatched. Clicking within this pie chart takes you to the APs/Devices > Mismatch page. These pie charts are enabled by default.
Widget Description Top Folders By AP Usage This chart lists the folders and the number of APs in each folder whose usage is greater than the cutoff (or usage threshold). The cutoff represents 75% of the maximum usage, where the maximum usage is the AP with the highest usage regardless of the folder in which it resides. The cutoff value is displayed within the title, and this value can vary. The chart takes into account approved APs with radios based on the last 24 hours.
Widget Description Clients By Mfgr & Model This pie chart shows the percentage of clients that have attached to AirWave over the last 24 hours based on the client manufacturer and model. Clients By Device OS This pie chart shows the percentage of clients that have attached to AirWave over the last 24 hours based on the device operating system (such as Windows or Android).
Setting Severe Alert Warning Behavior You can control the alert levels you can see on the Alerts top header stats link from the Home > User Info page. The Severe Alert Threshold determines the severity level that results in a Severe Alert. Specify either Normal, Warning, Minor, Major, or Critical as the severity alert threshold value. These threshold values are tied to triggers that are created on the System > Triggers page.
Defining General AirWave Server Settings This section describes all pages accessed from the AMP Setup tab. It also describes two pages in the Device Setup tab: the Communication and Upload Files pages. After required and optional configuration tasks in this chapter are complete, continue to later chapters in this document to create and deploy device groups and device configuration and discovery on the network.
Table 3: AMP Setup > General > General Section Fields and Default Values Setting Default Description Defines your name for your AirWave server, with a maximum limit of 20 alphanumeric characters. System Name Access Points Sets the device group that this AirWave server uses as the default for devicelevel configuration. Select a device group from the drop-down menu. A group must first be defined on the Groups > List page to appear in this drop-down menu. For additional information, refer to.
Setting Default Description Add New Thin APs Location New Device List Globally add new thin APs to: l The New Devices list. l The same folder and group as the discovering device. l The same group and folder of their closest IP neighbor on the same subnet. l Choose a group and folder. If you select this option, enter the folder/group in the Auto Authorization Group and Auto Authorization Folder fields that display. NOTE: This setting can be overridden in Groups > Basic.
Display Settings On the AMP Setup > General page, locate the Display section and select the options to appear by default in new device groups. NOTE: Changes to this section apply across all of AirWave. These changes affect all users and all new device groups. Table 6 describes the settings and default values in this section. Table 6: AMP Setup > General > Display Fields and Default Values Setting Default Description No Sets AirWave to use fully qualified domain names for APs instead of the AP name.
Table 7: AMP Setup > General > Device Configuration Section Fields and Default Values Setting Default Description Guest User Configuration Disabled Enables or prevents guest users to/from pushing configurations to devices. Options are Disabled (default), Enabled for Devices in Manage (Read/Write), Enabled for all Devices.
button after enabling any of the logging options. Table 9: AMP Setup > General > External Logging Section Fields and Default Values Setting Default Description Syslog Server N/A Enter the IP address of the syslog server. Note that this field is hidden if both "Include event log messages" and "Include audit log messages" are set to No. Syslog Port 514 Enter the port of the syslog server.
Setting Default Description Automatically Acknowledge Alerts (0-550 days, zero disables) 14 Defines automatically acknowledged alerts as the number of days AirWave retains alerts that have been automatically acknowledged. Setting this value to 0 disables this function, and alerts will never expire or be deleted from the database. Acknowledged Alerts (0-550 days, zero disables) 60 Defines the number of days AirWave retains information about acknowledged alerts.
Firmware Upgrade Defaults Locate the Firmware Upgrade Defaults section and adjust settings as required. This section allows you to configure the default firmware upgrade behavior for AirWave. Table 11 describes the settings and default values of this section. Table 11: AMP Setup > General > Firmware Upgrade Defaults Fields and Default Values Setting Default Description Allow firmware upgrades in monitoronly mode No If Yes is selected, AirWave upgrades the firmware for APs in Monitor Only mode.
Setting Default Description button prompts you with To and From fields in which you must enter valid email addresses. Process user roaming traps from Cisco WLC Yes Whether AirWave should parse client association and authentication traps from Cisco WLC controllers to give real time information on users connected to the wireless network. Enable AMON data collection Yes Allows AirWave to collect enhanced data from Dell PowerConnect W-Series devices on certain firmware versions.
Setting Default Description RAPIDS Processing Priority Low Defines the processing and system resource priority for RAPIDS in relation to AirWave as a whole. When AirWave is processing data at or near its maximum capacity, reducing the priority of RAPIDS can ensure that processing of other data (such as client connections and bandwidth usage) is not adversely impacted. The default priority is Low. You can also tune your system performance by changing group poll periods.
Table 14: Primary Network Interface Fields and Default Values Setting Default Description IP Address None Sets the IP address of the AirWave network interface. NOTE: This address must be a static IP address. Hostname None Sets the DNS name assigned to the AirWave server. Subnet Mask None Sets the subnet mask for the primary network interface. Gateway None Sets the default gateway for the network interface. Primary DNS IP None Sets the primary DNS IP address for the network interface.
Static Routes On the AMP Setup > Network page, locate the Static Routes area. This section displays network, subnet mask, and gateway settings that you have defined elsewhere from a command-line interface. NOTE: This section does not enable you to configure new routes or remove existing routes. What Next? l Go to additional tabs in the AMP Setup section to continue additional setup configurations. The next section describes AirWave roles.
Figure 17: AMP Setup > Users > Add/Edit User Page Illustration 3. Enter or edit the settings on this page. Table 17 describes these settings in additional detail. Table 17: AMP Setup > Users > Add/Edit User Fields and Default Values Setting Default Description Username None Sets the username as an alphanumeric string. The Username is used when logging in to AirWave and appears in AirWave log files.
NOTE: AirWave enables user roles to be created with access to folders within multiple branches of the overall hierarchy. This feature assists non-administrator users who support a subset of accounts or sites within a single AirWave deployment, such as help desk or IT staff. What Next? l Go to additional tabs in the AMP Setup section to continue additional setup configurations. l Complete the required configurations in this chapter before proceeding.
Figure 19: AMP Setup > Roles > Add/Edit Role Page Illustration 3. Enter or edit the settings on this page. As explained earlier in this section, Roles define the type of user-level access, the user-level privileges, and the view available to the user for device groups and devices in AirWave. The available configuration options differ for each role type. NOTE: Most users will see two sections on this page: Role and Guest User Preferences.
Setting Default Description Dell Controller Role Disabled Enables or disables Single Sign-On for the role. If enabled, allows the role to directly access Dell controller UIs from the Quick Links or IP Address hypertext throughout AirWave without having to enter credentials for the controller. Allow user to disable timeout No Whether a user can disable AirWave’s timeout feature. Custom Message none A custom message can also be included.
Setting Default Description l l APs or perform OS scans. Read/Write—The user may edit individual rogues, classification, threat levels and notes, and perform OS scans. Administrator—Has the same privileges as the Read/Write user, but can also set up RAPIDS rules, override scores and is the only user who can access the RAPIDS > Setup page. VisualRF Read Only Sets the VisualRF privileges, which are set separately from the APs/Devices.
Setting Default Description Manager Guest Access Sponsor—Limited-functionality role to allow helpdesk or reception desk staff to grant wireless access to temporary personnel. This role only has access to the defined top folder of APs. Top Folder Top Defines the Top viewable folder for the role. The role is able to view all devices and groups contained by the Top folder. The top folder and its subfolders must contain all of the devices in any of the groups it can view.
Setting Up Login Configuration Options On the AMP Setup > Authentication page, administrators can optionally configure AirWave’s user idle timeout or a message-of-the-day that appears when a user first logs in, as shown in Figure 20: Figure 20: Login configuration field and results in AirWave Login page 1. Go to AMP Setup > Authentication. 2.
3. Specify whether to require a certificate in order to authenticate. If Yes, then you can also specify whether to use two-factor authentication. 4. Enter the PEM-encoded CA certificate bundle. 5. Select Save if you are finished or follow the next procedure to specify the authentication priority.
Field Default Description Primary Server Secret N/A Specify and confirm the primary shared secret for the primary RADIUS server. Confirm Primary Server Secret N/A Re-enter the primary server secret. Secondary Server Hostname/IP Address N/A Enter the IP address or the hostname of the secondary RADIUS server. Secondary Server Port (1-65535) 1812 Enter the TCP port for the secondary RADIUS server. Secondary Server Secret N/A Enter the shared secret for the secondary RADIUS server.
Figure 23: AMP Setup > RADIUS > Add RADIUS Accounting Client Page Illustration 1. To specify the RADIUS authentication server or network, browse to the AMP Setup > RADIUS Accounting page, select Add, illustrated in Figure 23, and provide the information in Table 23. 2.
2. Select No to disable or Yes to enable TACACS+ authentication. If you select Yes, several new fields appear. Complete the fields described in Table 24. Table 24: AMP Setup > Authentication Fields and Default Values for TACACS+ Authentication Field Default Description Primary Server Hostname/IP Address N/A Enter the IP address or the hostname of the primary TACACS+ server. Primary Server Port (1-65535) 49 Enter the port for the primary TACACS+ server.
Configuring LDAP Authentication and Authorization LDAP (Lightweight Directory Access Protocol) provides users with a way of accessing and maintaining distributed directory information services over a network. When LDAP is enabled, a client can begin a session by authenticating against an LDAP server which by default is on TCP port 389. Perform these steps to configure LDAP authentication: 1. Go to the AMP Setup > Authentication page. 2.
Field Default Description l l ldap-s results in communication over SSL. start-tls uses certificates to initiate encrypted communication. none If Connection Type is configured as start-tls, then also specify whether the start-tls connection type uses a certificate. l none - The server may provide a certificate, but it will not be verified. This may mean that you are connected to the wrong server. l optional - Verifies only when the servers offers a valid certificate.
l "Configuring Communication Settings for Discovered Devices" on page 41 l "Loading Device Firmware Onto AirWave (optional)" on page 43 Configuring Communication Settings for Discovered Devices To configure AirWave to communicate with your devices, to define the default shared secrets, and to set SNMP polling information, navigate to the Device Setup > Communication page, illustrated in Figure 26.
3. Locate the SNMPv3 Informs section. Select the Add button to reveal configuration options. AirWave users will need to configure all v3 users that are configured on the controller. The SNMP Inform receiver in the AirWave will be restarted when users are changed or added to the controller. l Username - Username of the SNMP v3 user as configured on the controller. l Auth Protocol - Can be MD5 or SHA. The default setting is SHA.
Table 30: Device Setup > Communication > Symbol 4131 and Cisco Aironet IOS SNMP Initialization Fields and Default Values Setting Default Description Do Not Modify SNMP Settings Yes When selected, specifies that AirWave not modify any SNMP settings. If SNMP is not already initialized on the Symbol, Nomadix, and Cisco IOS APs, AirWave is not able to manage them.
Setting Default Description Firmware Version None Displays the firmware version number. This is a user-configurable field. HTML Filename None Supporting HTML, displays the name of the file that was uploaded to AirWave and to be transferred to an AP when the file is used in an upgrade. HTML MD5 Checksum None Supporting HTML, displays the MD5 checksum of the file after it was uploaded to AirWave. The MD5 checksum is used to verify that the file was uploaded to AirWave without issue.
Table 32: Supported Firmware Versions and Features Fields and Default Values Setting Default Description Type Dell PowerConect WSeries Controller Indicates the firmware file is used with the specified type. If you select an IOS device from the Type drop-down menu, you have the option of choosing a server protocol of TFTP or FTP. If you choose FTP, you may later notice that the firmware files are pushed to the device more quickly.
To delete a firmware file that has already been uploaded to AirWave, return to the Device Setup > Upload Firmware & Files page, select the checkbox for the firmware file and select Delete. NOTE: A firmware file may not be deleted if it is the desired version for a group. Use the Group > Firmware page to investigate this potential setting and status. Using Web Auth Bundles in AirWave Web authentication bundles are configuration files that support Cisco WLC wireless LAN controllers.
Figure 29: AMP Setup > Device Type Setup Page Illustration Configuring Cisco WLSE and WLSE Rogue Scanning The Cisco Wireless LAN Solution Engine (WLSE) includes rogue scanning functions that AirWave supports.
Initial WLSE Configuration Use the following general procedures to configure and deploy a WLSE device in AirWave: l "Adding an ACS Server for WLSE" on page 48 l "Enabling Rogue Alerts for Cisco WLSE" on page 48 l "Configuring WLSE to Communicate with APs" on page 48 l "Discovering Devices" on page 48 l "Managing Devices" on page 49 l "Inventory Reporting" on page 49 l "Defining Access" on page 49 l "Grouping" on page 49 Adding an ACS Server for WLSE 1.
Managing Devices Prior to enabling radio resource management on IOS access points, the access points must be under WLSE management. NOTE: AirWave becomes the primary management/monitoring vehicle for IOS access points, but for AirWave to gather Rogue information, the WLSE must be an NMS manager to the APs. Use these pages to make such configurations: 1. Go to Device > Discover > Advanced Options. 2. Select the method to bring APs into management Auto, or specify via filter.
4. Select Specified Discovery, and enter the IP address of the Primary WDS device (AP or WLSM). 5. Enter the Username and Password for the WLSE server. Primary or Secondary WDS Perform these steps to configure primary or secondary functions for WDS. 1. Go to the Wireless Services > WDS > General Setup page. 2. If the AP is the Primary or Backup WDS, select Use the AP as Wireless Domain Services. n Select Priority (set 200 for Primary, 100 for Secondary).
Figure 30: AMP Setup > WLSE > Add New WLSE Page Illustration Perform the following steps for optional configuration of AirWave for support of Cisco WLSE rogue scanning. 1. To add a Cisco WLSE server to AirWave , navigate to the AMP Setup > WLSE page and select Add. Complete the fields in this page. Table 34 describes the settings and default values.
2. After you have completed all fields, select Save. AirWave is now configured to gather rogue information from WLSE rogue scans. As a result of this configuration, any rogues found by WLSE appear on the RAPIDS > List page. What Next? l Go to additional tabs in the AMP Setup section to continue additional setup configurations. l Complete the required configurations in this chapter before proceeding. Dell support remains available to you for any phase of AirWave installation.
Table 35: AMP Setup > ACS > Add/Edit Details Fields and Default Values Field Default Description IP/Hostname None Sets the DNS name or the IP address of the ACS Server. Protocol HTTP Launches a drop-down menu specifying the protocol AirWave uses when it polls the ACS server. Port 2002 Sets the port through which AirWave communicates with the ACS. AirWave generally communicates via SNMP traps on port 162. Username None Sets the Username of the account AirWave uses to poll the ACS server.
Table 36: AMP Setup > NMS Integration Add/Edit Fields and Default Values Setting Default Description Hostname None Cites the DNS name or the IP address of the NMS. Port 162 Sets the port AirWave uses to communicate with the NMS. NOTE: AirWave generally communicates via SNMP traps on port 162. Community String None Sets the community string used to communicate with the NMS. SNMP Version 2C Sets the SNMP version of the traps sent to the Host.
PCI Auditing PCI Auditing in AirWave allows you to monitor, audit, and demonstrate PCI compliance on the network. There are five primary pages in which you establish, monitor, and access PCI auditing, as follows: l The AMP Setup > PCI Compliance page enables or disables PCI Compliance monitoring on the network, and displays the current compliance status on the network. See "Enabling or Disabling PCI Auditing" on page 56.
Requirement Description 4.1.1 Using strong encryption in wireless networks When Enabled: PCI Requirement 4 establishes the standard by which payment cardholder data is encrypted prior to transmission across open public networks. PCI disallows WEP encryption as an approved encryption method after June 20, 2010. A device fails requirement 4.1.1 if the desired or actual configuration reflect that WEP is enabled on the network, or if associated users can connect with WEP.
Figure 35: Default Credential Compliance for PCI Requirements 4. Select Save. 5. To view and monitor PCI auditing on the network, use generated or daily reports. See Creating, Running, and Emailing Reports. In addition, you can view the real-time PCI auditing of any given device online. Perform these steps: a. Go to the APs/Devices > List page. b. Select a specific device. The Monitor page for that device displays. The APs/Devices page also displays a Compliance subtab in the menu bar. c.
General Configuration Tasks Supporting WMS Offload in AirWave WMS Offload must be enabled with a six-fold process and related configuration tasks as follows: 1. Configure WLAN switches for optimal AirWave monitoring. a. Disable debugging. b. Ensure AirWave server is a trap receiver host. c. Ensure proper traps are enabled. 2. Configure AirWave to optimally monitor the AirWave infrastructure. a. Enable WMS offload on the AMP Setup > General page. b. Configure SNMP communication. c.
Chapter 3 Configuring and Using Device Groups This chapter describes the deployment of device groups within AirWave. The section below describes the pages or focused subtabs available on the Groups tab. Note that the available subtabs can vary significantly from one device group to another—one or more subtabs may not appear, depending on the Default Group display option selected on the AMP Setup > General page and the types of devices you add to AirWave.
APs tab, can now be performed from Modify Devices on the APs/Devices > List page. Refer to "Cisco WLC Group Configuration" on page 81. l PTMP—This page defines settings specific to Proxim MP devices when present. As such, this page is only available when a Proxim MP device is added to this group. Refer to "Configuring Group PTMP Settings" on page 88. l Proxim Mesh—This page defines mesh AP settings specific to Proxim devices when present. Refer to "Configuring Proxim Mesh Radio Settings" on page 89.
Individual device settings—such as device name, RF channel selection, RF transmission power, antenna settings, and so forth—typically should not be managed at a group level and must be individually configured for optimal performance. Individual AP settings are configured on the APs/Devices > Manage page. You can create as many different groups as required. Administrators usually establish groups that range in size from five to 100 wireless devices.
Column Description the controller. That controller may report that the thin AP is down or is no longer on the controller. At this point, AirWave classifies the device as down. Mismatched The number of devices within the group that are in a mismatched state. Ignored The number of ignored devices in that group. Clients The number of mobile users associated with all access points within the group.
Figure 39: Groups > Basic Page Illustration 3. Define the settings in the Basic and Global Group sections. Table 39 describes several typical settings and default values of this Basic section. Table 39: Basic and Global Groups Fields and Default Values Setting Default Description Name Defined when first adding the group Displays or changes the group name.
Setting Default Description Regulatory Domain United States Sets the regulatory domain in AirWave, limiting the selectable channels for APs in the group. Timezone AMP System Time Allows group configuration changes to be scheduled relative to the time zone in which the devices are located. This setting is used for scheduling group-level configuration changes. Allow One-toOne NAT No Allows AirWave to talk to the devices on a different IP address than the one configured on the device.
Setting Default Description CDP Neighbor Data Polling Period 30 minutes Sets the frequency in which this group polls the network for Cisco Discovery Protocol (CDP) neighbors. Mesh Discovery Polling Period 15 minutes Sets time between SNMP polls for Mesh Device Discovery. 5. To configure support for routers and switches in the group, locate the Routers and Switches section and adjust these settings as required. This section defines the frequency in which all devices in the group polled.
Setting Default Description l l on this AMP l l l Selected Device Types N/A All Devices—AirWave displays all Group tabs and setting options. Only devices in this group—AirWave hides all options and tabs that do not apply to the devices in the group. If you use this setting, then to get the group list to display the correct SSIDs for the group, you must Save and Apply on the group. Only devices on this AMP— hides all options and tabs that do not apply to the APs and devices currently on AirWave.
Setting Default Description Bridge Maximum Age 20 Sets the maximum time, in seconds, that the device stores protocol information. The supported range is from 6 to 40. Bridge Hello Time 2 Sets the time, in seconds, between Hello message broadcasts. Bridge Forward Delay 15 Sets the time, in seconds, that the port spends in listening and learning mode if the spanning tree has changed. 10. To configure Network Time Protocol (NTP) settings locate the NTP section and adjust these settings as required.
NOTE: When configuring Cisco WLC controllers, refer to "Configuring Wireless Parameters for Cisco Controllers" on page 87. 13. To configure settings specific to Aruba locate the Aruba section and adjust these settings as required. Table 48 describes the settings and default values of this section. Table 48: Aruba Fields and Default Values Setting Default Description SNMP Version 2c The version of SNMP used by AirWave to communicate to the AP.
17. The specify the Virtual Controller Certificates to be applied to this group, locate the Virtual Controller Certificates settings section and adjust these settings as desired. Table 50 describes the settings and default values. Table 50: Virtual Controller Certificate Fields and Default Values Setting Default Description CA Cert None Specify a CA certificate for the virtual controller.
Figure 40: Groups > AAA Servers Page Illustration 3. To add a RADIUS server or edit an existing server, select Add New RADIUS Server or the corresponding pencil icon to edit an existing server. Table 51 describes the settings and default values of the Add/Edit page. Table 51: Adding a RADIUS Server Fields and Default Values Setting Default Description Hostname/IP Address None Sets the IP Address or DNS name for RADIUS Server. NOTE: IP Address is required for Proxim/ORiNOCO and Cisco Aironet IOS APs.
1. Select the device group for which to define security settings from the Groups > List page. 2. Go to Groups > Security. Some controls on this page interact with additional AirWave pages. Figure 41 illustrates this page and Table 52 explains the fields and default values. Figure 41: Groups > Security Page Illustration Table 52: Groups > Security Page Fields and Default Values Setting Default Description Enabled This field enables support for VLANs and multiple SSIDs on the wireless network.
Setting Default Description WEP Key Rotation Interval 300 Sets the frequency at which the Wired Equivalent Privacy (WEP) keys are rotated in the device group being configured. The supported range is from 0 to 10,000,000 seconds. RADIUS Authentication Servers Section RADIUS Authentication Server #1 - #4 Not selected Defines one or more RADIUS Authentication servers to be supported in this device group. Select up to four RADIUS authentication servers from the four drop-down menus.
Table 53: Groups > Security Encryption Mode settings Setting Default Description Encryption Mode Optional WEP, Require WEP, Require 802.1X, Require LEAP, Require 802.1X + WEP, Require 802.
Setting Default Description WPA1 Cipher (Cisco WLC Only) TKIP NOTE: This drop down is only available if WPA2 WPA Compatibility Mode is Yes. Unicast Cipher (Cisco Only) AES/TKIP WPA Preshared Key (Alphanumeric) None Encryption Mode xSec xSec None 3. Select Save to retain these security configurations for the group, select Save and Apply to make the changes permanent, or select Revert to discard all unapplied changes. 4.
Table 54: Groups > SSIDs Fields and Descriptions Field Description SSID Displays the SSID associated with the VLAN. VLAN ID Identifies the number of the primary VLAN SSID on which encrypted or unencrypted packets can pass between the AP and the switch. Name Displays the name of the VLAN. Encryption Mode Displays the encryption on the VLAN. First or Second Radio Enabled Enables the VLAN, SSID and Encryption Mode on the radio control.
Setting Default Description Enable VLAN Tagging (Cisco WLC, Proxim, Symbol only) Enables or disables VLAN tagging. Displays if Specify Interface Name is set to No. VLAN ID (1-4094) None Indicates the number of the VLAN designated as the Native VLAN, typically for management purposes. Displays if Specify Interface Name is set to No and Enable VLAN Tagging is set to Yes. Interface management Sets the interface to support the SSID/VLAN combination.
Setting Default Description l l l l l l l LEAP+WEP—Combines the two encryption types shown Static CKIP—Cisco Key Integrity Protocol WPA—Wi-Fi Protected Access protocol WPA/PSK—Combines WPA with Pre-Shared Key encryption WPA2—Wi-Fi Protected Access 2 encryption WPA2/PSK—Combines the two encryption methods shown xSec—FIPS-compliant encryption including Layer 2 header info 6. Locate the EAP Options area on the Groups > SSIDs page, and complete the settings.
Setting Default Description None Sets the Accounting Profile Index for Proxim AP-600, AP-700, AP-2000, AP-4000. (Proxim Only) Accounting Profile Index (Proxim Only) 10. Select Add when you have completed all sections. This returns you to the Groups > SSIDs page. What Next? l Select Save to retain these SSID configurations for the group, select Save and Apply to make the changes permanent, or select Revert to discard all unapplied changes.
Table 60: Groups > Radio > Radio Settings Fields and Default Values Setting Default Description No If enabled, whenever the AP is rebooted it uses its radio to scan the airspace and select its optimal RF channel based on observed signal strength from other radios. NOTE: If you enable this feature, AirWave automatically reboots the APs in the group when the change is implemented. 802.11b Data Rates (Mbps) Required: l 1.0 l 2.0 Optional: l 5.5 l 11.
To configure these settings, locate the proprietary settings areas on the Groups > Radio page and continue with the additional steps in this procedure. NOTE: Proprietary settings are only applied to devices in the group from the specific vendor and are not configured on devices from vendors that do not support the functionality. 5.
Table 62: Groups > Radio > Proxim 4900M Fields and Default Values Setting Default Description 4.9GHz Public Safety Channel Bandwidth 20 This setting specifies the channel bandwidth for the 4.9 GHz radio. It is only applicable if you are running the 802.11a/4.9GHz radio in 4.9GHz mode. 802.11a/4.9GHz Public Safety Operational Mode 802.11a This setting specifies if the AP will run the 802.11a/4.9GHz radio in 802.11a mode or in 4.9 GHz mode. Please note that 4.
Navigating Cisco WLC Configuration The navigation pane on the left side of the Groups > Cisco WLC Config page is expandable, and displays the Cisco configurations supported and deployed. Figure 45 and Figure 46 illustrate this navigation pane. You can pre-populate the group WLC settings from a controller in the same group by performing an import on the controller’s Audit page.
3. To add or edit SSIDs or VLANs that are dedicated to Cisco WLC devices, either select the Add button, or select the pencil icon for an existing SSID/VLAN. A new page appears comprised of four tabs, as follows: n General—Defines general administrative parameters for the Cisco WLC WLAN. n Security—Defines encryption and RADIUS servers. n QoS—Defines quality of service (QoS) parameters for the Cisco WLC WLAN.
Figure 49: Groups > Cisco WLC Config > WLANs > Add New SSID/VLAN > Security Tab Illustration Figure 50: Groups > Cisco WLC Config > WLANs > Add New SSID/VLAN > QoS Tab Illustration 84 | Configuring and Using Device Groups Dell PowerConnect W-AirWave 7.
Figure 51: Groups > Cisco WLC Config > WLANs > Add New SSID/VLAN > Advanced Tab Illustration Defining and Configuring LWAPP AP Groups for Cisco Devices The Groups > Cisco WLC Config > WLANs > Advanced > AP Groups page allows you to add/edit/delete AP Groups on the Cisco WLC. LWAPP AP Groups are used to limit the WLANs available on each AP. Cisco thin APs are assigned to LWAPP AP Groups. Viewing and Creating Cisco AP Groups 1.
Figure 52: Groups > Cisco WLC Config > WLANS > Advanced > AP Groups Page Illustration 2. To add a new LWAPP AP group, select Yes in the AP Groups section. Additional controls appear. 3. Select Add to create a new LWAPP AP group. To edit an existing LWAPP AP group, select the pencil icon next to that group. Add one or more SSIDs and the interface/VLAN ID mapping on the Add/Edit page of the LWAPP AP Group. 4.
Figure 53: Groups > Cisco WLC Config > Controller Navigation Configuring Wireless Parameters for Cisco Controllers This section illustrates the configuration of Wireless settings in support of Cisco WLC controllers. The navigation for Wireless settings is illustrated in Figure 54. Figure 54: Groups > Cisco WLC Config > Wireless Navigation Illustration Configuring Cisco WLC Security Parameters and Functions AirWave enables you to configure many security settings that are specific to Cisco WLC controllers.
Figure 55 illustrates these components and this navigation: Figure 55: Groups > Cisco WLC Config > Security Navigation Illustration Configuring Management Settings for Cisco WLC AirWave allows you to configure of SNMP and Syslog Server settings for Cisco WLC controllers. You can configure up to four trap receivers on the Cisco WLC including the AMP IP that can be used in Global Groups. To define SNMP and server settings, go to the Groups > Cisco WLC Config > Management page, illustrated in Figure 56.
Figure 57: Groups > PTMP Page Illustration 3. Define the settings on this page. Table 64 describes the settings and default values. Table 64: Groups > PTMP Fields and Default Values Setting Default Description 802.11a Radio Channel 58 Selects the channel used for 802.11a radios by the devices in this group. 802.11g Radio Channel 10 Selects the channel used for 802.11g radios by the devices in this group. Channel Bandwidth 20 Defines the channel bandwidth used by the devices in this group.
The General section contains settings for mesh radio, number of mesh links, RSSI smoothing, roaming threshold and de-auth client. Table 65: Groups > Proxim Mesh > General Fields and Default Values Setting Default Description Mesh Radio 4.9/5Ghz Drop-down selects the radio that acts as the backhaul to the network. Maximum Mesh Links (1-32) 6 Sets the maximum number of mesh links allowed on an AP. This number includes the uplink to the portal as well as downlinks to other mesh APs.
Setting Default Description 7 Specifies the importance given to the most recently observed Medium Occupancy against all of the previously viewed medium occupancies. Lower values place more importance on previously observed Medium Occupancies. Factor (0-10) Current Medium Occupancy Weight (0-9) 4. Select Save when configurations are complete to retain these settings. Select Save and Apply to make the changes permanent, or select Revert to discard all unapplied changes.
Figure 60: Groups > Firmware Page Illustration 2. For each device type in the group, specify the minimum acceptable firmware version. If no firmware versions are listed, go to the Device Setup > Upload Firmware & Files configuration page to upload the firmware files to AirWave. 3. Select Upgrade to apply firmware preferences to devices in the group. 4. Select Save to save the firmware file as the desired version for the group. 5.
This topic presumes that at least two device groups are at least partly configured in AirWave, each with saved configurations. Perform the following steps to compare two existing device groups: 1. From the Groups > List page, select the Compare two groups link. Two drop-down menus appear. 2. Select the two groups to compare in the drop-down menus, and select Compare. The Compare page appears, displaying some or many configuration categories. Figure 61 illustrates this page.
2. Ensure that the group you wish to delete is not marked as the default group. (See the AMP Setup > General page.) AirWave does not permit you to delete the current default group. 3. Ensure that there are no devices in the group that you want to delete. AirWave does not permit you to delete a group that still contains managed devices. You must move all devices to other groups before deleting a group. 4.
NOTE: You cannot apply Dell PowerConnect W Config changes to other groups. If the only changes on the configuration page are to PowerConnect W-Seriesdevices, the list of groups and the preview button will not appear. n Scheduling Options — Schedules the changes to be applied to this group in the future. Enter the desired change date in the Start Date/Time field. You can also specify if this is a one-time schedule or a recurring schedule. Recurring options are Daily, Weekly, Monthly, and Annually.
Figure 63: Modify Multiple Devices Section Illustration 3. Select one or more devices that are to share the configurations. Select the checkbox for each device to modify. 4. In the Modify Multiple Devices section, select any button or use any drop-down menu for the supported changes. Any action you take applies to all selected devices. Each action you take will direct you to a new configuration page, or prompt you with a confirmation page to confirm your changes. 5.
Action Description Planned Maintenance Mode Puts the selected devices into Planned Maintenance. During the maintenance mode, no AP Down triggers will be deployed on these devices. Users will not be able to delete folders that contain devices in Planned Maintenance. The devices in Planned Maintenance will show the Up status, but will not be tracked in historical graphs and logs as Up. Desired Radio Status Enables or disables the radios on the selected device. Does not apply Cisco IOS APs.
Action Description Cancel firmware upgrade for selected devices Cancels any firmware upgrades that are scheduled or in progress for the selected APs. Rename devices Rename all the selected devices in bulk. Note that you can also rename the devices one at a time using the editable Name fields in each row. Delete selected devices from AMP Removes the selected APs from AirWave. The deletes will be performed in the background and may take a minute to be removed from the list.
select Add). Global templates are also configurable as part of Global Groups; for more information, see Creating and Using Templates. l Once Global Groups have been configured, groups may be created or configured to subscribe to a particular Global Group. Go to the Groups > Basic configuration page of a group and locate the Use Global Groups section. Select the Yes radio button and select the name of the Global Group from the drop-down menu. Then select Save and Apply to make the changes permanent.
100 | Configuring and Using Device Groups Dell PowerConnect W-AirWave 7.
Chapter 4 Discovering, Adding, and Managing Devices This chapter describes how to add, configure, and monitor wired and wireless devices, and contains the following sections corresponding to features of the Device Setup and APs/Devices tabs: l "Device Discovery Overview" on page 101 l "Discovering and Adding Devices" on page 101 l "Monitoring Devices" on page 113 l "Configuring and Managing Devices" on page 131 l "Troubleshooting a Newly Discovered Down Device" on page 144 l "Setting up Spectrum
SNMP/HTTP Scanning SNMP/HTTP discovery scanning is the primary method for discovering devices on your network, including rogue devices. Enable this scanning method from the Device Setup > Discover page. NOTE: This page is only visible to users with the AirWave Administrator role or roles that have Allow authorization of APs/Devices enabled in AMP Setup > Roles.
Adding Credentials for Scanning The next step in SNMP/HTTP device discovery is to define the scan credentials that govern scanning of a given network. New APs inherit scan credentials from the System Credentials that you configure on the Device Setup > Communications page. Perform these steps to define scan credentials for SNMP/HTTP scanning: 1. Locate the Credentials section on the Device Setup > Discover page. (Scroll down if necessary.
Defining a Scan Set Once you have defined at least one network and one scan credential, you can create a scan set that combines the two for device discovery. Perform these steps to create a scan set. 1. Locate the Scan Set area at the top of the Device Setup > Discover page. 2. Select Add New Scan Set to see all scan components configured so far.
4. For future scans, select the Show Scheduling Options link and enter the desired date and time to schedule a future scan. 5. After several minutes have passed, refresh the browser page and view the results of the scan. When the Start and Stop columns display date and time information, the scan is available to display the results. 6. Select the pencil icon for the scan to display the results. Table 69 describes the scan results and related information.
l To delete a device altogether from AirWave, select the corresponding check box for each device, and select Delete. l Dell PowerConnect W-Series thin APs can have Dell PowerConnect W AP Groups specified, and Cisco thin APs can have LWAPP AP Groups specified when they are authorized. The Cisco Discovery Protocol (CDP) CDP uses the polling interval configured for each individual Cisco switch or router on the Groups > List page.
Manually Adding Individual Devices Some deployment situations may require that you manually add devices to AirWave. You can add devices manually by uploading a CSV file, or from the Device Setup > Add page.
Figure 72: Device Setup > Add > Device Communications and Location Sections 3. Complete these Device Communications and Location settings for the new device. Table 70 further describes the contents of this page. Settings may differ from device to device based on the type of device and the features that the device supports. In several cases, the default values from any given device derive from the Device Setup > Communication page.
Setting Default Description supports multiple community strings per AP. Taken from Device Setup > Communication If you are going to manage configuration for the device, this field provides a read-write user account (SNMP, HTTP, and Telnet) within the Cisco Security System for access to existing APs. AirWave initially uses this username and password combination to control the Cisco AP.
6. Select Add to finish adding the devices to the network. Adding Multiple Devices from a CSV File You can add devices in bulk from a CSV file to AirWave. Here you also have the option of specifying vendor name only, and AirWave will automatically determine the correct type while bringing up the device. If your CSV file includes make and model information, AirWave will add the information provided in the CSV file as it did before. It will not override what you have specified in this file in any way.
Figure 73: Device Setup > Add > Import Devices via CSV Page Illustration 3. Select a group and folder into which to import the list of devices. 4. Select Choose File and select the CSV list file on your computer. 5. Select Upload to add the list of devices into AirWave. Adding Universal Devices AirWave gets basic monitoring information from any device including switches, routers and APs whether or not they are supported devices. Entering SNMP credentials is optional.
Assigning Devices to the Ignored Page A device can be assigned to the Ignored page from the APs/Devices > New page. The advantage of having the device be designated in this way, as in the case of a device that is temporarily down for a known reason, is that when you take it off the ignored list, it returns immediately to the location in AirWave where it had resided before it was marked Ignored. l Ignored devices are not displayed in APs/Devices > New if discovered in subsequent scans.
4. The Unignore button will either return the device to its regular folder or group or send it to the APs/Devices > New page.
NOTE: Newly added devices will have a status of Down until they have been polled the first time. Their configuration status will remain Unknown until they have finished verification. The Up status is not contingent on verification. The same section also appears on the Groups > Monitor page and is hyperlinked from a controller's monitoring interface. The Alert Summary section of APs/Devices > List cites the number of events that have occurred in the last two hours, the last 24 hours, and total.
Monitoring Data Specific to Wireless Devices The APs/Devices > Monitor page for controllers and APs include a graph for users and bandwidth. The controller graph lists the APs connected to it, while the APs include a list of users it has connected. When available, lists of CDP and RF neighbors are also listed. A sample monitoring page for wireless devices is shown in Figure 79.
Field Description ping the AP. This usually means AirWave is blocked from connecting to the AP or the AP needs to be rebooted or reset. l l Configuration l l l Good means all the settings on the AP agree with the settings AirWave wants them to have. Mismatched means there is a configuration mismatch between what is on the AP and what AirWave wants to push to the AP. The Mismatched link directs you to this specific APs/Devices > Audit page where each mismatch is highlighted.
Field Description For Dell controllers, if Single Sign-On is enabled for your role in this AirWave and you have access to this controller, you will not have to enter the credentials for this controller again after selecting this link. Outer IP Public IP address for a RAP device. Remote LAN IP LAN IP address for a RAP. This address is useful for troubleshooting from the local network. Quick Links Open controller web UI: A drop-down menu that allows you to jump to the controller’s UI in a new window.
*These fields are only available for mesh APs. To see an example of mesh monitoring, see "Monitoring Data for Mesh Devices" on page 125. Devices with wired interfaces will display the Wired Interfaces table, which is described in Table 73: Table 73: APs/Devices > Monitor > Wired Interfaces Fields and Descriptions Field Description Name Displays the name of the interface. MAC Address Displays the MAC address of the corresponding interface in the device.
Table 74: APs/Devices > Monitor Graphical Data Graph Description Clients Formerly Users. Shows the max and average client count reported by the device radios for a configurable period of time. User count for controllers are the sum of the user count on the associated APs. Checkboxes below the graph can be used to limit the data displayed. Usage Formerly Bandwidth. Shows the bandwidth in and out reported by the device for a configurable period of time.
Field Description Cipher Displays the encryption or decryption cipher supporting the user, when this information is available. The client devices may all be similar, but if the APs to which they are associated are of different models, or if security is set up differently between them, then different Auth Type or Cipher values may be reported to AirWave. Auth Time Shows how long the user has been authenticated, in minutes.
Overview of the Radio Statistics Page The Radio Statistics page displays transmit and receive statistics about the communication quality of individual radios. Depending on the AP, assigned group profiles, and recent activity on this radio, this data gives visibility into recent and historical changes in the network, fetches real-time statistics from the AP’s controller, indicates actively interfering devices (requires Dell PowerConnect W-Series AP set to Spectrum mode), and summarizes major issues.
Figure 83: Issues Summary Section Illustration These issues highlighted in this section can be examined in detail using the corresponding interactive graphs on the same page. See the "Radio Statistics Interactive Graphs" on page 122 section of this chapter for details. 802.11 Radio Counters Summary This table appears for radios with 802.
Table 78: Radio Statistics Interactive Graphs Descriptions Graph Title Description Clients A line graph that displays the maximum users associated to the corresponding radio at polling intervals over the time range set in the slider. Select Show All for other metrics such as average users and max users for various individual devices. Usage An area graph displaying the average bandwidth in each direction for the radio.
modified values; these values can be selected for filtering the results. You can export the table in CSV format. The columns and values are illustrated in Figure 86. Figure 86: ARM Events Table Illustration The columns and values are described in Table 79. Table 79: ARM Events table Columns and Values Column Description Time The time of the ARM event. Trap Type The type of trap that delivered the change information.
Figure 87: Detected Interfering Devices Table Illustration Possible device types for the Detected Interfering Devices table are: l Audio Device Fixed Freq l Bluetooth l Cordless Base Freq Hopper l Cordless Phone Fixed Freq l Cordless Phone Freq Hopper l Generic Fixed Freq l Generic Freq Hopper l Microwave l Microwave Inverter l Unknown l Video Device Fixed Freq l Wi-Fi l XBox Freq Hopper Active BSSIDs Table The Active BSSIDs table maps the BSSIDs on a radio with the SSID it broadc
Figure 89: APs/Devices > Monitor page for a Mesh Device These fields are described in detail in "Viewing Device Monitoring Statistics" on page 113. Monitoring Data for Wired Devices (Routers and Switches) The monitoring page for routers and switches includes basic device information at the top, a bandwidth graph depicting the sum of all the physical interfaces, and beneath that, CPU/Memory utilization graphs as shown in Figure 90.
Figure 90: APs/Devices > Monitor Page for a Mobility Access Switch All managed wired devices also include an Interfaces subtab, as shown in Figure 91. Dell PowerConnect W-AirWave 7.
Figure 91: APs/Devices > Interfaces Page for Wired Devices (partial view) . The Interfaces page includes a summary of all the interfaces at the top. In case of the stacked switches, the master includes the interfaces of all the members including its own. The physical and the virtual interfaces are displayed in separate tables, labeled Physical Interfaces and Virtual Interfaces. VLANs are listed below the interface. NOTE: The Interfaces page for AirMesh APs includes VLANs as part of the Virtual Interfaces.
Figure 92: Interface Monitoring Page for a Wired Device An Interface Monitoring page is comprised of three sections: Interface Information, Usage and Interface Frame Counters graphs, and Connected Clients. Specifics of the interface are in the Interface Information section, as depicted in Figure 93.
Managed read/write mode. AirWave uses SNMP or Telnet to read a device’s configuration. SNMP is used for Cisco controllers. Dell PowerConnect W-Series devices and wired routers and switches use Telnet/SSH to read device configuration. See "Individual Device Support and Firmware Upgrades" on page 142 for more details. Perform these steps to verify the device configuration status: 1. Browse to the APs/Devices > List page. 2. Locate the device in the list and check the information in the Configuration column.
Folder views are persistent in AirWave. If you select the Top folder and then select the Down link at the top of the page, you are taken to all of the down devices in the folder. If you want to see every down device, select the Expand folders to show all devices link. When the folders are expanded, you see all of the devices on AirWave that satisfy the criteria of the page. You also see an additional column that lists the folder containing the AP.
Compare two configurations to highlight the specific lines that are mismatched. The Audit page provides links to the AirWave pages where any mismatched settings can be configured. NOTE: These procedures assume you are familiar with the function buttons available to save, apply, revert, and so on. For details on button functions, see Buttons and Icons in the Dell PowerConnect W-AirWave 7.6 Installation Guide.
Configuring AP Settings 1. Browse to the APs/Devices > List page and select the wrench icon next to the device whose AP settings you want to edit. This directs you to the Manage page for that device. Figure 98 illustrates one example of this page. (Note that the page and fields vary based on the device type.) Figure 98: APs/Devices > Manage Page Illustration If any changes are scheduled for this AP, they appear in a Scheduled Changes section at the top of the page above the other fields.
Field Description Status Displays the current status of an AP. If an AP is Up, then AirWave is able to ping it and fetch SNMP information from the AP. If the AP is listed Down then AirWave is either unable to ping the AP or unable to read the necessary SNMP information from the device. Configuration Displays the current configuration status of the AP. To update the status, select Audit on the APs/Devices > Audit page. Last Contacted Displays the last time AirWave successfully contacted the AP.
Setting Default Device Type Description the device Latitude None All Text field for entering the latitude of the device. The latitude is used with the Google Earth integration. Longitude None All Text field for entering the longitude of the device. The longitude is used with the Google Earth integration. Altitude (meters) None All Text field for entering the altitude of the device when known. This setting is used with the Google Earth integration. Specify altitude in meters.
Table 82: APs/Devices > Manage, Additional Settings Setting Default Device Type Description Mesh Devices Drop-down menu specifies the mesh role for the AP as shown: Mesh AP —The AP will act like a mesh client. It will use other APs as its uplink to the network. l Portal AP —The AP will become a portal AP. It will use a wired connection as its uplink to the network and serve it over the radio to other APs. l None —The AP will act like a standard AP. It will not perform meshing functions.
Setting Transmit Power Level Radio Enabled Use DHCP LAN IP Default Highest power level supported by the radio in the regulatory domain (country) Yes Yes None Device Type Description Cisco, Symbol, Proxim AP-600, AP-700, AP2000 (802.11g) Determines the power level of radio transmission. Government regulations define the highest allowable power level for radio devices. This setting must conform to established standards for the country in which you use the device.
Setting Default Device Type Description WDS APs. SSL Certificate Extra Device Commands switch_command Cisco IOS AirWave will read the SSL Certificate off of the AP when it comes UP in AirWave. The information in this field will defines what will be used in place of %certificate%. None Cisco IOS Defines the lines that will replace the %ap_include_1% variable in the IOS template. This field allows for unique commands to be run on individual APs.
selected devices at once. Additionally, this feature can be used on the Master Console to set maintenance windows for multiple AirWaves. To set a maintenance window for a single device, follow these steps: 1. Select a device and navigate to the APs/Devices > Manage page for a device. 2. At the bottom of the page, locate the Maintenance Windows section. 3. Select Add New AP Maintenance Window. Figure 99: Add New Maintenance Window in APs/Devices > Manage page 4. Enter a name for the maintenance window. 5.
Figure 101: Import Interfaces for Refresh and Reload (lower portion of page) You can view details for each interface on a wired device from its individual interface page as well. For details, see "Understanding the APs/Devices > Interfaces Page" on page 128. You can configure interface settings individually or in groups. For individual settings, select the pencil icon next the interface name in AP/Devices > Interfaces.
Figure 102: Physical Interfaces Monitoring and Configuration Sections Figure 103: Virtual Individual Interfaces Configuration Section To configure interfaces as a group, select Edit Interfaces above the Physical or Virtual Interfaces table as shown in Figure 104. Dell PowerConnect W-AirWave 7.
Figure 104: Edit Multiple Interfaces You will remain on the same page, but will have the option to make changes to the most commonly edited settings in batch mode, as shown in Figure 105. Figure 105: Multiple Interface Editing Page Illustration AirWave assembles the entire running configuration using templates and your modifications to these pages. For a more detailed discussion on templates, see "Creating and Using Templates" on page 151.
Figure 106: APs/Devices > Manage > Device Communication NOTE: The Device Communication area may appear slightly different depending on the particular vendor and model of the APs being used. 3. Enter and confirm the appropriate Auth Password and Privacy Password. 4. You can disable the View AP Credentials link in AirWave by the root user. Contact Dell support at dell.com/support for detailed instructions to disable the link. 5. (Optional.
Setting Default Description Use /safe flag for Cisco IOS firmware upgrade command No Enables or disables the /safe flag when upgrading IOS APs. The /safe flag must be disabled on older APs for the firmware file to fit in flash memory. Email Recipients None Displays a list of email addresses that should receive alert emails if a firmware upgrade fails. Sender Address None Displays the From address in the alert email.
Table 86: Common System Messages for Down Status Message Meaning AP is no longer associated with controller This means the AP no longer shows up in any controller's AP list (on the AirWave server). Either the AP was removed from the controller, or it has roamed to another controller that AirWave does not have visibility to, or it is offline.
Figure 108: View Device Credentials Window NOTE: The View Device Credentials message may appear slightly different depending on the vendor and model. 5. If the credentials are incorrect, return to the Device Communications area on the APs/Devices > Manage page. Enter the appropriate credentials, and select Apply. 6. Return to the APs/Devices > List page to see if the device appears with a Status of Up.
l Individual APs running temporarily in Spectrum mode while part of aDell PowerConnect W AP Group set to apmode l Controller-level Spectrum Overrides (an alternative to creating new Dell PowerConnect W AP groups or new radio profiles for temporary changes) Setting up a Permanent Spectrum Dell AP Group If you have multiple supported Dell PowerConnect W-Series APs in multiple controllers that you want to run in Spectrum mode over the long run, you create a special Dell PowerConnect W AP group and set up a
Configuring an Individual AP to run in Spectrum Mode If you want to temporarily set an individual radio in an AP to run in Spectrum mode without creating or changing Dell PowerConnect W AP Groups or radio profiles, perform these steps to set up a Spectrum Override on a supported Dell PowerConnect W-Series AP: 1. Go to the APs/Devices > Manage page for a Spectrum-supported AP. 2. After checking the Audit page, set the AP to Manage Read/Write mode. 3.
level override for its referenced Spectrum profile, as illustrated in Figure 111. This will affect all Spectrum-supported APs managed by this controller. Figure 111: Override Section of a Supported Controller’s Manage Page Perform these steps to override individual profile settings for an Dell PowerConnect W-Seriescontroller that is part of a spectrum-mode Dell PowerConnect W AP group: 1.
150 | Discovering, Adding, and Managing Devices Dell PowerConnect W-AirWave 7.
Chapter 5 Creating and Using Templates This section provides an overview and several tasks supporting the use of device configuration templates in AirWave, and contains the following topics: l "Group Templates" on page 151 l "Viewing and Adding Templates" on page 152 l "Configuring General Template Files and Variables" on page 155 l "Configuring Templates for Dell PowerConnect W-Instant" on page 160 l "Configuring Templates for AirMesh" on page 161 l "Configuring Cisco IOS Templates" on page 162
It is also possible to create local templates in a subscriber group—using global groups does not mean that global templates are mandatory Template Variables Variables in templates configure device-specific properties, such as name, IP address and channel. Variables can also be used to configure group-level properties, such as SSID and RADIUS server, which may differ from one group to the next.
Table 87 describes the columns in this image. Table 87: Groups > Templates Fields and Default Values Setting Description Notes When applicable, this section lists devices that are active on the network with no template available for the respective firmware. Select the link from such a note to launch the Add Template configuration page for that device. Name Displays the template name. Device Type Displays the template that applies to APs or devices of the specified type.
Table 88: Groups > Templates > Add Template Fields and Default Values Setting Default Description Use Global Template No Uses a global template that has been previously configured on the Groups > Templates configuration page. Available templates will appear in the dropdown menu. If Yes is selected you can also configure global template variables. For Symbol devices you can select the groups of thin APs to which the template should be applied.
Setting Default Description Telnet/SSH Password None If the template is updating the Telnet/SSH password on the AP, enter the new Telnet/SSH password AirWave should use here. AirWave updates the credentials it is using to communicate to the device after the device has been managed. enable Password None If the template is updating the enable password on the AP, enter the new enable password AirWave should use here.
6. AirWave automatically attempts to replace some values from the configuration of that AP with variables to enable AP-specific options to be set on an AP-by-AP basis. Refer to "Using Template Syntax" on page 157 These variables are always encapsulated between % signs. On the right side of the configuration page is the Additional Variables section. This section lists all available variables for your template.
actual ntp server 209.172.117.194 radius-server attribute 32 include-in-access-req format %h … 10. Once the template is correct and all mismatches are verified on the APs/Devices > Audit configuration page, use the Modify Devices link on the Groups > Monitor configuration page to place the desired devices into Management mode. This removes the APs from Monitor mode (read-only) and instructs the AP to pull down its new startup configuration file from AirWave.
Ignore_and_do_not_push Command The ignore and do not push directive should typically be used when a value cannot be configured on the device, but always appears in the running-config file. Lines enclosed in the ignore and do not push directive will not be included in the startup-config file that is copied to each AP.
Table 89: Conditional Variable Syntax Components Variable Values Meaning Dot11Radio0 2.4GHz radio module is installed Dot11Radio1 5GHz external radio module is installed a Installed 5GHz radio module is 802.11a b Installed 2.4GHz radio module is 802.11b only g Installed 2.4GHz radio module is 802.11g capable interface radio_type backup wds_role The WDS role of the AP is the value selected in the dropdown menu on the APs/Devices > Manage configuration page for the device.
Variable Meaning Command Suppressed Default antenna_ receive Receive antenna antenna receive %antenna_ receive% diversity antenna_transmit Transmit antenna antenna transmit %antenna_ transmit% diversity cck_power 802.11g radio module CCK power level power local cck %cck_power% maximum ofdm_power 802.11g radio module OFDM power level power local ofdm %ofdm_ power% maximum power 802.11a and 802.
syslog-server 216.31.249.235 syslog-level debug terminal-access clock timezone Pacific-Time -08 00 rf-band 5.
%avt_ingress_interface% %avt_ingress_ip% buffer_time 200 mode %avt_mode% NOTE: AirWave displays a warning if AirMesh APs attempting to either upgrade or push configurations lack the necessary write permissions. Configuring Cisco IOS Templates Cisco IOS access points have hundreds of configurable settings. AirWave enables you to control them via the Groups > Templates configuration page. This page defines the startup-config file of the devices rather than using the AirWave normal Group configuration pages.
aaa group server radius wds server 10.2.25.162 auth-port 1645 acct-port 1646 wlccp authentication-server infrastructure method_wds wlccp wds priority 200 interface BVI1 wlccp ap username wlse password 7 095B421A1C %endif% The following example sets an AP as a WDS Master Backup with the following lines: %if wds_role=backup% aaa authentication login method_wds group wds aaa group server radius wds server 10.2.25.
Configuring Single and Dual-Radio APs via a Single IOS Template To configure single and dual-radio APs using the same IOS config template, you can use the interface variable within the %IF…% construct.
version 1.4 ! ! aaa authentication login default local none service prompt crash-info ! network-element-id RFS4000 ! username admin password 1 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931f ! ! access-list 100 permit ip 192.168.0.
radio %radio_index% radio-number %radio_number% radio %radio_index% description %description% %if radio_type=11a% radio %radio_index% speed basic6 9 basic12 18 basic24 36 48 54 radio %radio_index% antenna-mode primary radio %radio_index% self-heal-offset 1 radio %radio_index% beacon-interval 99 radio %radio_index% rts-threshold 2345 radio %radio_index% max-mobile-units 25 radio %radio_index% admission-control voice max-perc 76 radio %radio_index% admission-control voice res-roam-perc 11 radio %radio_index%
Figure 114: Group > Templates > Add Page Illustration 4. Use the drop-down menu to select a device from which to build the global template and select Fetch. The menus are populated with all devices that are contained in any group that subscribes to the global group. The fetched configuration populates the template field. Global template variables can be configured with the Add button in the Template Variables box, illustrated in Figure 115.
n Variable Name—the name of the group template variable you wish to update. n Variable Value—the value to set. For example, for a global template with a variable called "ssid_1", the CSV file might resemble what follows: Group Name, ssid_1 Subscriber 1, Value 0 8. Once you have defined and saved a global template, it is available for use by any local group that subscribes to the global group.
Chapter 6 Using RAPIDS and Rogue Classification This chapter provides an overview to rogue device and IDS event detection, alerting, and analysis using RAPIDS, and contains the following sections: l "Introduction to RAPIDS" on page 169 l "Viewing Rogues on the RAPIDS > List Page" on page 179 l "Setting Up RAPIDS" on page 171 l "Defining RAPIDS Rules" on page 174 l "Score Override " on page 183 l "Using the Audit Log" on page 184 l "Additional Resources " on page 185 Introduction to RAPIDS Rog
Viewing Overall Network Health on RAPIDS > Overview The RAPIDS > Overview page displays a page of RAPIDS summary information (see Figure 117). Table 91 defines the summary information that appears on the page. Figure 117: RAPIDS > Overview Page Illustration 170 | Using RAPIDS and Rogue Classification Dell PowerConnect W-AirWave 7.
Table 91: RAPIDS > Overview Fields and Descriptions Summary Description IDS Events Displays a list of attack types for the designated folder and subfolders. Field displays events from the past two hours, the past 24 hours, and total IDS events. Names of attacks link to summary pages with more details. NOTE: AirWave should be configured as the SNMP trap receiver on the controllers to receive IDS traps. See the Dell PowerConnect W-AirWave 7.6 Best Practices Guide for details.
Figure 118: RAPIDS > Setup Page Illustration Table 92: RAPIDS > Setup > Basic Configuration Fields and Default Values Field Default Description ARP IP Match Timeout (1168 hours) 24 If you have routers and switches on the AirWave, and it's scanning them for ARP tables, this can assign a rogue IP address information. This timeout specifies how recent that information needs to be for the IP address to be considered valid. Note that the default ARP poll period is long (several hours).
Classification Options Table 93: RAPIDS > Setup > Classification Options Fields and Default Values Field Default Description Acknowledge Rogues by Default No Sets RAPIDS to acknowledge rogue devices upon initial detection, prior to their classification. Manually Classifying Rogues Automatically Acknowledges them Yes Defines whether acknowledgement happens automatically whenever a rogue device receives a manual classification.
Field Default Description is to keep this setting disabled. Instead, incorporate signal strength into the classification rules on the RAPIDS > Rules page. Ignore Rogues Discovered by Remote APs No Filters rogues according to the remote AP that discovers them. Enabling this option causes AirWave to drop all rogue discovery information coming from remote APs. Ignore IDS Events from Remote APs No Filters IDS Events discovered by remote APs.
classification engine. RAPIDS classifications and controllers classifications are separate and often are not synchronized. NOTE: RAPIDS classification is not pushed to the devices. The following table compares how default classification may differ between AirWave and ArubaOS for scenarios involving WMS Offload.
Threat level and classification are both assigned to a device when a device matches a rule. Once classified, a device’s classification and threat level change only if it is classified by a new rule or is manually changed. Threats levels can be manually defined on the RAPIDS > Detail page when the RAPIDS classification is manually overridden or you can edit the rule to have a higher threat level.
To create a new rule, select the Add button next to New RAPIDS Classification Rule to launch the RAPIDS Classification Rule page (see Figure 120). Figure 120: Classification Rule Page Fill in the settings described in Table 98 then select an option from the drop down menu. Table 99 defines the drop down menu options that are at the bottom left of the RAPIDS Classification Rule dialog box (see Figure 120). After all rule settings are defined, select Add.
Option Description Operating System Rogue matches OS criteria. Specify matching or non-matching OS criteria as prompted by the fields. Wireless/Wireline Properties Manufacturer Rogue matches the manufacturer information of the rogue device. Specify matching or nonmatching manufacturer criteria. MAC Address Rogue matches the MAC address. Specify matching or non-matching address criteria, or use a wildcard (*) for partial matches.
Using RAPIDS Rules with Additional AirWave Functions Rules that you configure on the RAPIDS > Rules page establish an important way of processing rogue devices on your network, and flagging them for attention as required. Such devices appear on the following pages in AirWave, with additional information: l RAPIDS > List—Lists rogue devices as classified by rules. l RAPIDS > Rules—Displays the rules that classify rogue devices.
Column Description Classifying Rule Displays the RAPIDS Rule that classified the rogue device (see "Viewing and Configuring RAPIDS Rules" on page 176). Controller Classification Displays the classification of the device based on the controller’s hard-coded rules. NOTE: This column is hidden unless Offload WMS Database is enabled by at least one group on the Groups > Basic page. WMS Classification AP The AP that provided the information used to classify the device.
Column Description LAN Vendor Indicates the LAN vendor of the rogue device, when known. Radio MAC Address Displays the MAC address for the radio device, when known. Radio Vendor Indicates the radio vendor of the rogue device, when known. OS This field displays the OS of the device, as known. OS is the result of a running an OS port scan on a device. An IP addresses is required to run an OS scan. The OS reported here is based on the results of the scan.
Figure 122: RAPIDS > Detail Page Illustration Important things to remember regarding the information in the device detail page are: l Users with the role of Admin can see all rogue AP devices. l Active rogue clients associated with this AP are listed in the Current Rogue Client Associations table. Selecting a linked MAC address will take you to the Clients > Client Detail page, where you can view fingerprinting and device details.
3. Select the Delete button if the rogue device is to be removed from AirWave processing. Viewing Ignored Rogue Devices The RAPIDS > List page allows you to view ignored rogues—devices that have been removed from the rogue count displayed by AirWave. Such devices do not trigger alerts and do not display on lists of rogue devices. To display ignored rogue devices, select View Ignored Rogues at the bottom left of the page.
Figure 123: RAPIDS > Score Override Page 2. Select Add to create a new override or select the pencil icon next to an existing override to edit that override. The Score Override add or edit page appears (Figure 124). Figure 124: Add/Edit Score Override Page Table 101: RAPIDS > Add/Edit Score Override Page Fields Field Description MAC Address Prefix Use this field to define the OUI prefix to be re-scored.
Figure 125: Audit Log Page Illustration Additional Resources The following AirWave tools support RAPIDS: l System Triggers and Alerts—Triggers and Alerts that are associated with rogue devices follow the classificationbased system described in this chapter. For additional information about triggers that support rogue device detection, see to "Viewing, Delivering, and Responding to Triggers and Alerts" on page 191.
186 | Using RAPIDS and Rogue Classification Dell PowerConnect W-AirWave 7.
Chapter 7 Performing Daily Administration in AirWave Daily WLAN administration often entails network monitoring, supporting WLAN and AirWave users, and monitoring AirWave system operations.
System Page Description Refer to Configuration Change Jobs Manages configuration changes in AirWave. "Using the System > Configuration Change Jobs Page" on page 225 Firmware Upgrade Jobs Displays information about current and scheduled firmware upgrades. "Using the System > Firmware Upgrade Jobs Page" on page 225 Performance Displays basic AirWave hardware information as well as resource usage over time.
Table 102: A Sample of Important Status Logs Log Description pgsql Logs database activity. error_log Reports problems with the web server. Also linked from the internal server error page that displays on the web page; please send this log to Dell support whenever reporting an internal server error. maillog Applies in cases where emailed reports or alerts do not arrive at the intended recipient's address. radius Displays error messages associated with RADIUS accounting.
Column Description Source Device The name of the device that sent the message. Will be a link if you have visibility to the device. Can be empty if AirWave could not correlate the source IP. AP Contains a link to the APs/Devices > Monitor page for a device other than the source device that was correlated from some data contained in the message (by LAN MAC, BSSID, or IP Address). Can be blank, and will only be a link if you have visibility to the device.
Column Description l l l Event Group—A group-wide event. System—A system-wide event. Alert—If a trigger is configured to report to the log, an Alert type event will be logged here. The event AirWave observed; useful for debugging, user tracking, and change tracking.
Figure 130: Add New Trigger Page Illustration 2. In the Trigger section, choose the desired trigger Type and Severity. Figure 131 illustrates some of the supported trigger types. NOTE: The alert summary information at the top of the AirWave screen can be configured to separately display severe alerts. Refer to "Configuring Your Own User Information with the Home > User Info Page" on page 222 for more details. 192 | Performing Daily Administration in AirWave Dell PowerConnect W-AirWave 7.
Figure 131: System > Triggers > Add Trigger Type Drop Down Menu The Add Trigger page changes depending on the trigger type that you select. In many cases, you must configure at least one Condition setting. Conditions, settings and default values vary according to trigger type. Triggers with conditions can be configured to fire if any criteria match as well as if all criteria match.
b. The Alert Notifications settings section allows you to enter a note that will be included with the alert. This note will appear with the alert on the System > Alerts page. The Alert Notification section also allows you to specify whether the alert will be distributed via email, to a network management system (NMS), or to both. l If you select Email, you are prompted to set the sender and recipient email addresses.
To set the conditions for this trigger type, select Add in the Conditions section. Configuration Mismatch This trigger type activates when the actual configuration on the AP does not match the defined Group configuration policy. To set the conditions for this trigger type, select Add in the Conditions section. AP Usage Activates when the total bandwidth through the device has exceeded a predefined threshold for more than a specified period (such as more than 1500 Kbps for more than 120 seconds).
Radio Trigger Options Description 802.11 Frame Counters Enables monitoring of traffic levels. There are multiple rate-related parameters for which you define conditions including ACK Failures, Retry Rate, and Rx Fragment Rate. See the Option drop-down menu in the Conditions section of the trigger page for a complete list of parameters. Select Add New Trigger Condition to access these settings. Define at least one condition for this trigger type. 802.
Client Trigger Option Description folders. A Filter on connection mode field appears to allow you to filter by Wired or Wireless clients. Note that the New Client trigger type does not require the configuration of any condition settings, so the Condition section disappears. Connected Clients This trigger type indicates a device (based on an input list of MAC addresses) has associated to the wireless network. It is required to define one or more MAC addresses with the field that appears.
Table 110: RADIUS Authentication Trigger Types and Condition Settings Description Client RADIUS Authentication Issues This trigger type sets the threshold for the maximum number of failures before an alert is issued for a user. Select Add New Trigger Condition to specify the count characteristics that trigger an alert. The Option, Condition, and Value fields allow you to define the numeric value of user issues.
Table 112: Disk Usage Trigger and Condition Settings AMP Health Trigger Description Disk Usage This trigger type is based on the disk usage of AirWave. This type of trigger indicates that disk usage for the AirWave server has met or surpassed a defined threshold. Select Add New Trigger Condition to specify the disk usage characteristics that trigger an alert. Set one of these triggers at 90% so you receive a warning before AirWave suffers performance degradation due to lack of disk space. b.
l IDS Events—Displays details of all Intrusion Detection System (IDS) events and attacks under the RAPIDS tab. You must be enabled as a RAPIDS user to see this page. l RADIUS Authentication Issues—Displays RADIUS-related alerts for devices in the top viewable folder available to the AirWave user. The detailed list displays the MAC address, username, AP, radio, controller, RADIUS server, and time of each event. Alerts can be sorted by any column. 2.
l Delete the alert by selecting it from the list and clicking the Delete button.
l Clients > Tags—Displays a list of wireless tags, such as Aeroscout, PanGo and Newbury, that are heard by thin APs, and reported back to a controller that is monitored by AirWave. "Supporting RFID Tags With the Clients > Tags Page" on page 209. Monitoring WLAN Users in the Clients > Connected and Clients > All Pages The Clients > Connected page displays all users currently connected in AirWave. This page is illustrated in Figure 135 and described in Table 114.
Table 114: Clients > Connected Table Columns and Links(Alphabetical) Field Description AOS Device Type The type of client device determined by the Dell controller -- a fallback in case the rules set in AMP Setup > Device Type Setup were unable to determine the device type. AP/Device Displays the name of the AP to which the MAC address is associated as a link to this AP's APs/Devices > Monitor page. Association Time The first time AirWave recorded the user for this association. Auth.
Field Description Location If a value appears here, the location of this user’s client has been mapped on VisualRF. Select the location to open a new VisualRF Floor Plan Location window. MAC Address The radio MAC address of the user associated to APs as a link to the Users > Detail page for this user. Manufacturer The manufacturer of the user’s device. Model The model of the user’s device. Name The product of the user’s device.
Monitoring Rogue Clients With the Clients > Rogue Clients Page You can view connected rogue clients in AirWave by selecting the Clients > Rogue Clients page. In this page, you can click on the MAC address of a rogue to view the Client Details page or on a Rogue AP link to view the RAPIDS > Details page for the AP. Figure 136 illustrates the Clients > Rogue Clients page. Figure 136: Clients > Rogue Clients Page Illustration Table 115 describes the fields on this page.
Supporting Guest WLAN Users With the Clients > Guest Users Page AirWave supports guest user provisioning for Aruba Networks, Dell PowerConnect W-Series, Alcatel-Lucent, and Cisco WLC devices. This allows frontline staff such as receptionists or help desk technicians to grant wireless access to WLAN visitors or other temporary personnel.
Table 116: Clients > Guest Users Fields Field Description Repair Guest User Errors Sets AirWave to attempt to push the guest user again in an attempt to repair any errors in the Status column. Add New Guest User Adds a new guest user to a controller via AirWave. Username Randomly generates a user name for privacy protection. This name appears on the Guest User detail page. Name Displays the specified guest user name. Enabled Enables or disables the user status.
Figure 139: Clients > Guest Users > Add New Guest User Page Illustration To make the Username or Password anonymous and to increase security, complete these fields then select Generate. The anonymous and secure Username and Password appear in the respective fields. 6. Select Add to complete the new guest user, or select Cancel to back out of new user creation. The Clients > Guest Users page appears and displays results, as applicable.
When a VPN username is selected, a Clients > VPN User Detail page displays with current VPN sessions, a user and bandwidth interactive graph, and a historical VPN sessions list table. Supporting RFID Tags With the Clients > Tags Page Radio Frequency Identification (RFID) supports identifying and tracking wireless devices with radio waves. RFID uses radio wave tags for these and additional functions. Active tags have a battery and transmit signals autonomously, and passive tags have no battery.
l To edit the name of the tag, or to add notes to the tag's record, select the pencil icon next to the entry in the list. You can then add or change the name and add notes like Maternity Ward Inventory or Chicago Warehouse, as two examples. l The Inactive Tag trigger can be used to generate an alert if a tag is not reported to AirWave after a certain interval. This can help to identify lost or stolen inventory.
Figure 142: Clients > Client Detail page illustration (partial view) Mobile Device Access Control in Clients > Client Detail and Clients > Connected Mobile Device Access Control (MDAC) secures, provisions, and manages network access for Apple® iOS and other employee-owned mobile devices by enabling device fingerprinting, device registration, and increased device visibility.
Figure 143: Device Info section in Clients > Client Detail after Show additional properties is selected Classifying Dell Devices in Client Detail If you have deployed Dell PowerConnect W-Seriescontrollers and have WMS Offload enabled on the network, the Clients > Client Detail page allows you to classify the device in the Device Information section, and to push this configuration to the Dell PowerConnect W-Seriescontrollers that govern the devices.
Figure 144: Open controller web UI and Run a command Menus Using the Deauthenticate Client Feature Some displays of the Clients > Client Detail page include the Deauthenticate Client feature in the Current Association section. Specifically, those displays are for devices which support this operation, namely Dell PowerConnect W-Series and Cisco WLC with firmware version v4.0.0.0 or later.
Evaluating Client Status with the Clients > Diagnostics Page The Clients > Diagnostics page is accessible from the Clients > Client Detail page. You can also search for a user and select the associated MAC address from the search results. This page provides an overview of a WLAN user’s general status and connectivity on the network, as illustrated in Figure 148.
n being actively managed by the SOTI MobiControl server For more information about setting up MobiControl, please see http://www.soti.net/mc/help/. In order to use SOTI MobiControl from within AirWave, you must first add your MDM server and designate it as a MobiControl. Adding a Mobile Device Management Server for MobiControl 1. To add an MDM server to AirWave, navigate to AMP Setup > MDM Server and select Add. Complete the fields on this page.
3. Under the Classification field, select the View device in SOTI MobiControl link. A new window will display the MobiControl Web Console for this device. Monitoring and Supporting AirWave with the Home Pages The Home tab of AirWave provides the most frequent starting point for monitoring network status and establishing primary AirWave functions once AirWave configuration is complete.
Figure 149: Home > Overview Page Illustration Table 119: Home > Overview Sections and Charts Section Description Clients This chart is a graphical summary of the number of users on the network during a period of time. The time can be adjusted. Select Show All to display a list of data series that this graph can display, such as the user count by SSID. Clear the Max Clients or Avg Clients checkbox to change the display of the graph. The graph displays the maximum number of users by default.
Section Description AMP Alerts IDS Events l RADIUS Authentication Issues Select any alert type for more information. l l Quick Links The Quick Links section provides drop-down menus that enable you to move to the most common and frequently used pages in AirWave, as follows: l Go to folder—This menu lists all folders defined in AirWave from the APs/Devices List page. See "Using Device Folders (Optional)" on page 130.
Figure 150: Home > RF Performance You can click on a value in any of the graphs to view the associated list of clients. Figure 151: Drill down to view all clients When the client information is displayed, an additional drill down is available to view information for a specific client, device, or location. NOTE: When you click on a Username in the Client page, the drill down takes you to the Clients > Diagnostics page.
Figure 152: Home > License Page Illustration Table 120: Home > License Static Fields and Descriptions Field Description System Name Displays a user-definable name for AirWave. The System Name can be configured from the AMP Setup > General page. Organization Displays the organization listed on your license key. Hostname Displays the DNS name assigned to AirWave. IP Address Displays the static IP address assigned to AirWave. The IP Address can be configured from the AMP Setup > Network page.
The Search feature can performs partial string searches on a large number of fields including the notes, version, secondary version, radio serial number, device serial number, LAN MAC, radio MAC and apparent IP address of all the APs, as well as the client MAC, VPN user, Client, LAN IP and VPN IP fields. Figure 153 illustrates this page. Figure 153: Home > Search Page Illustration with Sample Hits on 00: Dell PowerConnect W-AirWave 7.
1. Enter the keyword or text with which to search. If searching for a MAC address, enter it in colon-delimited format. 2. Press Enter to perform a default search, or select a different search method from the list of drop-down options. The results display after a short moment. Results support several hypertext links to additional pages, and the Filter icon over some columns allow for additional filtering of search returns. Search results are categorized in the following sequence.
Figure 154: Home > User Info Page Illustration (partial view) Table 121: Home > User Info Fields and Descriptions Field Description Top Header Stats Filter Level For Rogue Count Specifies the minimum classification that will cause a device to be included in the rogue count header information. More about the classifications can be found in "Controller Classification with WMS Offload" on page 174.
Field Description Severe Alert Threshold Configures the minimum severity of an alert to be included in the Severe Alerts count. See "Setting Severe Alert Warning Behavior" on page 15 for details. Note: The severe alerts count header info will only be displayed if ‘Severe Alerts’ is selected in the Stats section above and if a severe alert exists. Note: This field only appears if you selected Yes in the Customize Header Columns field.
l Email Address—Enter the email address to be used for alerts, triggers, and additional AirWave functions that support an email address. l Phone—Enter the area code and phone number, if desired. l Notes—Enter any additional text-based information that helps other AirWave users or administrators to understand the functions, roles, or other rights of the user being created.
Figure 156: System > Firmware Upgrade Jobs Page Illustration You can perform the following operations on this page: l To restart failed firmware upgrade jobs, select the checkboxes next to the rows you want to restart and select the Restart Failed Jobs button. l To stop a pending upgrade job and remove it from the list, select the Cancel and Delete Jobs button.
Figure 158: System > Performance Page Illustration (Partial Screen) Table 122: System > Performance Page Fields and Graphs Field Description System Information CPU(s) Basic CPU information as reported by the operating system. Memory The amount of physical RAM and Swap space seen by the operating system. Refer to the Dell PowerConnect W-AirWave Sizing Guide at dell.com/support/manuals for hardware requirements. Kernel The version of the Linux kernel running on the box.
Field Description 6x is a serious issue and will probably result in AirWave becoming unusable. To lower the load average, try increasing a few polling periods in the Groups > Basic page. System Memory Usage The amount of RAM that is currently used broken down by usage. It is normal for AirWave to have very little free RAM. Linux automatically allocates all free RAM as cache and buffer. If the kernel needs additional RAM for process it will dynamically take it from the cache and buffer.
Field Description Database Row Activity The number of insertions, deletions and updates performed to the database. Database Transaction Activity The number of commits and rollbacks performed by the database. Disk Space Disk Space Pie charts that display the amount of used and free hard drive space for each partition. If a drive reaches over 80% full, you may want to lower the Historical Data Retention settings on the AMP Setup > General page or consider additional drive space.
l The Master Console can also be used to populate group-level configuration on managed AirWave installations using the Global Groups feature. l The Master Console offers a display of devices that are in a Down or Error state anywhere on the network. This information is supported on Master Console pages that display device lists such as Home > Overview and APs Devices > List.
Table 123: Managed AMP Fields and Default Values Field Default Description Hostname / IP Address N/A Enter the IP address or Hostname of the AirWave server to be managed. Polling Enabled Yes Enables or disables the Master Console polling of managed AirWave server. Polling Period 5 minutes Determines how frequently the Master Console polls the managed AirWave server. Username N/A The username used by the Master Console to login to the managed AirWave server.
the drop-down menu, and then select Save and Apply. Note that the MC doesn’t push anything when you create new subscriber groups; the copy of the Global Group already on the managed AirWave provides the information. Once the configuration is pushed, the non-overridden fields from the Global Group will appear on the subscriber group as static values and settings. Only fields that had the override checkbox selected in the Global Group will appear as fields that can be set at the level of the subscriber group.
1. Use your AirWave Installation CD to build a new machine. The new machine must be running the same version as the AirWave that created the backup file. 2. Copy the nightly_data00[1-4].tar.gz file to the /tmp directory in the new AirWave. A file transfer client that supports SFTP/SCP for Windows is WinSCP: http://winscp.sourceforge.net/eng/ WinSCP allows you to transfer the nightly00[1-4].tar.gz file from your local PC to the new AirWave using the secure copy protocol (SCP). 3.
watched AirWave will be unable to restore properly. If any of the watched AMPs are not on the same version of AirWave, you will need to upgrade. The Failover AMP will need HTTPS access (port 443) to the watched AMP to verify that the web page is active and to fetch downloads. Once the Failover AMP determines that the Watched AMP is not up (based on the user-defined missed poll threshold) it will restore the data backup of the Watched AMP and begin monitoring the watched AMP APs and devices.
Chapter 8 Creating, Running, and Emailing Reports This section describes AirWave reports, including access, creation, scheduling, and distribution. This chapter includes the following sections: l "Overview of AirWave Reports" on page 235 l "Using Daily Reports" on page 238 l "Defining Reports" on page 258 l "Emailing and Exporting Reports" on page 262 AirWave ships with several reports enabled by default. Default reports may run nightly or weekly, depending on the AirWave release.
n l Run Now (visible from the expanded Report Definitions menu) allows immediate running of a custom report as soon as you set the parameters. You must save its definition separately, if you want to remember the parameters. Report definitions for other roles section—This section, supported for admin users, displays additional reports that have been scheduled for other roles. This section of the page adds the Role column, and other columns are the same.
Figure 162: Reports > Definitions Page Illustration (Split View) Figure 163: Report Type Drop down Menu in Reports > Definitions Illustration NOTE: Only admin users have complete access to all report information. The AirWave reports and online displays of information can vary with configuration, User Roles, and Folders. Reports > Generated Page Overview The Reports > Generated page displays reports that have been run, as well as the most recent daily version of any report.
Figure 164: Reports > Generated Page Example Figure 165: Reports > Generated Page with Single-click Report Viewing Options Using Daily Reports This section describes the default and custom-scheduled reports supported in AirWave. These reports can be accessed from the Reports > Generated page. Viewing Generated Reports The Reports > Generated page supports the following general viewing options: l By default, the reports on the Reports > Generated page are sorted by Generation Time.
Table 127: Reports > Generated Page Fields and Descriptions Field Description Generated Time Displays the date and time of the last time the report was run, or when the latest report is available. Selecting the link in this field displays the latest version of a given report. When the latest version of a given report is not available, this field is blank. In this case, a report can be run by selecting the report title and selecting Run. Title Displays title of the report.
available radio frequency information. Then, simply drag the desired data from the Available Options list on the left to the Selected Options pane on the right. The order of the data in the Selected Options section is the order that it will appear in the report. The data can be reordered by dragging an item up or down the list. 5. Below the Custom Options panes is a Report Restrictions section. All reports allow you to restrict based a specified Group, Folder, and Device Type.
Figure 168: Capacity Planning Report Detail Page (partial view) Table 128: Capacity Planning Report Fields and Contents, Top Portion Field Description Device Displays the device type or name. Interface Displays the type of 802.11 wireless service supported by the device. Group Displays the device group with which the device is associated. Folder Displays the folder with which the device is associated. Controller Displays the controller with which a device operates.
Using the Client Session Report The Client Session Report extensively itemizes user-level activity by session- any instance in which a user connects to the network.
Figure 169: Client Session Detail Partial View Using the Configuration Audit Report The Configuration Audit Report provides an inventory of device configurations on the network, enabling you to display information one device at a time, one folder at a time, or one device group at a time. This report links to additional configuration pages. Perform these steps to view the most recent version of the report, then to configure a given device using this report. 1. Navigate to the Reports > Generated page. 2.
Figure 170: Reports > Generated > Daily Configuration Audit Report Page, partial view Table 129: Daily Configuration Audit Report Field Description Name Displays the device name for every device on the network. Selecting a given device name in this column allows you to display device-specific configuration. Folder Displays the folder in which the device is configured in AirWave.
l Least Utilized by Maximum Number of Simultaneous Users—By default, this list displays the 10 devices that are the least used, according to the number of users. l Least Utilized by Bandwidth—By default, this list displays the 10 devices that are the least used, according to the bandwidth throughput. l Devices—This list displays all devices in AirWave. By default it is sorted alphabetically by device name.
Using the Device Uptime Report The Device Uptime Report monitors device performance and availability on the network, tracking uptime by multiple criteria to include the following: l Total average uptime by SNMP and ICMP l Average uptime by device group l Average uptime by device folder You can use this report as the central starting point to improve uptime by multiple criteria. This report covers protocol-oriented, device-oriented, or SSID-oriented information.
Field Description SNMP it is assumed to be reachable via ICMP. AirWave only pings the device if SNMP fails and then it pings at the SNMP polling interval rate. Time Since Last Boot The uptime as reported by the device at the end of the time period covered by the report. Using the IDS Events Report The IDS Events Report lists and tracks IDS events on the network involving APs or controller devices.
Field Description Precedence Displays precedence information associated with the IDS event, when known. Time Displays the time of the IDS event. Using the Inventory Report The Inventory Report itemizes all devices and firmware versions on the network, to include vendor information and graphical pie-chart summaries. The primary sections of this report are as follows: l Vendor Summary—Lists the vendors for all devices or firmware on the network.
Figure 175 illustrates the Reports > Detail page for this report. Figure 175: Reports > Generated > Daily Memory and CPU Usage Report Illustration (Contents Rearranged for Space) Using the Network Usage Report The Network Usage Report contains network-wide information in two categories: l Usage—maximum and average bandwidth l Clients—average bandwidth in and out This information can be broken down by Groups and Folders. It can also be summarized by Usage, Client Count, and by both for folders.
Using the New Clients Report The New Clients Report lists all new users that have appeared on the network during the time duration defined for the report. This report covers the user identifier, the associated role when known, device information and more. The report definition can filter on connection mode (wired, wireless or both). Figure 177 illustrates the fields and information in the New Clients Report.
Figure 178: Reports > Generated > New Rogue Devices Report Illustration (partial view) The rogue device inventories that comprise this report contain many fields, described in Table 133. Table 133: New Rogue Devices Report Fields Field Description Name Displays the device name, as able to be determined. RAPIDS Classification Displays the RAPIDS classification for the rogue device, as classified by rules defined on the RAPIDS > Rules page.
Field Description Channel Displays the wireless RF channel on which the rogue device was detected. WEP Displays WEP encryption usage when known. RSSI Displays Received Signal Strength (RSSI) information for radio signal strength when known. Signal Displays signal strength when known. LAN MAC Address Displays the MAC address for the associated LAN when known. LAN Vendor Displays LAN vendor information associated with the rogue device, when known.
Figure 179: Reports > Generated > PCI Compliance Report Illustration Example Using the Port Usage Report You can generate a wide array of port usage statistics from the Port Usage Report including each of the following: l List of all the switches and ports in your network by folder l List of unused ports l List of access and distribution ports l Histogram displaying unused ports vs.
Figure 180: Reports > Generated > Port Usage Report Detail Page (partial view) Using the RADIUS Authentication Issues Report The RADIUS Authentication Issues Report contains issues that may appear with controllers, RADIUS servers, and users. Figure 181 illustrates the fields and information in the RADIUS Authentication Issues Report. 254 | Creating, Running, and Emailing Reports Dell PowerConnect W-AirWave 7.
Figure 181: Reports > Generated > RADIUS Authentication Issues Detail Page Illustration Using the RF Health Report The RF Health Report tracks the top AP radio issues by noise, MAC/Phy errors, channel changes, transmit power changes, mode changes, and interfering devices (the last two apply only if there are ARM events). This report assists in pinpointing the most problematic devices on your network, and lists the top devices by problem type.
Figure 182: Reports > Detail > Daily RF Health Report Page Illustration (partial view) All tables in RF Health indicate the rank, device type, number of users, bandwidth, location, controller, folder, and group, and all are sorted according to rank. Selecting a value under the Device column in any table will take you to the APs/Devices > Monitor > Radio Statistics page for the band indicated in the table title (5 GHz or 2.4 GHz).
Figure 183: Reports > Detail > Rogue Clients Report Page Illustration Using the Rogue Containment Audit Report The rogue containment audit report that lets you know if any containment is failing. Figure 184 illustrates the fields and information in this report type. Figure 184: Reports > Detail > Rogue Containment Audit Report Page Illustration Using the VPN Session Report The VPN Session Report extensively itemizes VPN activity by session.
Figure 185: VPN Session Report SummaryView Defining Reports You can create reports in AirWave for any time period you wish, to be run when you wish, and distributed to recipients that you define. Perform these steps to create and run custom reports. Reports created with the Reports > Definition page appear on this and on the Reports > Generated page once defined. 1.
Table 134: Reports > Definitions > Add Page Fields and Default Values Field Default Description Title Empty Enter a Report Title. Use a title that is a meaningful and descriptive, so it may be found easily on the lists of reports that appear on either Generated or Definitions pages. Type Capacity Choose the type of report you wish to create in the Report Type drop-down menu.
Field Default Description allowed to view all the devices in the report. Email Report Select Yes to display sender and recipient fields. Enter a valid Sender Address where marked to indicate the address that appears in the From field of the emailed report. Enter a valid recipient email addresses, separated by commas when using multiple email addresses. NOTE: AirWave will not attempt to email a report with an excessively large number of rows in the detail section.
Report Type Can by Run by Time Period Can be Run by Group/Folder Description defined percentage of their maximum bandwidth capacity. Pulls data for AP radios or interfaces of universal devices (ifSpeed value). Reports" on page 239 "Using the Capacity Planning Report" on page 240 Yes Yes Tracks bandwidth capacity and consumption according to thresholds for data throughput. This is a device-oriented report.
Report Type Can by Run by Time Period Can be Run by Group/Folder Description "Using the Port Usage Report" on page 253 Yes Yes Summarizes switch and port information across the network. Generates information on the unused ports. Provides a detailed list of all available switches and ports in the network. "Using the RADIUS Authentication Issues Report" on page 254 Yes Yes Summarizes RADIUS authentication issues by controller and by user, as well as a list of all issues.
Figure 188: Email this report Additional information about email-based report generation is described in "Defining Reports" on page 258 and in "Emailing Reports to Smarthost" on page 263. Emailing Reports to Smarthost AirWave uses Postfix to deliver alerts and reports via email, because it provides a high level of security and locally queues email until delivery.
264 | Creating, Running, and Emailing Reports Dell PowerConnect W-AirWave 7.
Chapter 9 Using VisualRF This chapter contains information about VisualRF and includes the following topics: l "Features" on page 266 l "Useful Terms" on page 266 l "Starting VisualRF" on page 267 l "Basic QuickView Navigation" on page 267 l "Using the Settings in the VisualRF > Setup Page" on page 272 l "Configuring QuickView Personal Preferences" on page 278 l "Increasing Location Accuracy " on page 281 l "Using QuickView to Assess RF Environments" on page 290 l "Planning and Provisionin
Features l Mesh monitoring page specially for viewing Dell AirMesh devices. VisualRF automatically renders Mesh APs based on GPS coordinates. l Floor plan upload wizard enables direct importation of JPG/JPEG, GIF, PNG, PDF (single page only) and CAD files for floor plans. NOTE: PDF floor plans must be generated from a source file. Other PDFs, such as those scanned from a printer, will not import properly. Similarly, CAD files must be generated by AutoCAD.
l Unassociated Client Information - Some APs/Controllers have the ability to report the signal strength of visible clients that are associated to a radio on a neighboring AP. AirWave also uses these signal strength readings to more accurately place these unassociated clients. l VisualRF - The AirWave service that calculates location, calculates path loss, and provides floor plan editing capabilities.
Table 136: Top Level Icons and Descriptions Operation Icon Description Refresh Refresh the floor plan to see changes. Open Site Tree Display the Network Tree View Window on top of the floor plan. Preferences Configure personal viewing preferences. The Preferences menu allows you to configure user preferences (overlay types, grid lines, alerts, icon sizes). See "Configuring QuickView Personal Preferences" on page 278 for more details. Help Launch the online help.
l Wired Range - Displays the distance an Ethernet cable can be pulled from an IDF. The max range is equal to 300 feet minus 5 percent minus 1.1x the floor height. Floors section The Floors section shows the overlay information for adjacent floors to determine how the bleed through from adjacent floors affects the viewed floor.
l Mesh - Toggle lines between Mesh portals and nodes. l Surveys - Toggle lines between client (x,y) to APs by client during survey. l Interferers - Toggle lines between interferers and the radios that have discovered them. For interferers, there is no radio of association. Edit Menu Figure 195: Edit Menu Options Options in the Edit menu allow you to add information to the floor plan.
Figure 196 shows additional navigation controls when viewing floor plans. In the bottom left corner of the window is the Search box. In the top right corner is the zoom control. You can also zoom by using Ctrl + your mouse wheel as well as the + and - keys. In the bottom right corner are navigation tools related to network, campus, and building. Figure 196: On-Screen Navigation Options Mesh View Navigation Mesh view provides a visual Mesh monitoring page specially for viewing DellAirMesh devices.
Figure 198: APs in a mesh network Select an AirMesh AP icon to bring up the popup menu showing the Mesh Node Properties by default. This window shows the node’s name, MeshID, MAC, Manufacturer, and other information. Clicking the blue Monitor link inside this window opens the APs/Devices > Monitor page in a new tab. Clicking the blue Manage link inside this window opens the APs/Devices > Manage page for this AP in a new tab.
Figure 200: The VisualRF > Setup Page Server Settings To enable VisualRF and tune memory and performance, navigate to the Server Settings section on this page. The settings in this section are detailed in Table 138. Table 138: Server Settings Section of the VisualRF > Setup Page Setting Default Description Enable VisualRF Engine No Enables or disables the VisualRF engine. This setting must be enabled to use VisualRF. If you do not have a license for VisualRF, this page will not appear.
Setting Default Description 200 to 300 floors 5 GB (64-bit only) Above 300 8 GB (64-bit only) NOTE: If you see Out of Memory errors in the SSL error log on the System > Status page, you should increase memory allocation. l l Core Threads 1x number of cores Number of threads that calculate path loss for each floor. These threads also regenerate a floor's RF properties when new APs, walls, or regions are added to a floor plan.
Location Calculation Timer Settings To tune the frequency for calculating device locations within the VisualRF UI, navigate to the Location Calculation Timer Settings section. The available settings are described in Table 140: Table 140: Location Calculation Timer Settings Section of VisualRF > Setup Setting Default Description Legacy Laptop Min/Max (sec) 90/360 This timer determines how often to calculate the location for legacy laptop devices.
Setting Default Description l l RFID Number of Samples 4 Scale Min/Max (sec) 500/2000 Scale Number of Samples 3 data samples). If so (Yes to question above), then recalculate the client device's location based on the samples received. If not (No to the question above), then wait until the number of sample setting is met before recalculating. If the number of samples is never met, wait until the maximum timer (default is 120 seconds) and then recalculate. See definition above.
NOTE: All of these values are global variables that cannot be overridden for individual floor plans. VisualRF uses these values to calculate path loss and client locations. Walls within VisualRF are interpreted as pure dB loss without adjusting for wall thickness. Table 141: Wall Attenuation Settings in VisualRF > Setup Setting Default dB Description Concrete Attenuation (dB) 15 Specifies the attenuation for any concrete walls drawn in VisualRF.
NOTE: It is normal for VisualRF to consume 20% of each core with a combination of threads. It will utilize excess CPU cycles on all cores when required. Configuring QuickView Personal Preferences To configure your personal preferences in QuickView, select the Preferences icon on the VisualRF > Floor Plans page and choose from the following configuration options: l General - select from the Configure Preferences for drop-down menu, as shown in Figure 202.
Figure 203: QuickView Preferences Page Illustration (APs preferences selected) l n Usage - select the kbps threshold for normal (green), high (yellow), and excessive (red) n # of Clients per Radio - select the number of number of clients per radio for normal (green), high (yellow), and excessive (red) n % of Uptime for the last 24 hours for normal (green) and excessive (red) n AP Location - specify whether to display green for a good location or red for a suspect location within a floor plan n Ra
l n Usage - select the kbps threshold for normal (green), high (yellow), and excessive (red). n Signal Strength - select the dBm client threshold between excellent and poor n Icon Size - select the size of the client device icon display on the floor plan Overlays - select display type for Heatmap, Speed, Sensor, Voice, and Ch.
Figure 207: QuickView Preferences Page Illustration (Navigation preferences selected) n % of APs Up for the last 24 hours for normal (green) and excessive (red) n Icon Size for campus, building and floor - specify Tiny, Small, Medium, Large, or Huge icons NOTE: These preferences are stored in the database, so they will be retained across browsers and machines. NOTE: The remaining sections in this chapter apply to networks, campuses, buildings, and floor plans that have already been set up in VisualRF.
MFG/Model Client Signal Associated AP AP-to-AP Signals (Dynamic Attenuation) Unassociated Client Signal Rogue AP Signal Cisco LWAPP Yes Yes Yes Yes Cisco IOS Yes No No With WLSE Cisco VxWorks Yes No No No Trapeze Yes No No Yes Meru No No No Yes Proxim Yes Yes Yes Yes Symbol Auton.
Figure 208: Drawing a wall 3. To move or resize the wall, select the Draw Walls button in the Edit menu again. The cursor changes to a hand, and the ends of the wall is highlighted. Click and drag the end point handles to change the wall, as shown in Figure 209: Figure 209: Moving and resizing an existing wall n To change the attenuation of a wall, right-click the wall and select the appropriate building material. n To delete a wall, select the wall and press the Delete key.
Figure 210: Surveys and Training menu for a client device To remove a statically trained device, select client, and select the Surveys and Training option. Select Delete button (which will have replaced the Add button) for Static Training. NOTE: The static locations are automatically saved, so the Save icon (floppy disk) will not appear.
5. Select the Duration or the time that you want to sample the client's signal measurements. Longer durations will increase Path Loss accuracy and location accuracy. 6. Select OK to begin the survey. To display survey locations, select the Display menu and select Surveys. Note the following information about this procedure: l Ensure the client will remain in the same location for at least the duration of the survey.
4. Move the location probability slider to the desired level, as shown on Figure 212. Very Low will decrease the probability of a device being placed in that region by 20%. Very High will increase the probability of a device being placed in that region by 20%. Figure 212: Adding a New Location Probability Region 5. Optionally, you can save the location region as the exterior walls. 100% attenuation can be selected to force VisualRF to only place devices inside of the selected region.
Now that the Wiring Closet is defined you will see a green WiringCloset icon on your floor plan. Double click that icon to navigate into the wired closet. 1. Add a rack to the wired closet by selecting the Add Empty Rack icon and dragging it to the background. 2. To add a planned device, select the Add Planned Device icon to view the Manually Provision Rack Gear menu. Select the device type in the Type menu, and then find the device you want to add. Drag it into the rack at the appropriate location. 3.
Figure 215: Deployed switch showing red and green port status icons Fine-Tuning Location Service in VisualRF > Setup There are several options on the VisualRF > Setup page which increase client location accuracy. All of these items will increase the processing requirements for the location service and could negatively impact the overall performance of AirWave. l Grid Size - decreasing the grid size will enable the location to place clients in a small grid which will increase accuracy.
Figure 218: WLC RRM Configuration in AirWave l Review the values in the Monitor Intervals section. These should be configured to a recommended setting of 180 for better accuracy. Deploying APs for Client Location Accuracy Deploying access points for client location accuracy can be different than deploying access points for capacity.
Using QuickView to Assess RF Environments QuickView has four distinct views or entry points: client view, access point view, floor plan view, and network, campus, and building view.
This view is focused on the wireless user enabling you quick resolution of a user's issues and therefore disables most RF objects by default.
Viewing an AP’s Wireless RF Environment To view an access point's RF environment from APs/Devices > Monitor page: 1. Select a device of interest from APs/Devices > List, or any other AirWave page that lists your APs. The APs/Devices > Monitor page opens. 2.
Viewing a Floor Plan’s RF Environment View a floor plan's RF environment from VisualRF > Floor Plans page. This page has a fixed sorting filter of Campus, then Building, then Floor number. Figure 228: Floor Plans List View The VisualRF > Floor Plans page provides a snapshot of how VisualRF is performing, as described in Table 145: Table 145: Floor Plans list columns Field Description Campus Campus associated to the floor. Building Building associated to the floor. Floor Floor number.
n Network View - Contains all campuses within your WLAN n Campus View - All buildings within a campus n Building View - All floors within a building n Floor Plan View - All regions, wiring closets, WiFi tags within the floor Viewing Campuses, Buildings, or Floors from a Tree View As an alternative to using QuickView, you can use the Tree View to view floors from a hierarchical tree, as follows: 1. Navigate to the VisualRF > Floor Plans page. 2. Select the Tree icon ( )at the top right of any view.
l "Auto-Matching Planned Devices" on page 305 l "Printing a Bill of Materials Report" on page 305 Creating a New Campus Floors are associated with a building, and buildings are associated with a campus. In order to create a new floor, you must first create a campus with at least one building. To create and place your campus, follow these steps: 1. Navigate to VisualRF > Floor Plans. 2. Select the Add Campus button located above the floor plan on the top left.
Table 146: New Building Fields and Descriptions Field Description Name Name of the building; located on an existing campus. Campus Lists all campuses configured on your AirWave. Longitude & Latitude These fields are used to represent a building on Google Earth. Distance between floors The normal distance between floors in the building. This value can be overridden as each floor is created, but this is the default value for every new floor added to the system.
5. Add appropriate geographical background or upload a personalized image by right-clicking on the background in your Network or in any Campus. The Set Map option allows you to browse and select an included map, or you can import your own by selecting the Custom button. This launches the image wizard. With this wizard, you can upload an image, specify color or greyscale, and crop your custom background.
Figure 232: Floor Plan Imported into VisualRF l When importing RF plans, be sure that the devices to be included are also available in the device catalog. n If the floor plan does not require cropping, sizing, or layer control, then click Save and Close to begin provisioning APs or Save and New to upload a new floor plan. n If the floor plan does require cropping, sizing, or layer control, then proceed to the next procedure NOTE: Floor plans can be added (imported), edited, and deleted.
By default the importation wizard allocates 2,500 grid cells to each site based on dimensions. If you have a site that is 250 ft. by 100 ft, the Floor Plan importation wizard would calculate the grid cell size at 10 feet. 250 ft. x 100 ft. = 25,000 ft. 25,000 ft. / 2,500 ft. = 10 ft. NOTE: Decreasing the grid cell size will increase accuracy, but it also increase CPU consumption by the floor caching threads and the location caching threads.
Table 147: Assigning numbers Setting Default Description Building dropdown N/A Use this drop-down to associate the floor with a building which associate it to a Campus as well. Floor Number 0.0 The floor number. You can enter negative numbers for basements. NOTE: Each floor plan within a building must have a unique floor number. Floor Name Floor [Number] A descriptive name for the floor. It inherits the floor number as a name if nothing is entered.
Figure 235: Checking for CAD errors Last Steps in Editing an Uploaded Image Click the Save and Close button to begin provisioning APs or Save and New to upload another floor plan. After clicking Save and Close, you are redirected back into QuickView where you can provision APs, Wiring Closets, and wired infrastructure. Provisioning Existing Access Points onto the Floor Plan To provision existing AP in your network onto the floor plan you just uploaded, follow these steps: 1.
Figure 236: Provisioning APs onto the Floor Plan 8. After all APs are provisioned on the floor plan, select Save (floppy disk icon) in the top right of the QuickView window. NOTE: The floor is submitted to one of the core threads to recalculate path loss and then to one of the location caching threads to recalculate client locations. All changes may not be visible on a refresh until this process complete.
Figure 237: Planning Region Drawing and Selection Illustration 2. Draw your polygon as follows: n Left-click to initiate the process. The tool will automatically shade in your provisioning area. n Complete the polygon by double-clicking. 3. Once you have finished drawing the region, enter a name for the region and select a Region Type of Planning. Then select OK. The following image displays. Figure 238: Autoprovisioning APs 4.
Table 149: Fields in the Autoprovision APs Window Field Description Device Selection AP Type The type of AP used in this planning region. Radio Section Phy Whether they PHY is set to 11n or no radio. Xmit Transmit power of the APs. Gain Gain of the APs. EIRP EIRP of the APs. Environment A range from 1-4 that best describes whether the environment is related to an office space, cubicles, offices, or concrete. Decimal points are allowed.
l Delete Planned APs in the Region - Deletes only provisioned APs in the region l Reprovision APs - Remove all planned APs inside this region and prompts for new information to replan the region l Delete the Region - Deletes the region and all planned APs l Edit the region - Change the name of the region l Copy the Region to floors above - Will copy the region and auto plan for floors above.
Figure 239: Bill of Materials Report Illustration Importing and Exporting in VisualRF Exporting a campus To export a campus from VisualRF so you can import it into another AirWave, follow these steps: 1. Navigate back to the Network view. 2. Right-click the Campus icon. 3. Select Export. An object selection window appears. 4. Select the objects to export and select Export. A File Download window appears. 5. Select Save and save the zipped file to your local hard drive for importation to another AirWave.
Batch Importing CAD Files This process provides the ability to automatically upload many CAD files and auto provision existing walls and access points, and contains the following topics: l "Requirements" on page 307 l "Pre Processing Steps" on page 307 l "Upload Processing Steps" on page 307 l "Post Processing Steps" on page 308 l "Sample Upload Instruction XML File" on page 308 l "Common Importation Problems" on page 308 Requirements l Operating System: Client machine must be Windows XP, Windo
Post Processing Steps 1. Decrease the Location Caching Timer to previous value. 2. Review the VisualRF > Floor Plans page to ensure server is keeping up. Sample Upload Instruction XML File PAGE 321To change the memory allocation, navigate to the VisualRF > Setup page and configure the memory allocation accordingly. Memory allocation should equal .5 GB for 1-75 floor plans, 1 GB for 76-250 floor plans, 1.5 GB for 251500 floor plans, and 2 GB for 501-1,000 floor plans. NOTE: Importing a large number of floor plans can impact performance of the AirWave server. VisualRF must create a thumbnail, provision APs, create attenuation grid, and locate all clients on each imported floor plan.
Remax ft 314.45 425.88 /var/example/snapshot/b45e7a49-23-2e6d2c.677/background.jpg /snapshot/b423b5-4db0-891a2e0d2c.677/background.
VisualRF Plan Installation After you have downloaded VisualRF Plan from the Dell support site, the installer will prompt you for the location of the data directory. You must have access to the directory you choose for the installation. Also choose a directory for auto-backup. (The default is the user directory.) Follow the rest of the instructions on your installation screen. Differences between VisualRF and VisualRF Plan Table 150: VisualRF vs.
312 | Using VisualRF Dell PowerConnect W-AirWave 7.
Index 8 device configuration 129 802.
CSV File, adding multiple devices with 110 specifying minimum versions for APs 91 Current Association 213 uploading 43, 45 firmware upgrade jobs,viewing 225 D firmware upgrades in monitor-only mode 23 Dashboard Folders 130 Customizing Display 10 Deauthenticate Client 213 Dell Overrides 149 Dell PowerConnect W-Instant templates 160 Detected Interfering Devices 124 FTP Server,enabling 23 fully qualified domain names 19 G Global Dell PowerConnect W Configuration 147 Global Groups Device Events 22 w
IDS Events 200 message-of-the-day 34 ignore device 112 Modify Devices link 129 Incidents 200 Monitor (Read Only) 31 Instant monitoring templates 160 mesh devices 125 Interface Monitoring page 128 wired devices 126 Interfering Devices 22 wireless devices 115 iPhone 230 N L navigation LDAP understanding the UI 5 authentication 33 Network integration with AMP 3 configuring authentication and authorization 39 network settings defining 25 Licenses 116 Nightly Maintenance Time setting 17
radio settings Configuring for Groups 78 Rogue Association History table 213 rogue classification 169 radio statistics 120, 125 Rogue Client Associations table 182 Radio table 117 rogue clients 182, 198, 256 RADIUS 69 rogue scanning authentication 33 configuring authentication and authorization 35, 37 enabling in Groups > Radio 80, 288 Roles 4 routers and switches 126 integrating 36 Adding with a CSV File 110 RADIUS Authentication Issues 200 RTLS Collector 23 Radius/ARM/IDS Events retention 22
Software updates 17 User Idle Timeout 34 SOTI MobiControl 214 user interface Spectrum Analysis 146 AMP Setup > Device Type Setup 46 SSIDs 74 AMP Setup > General 16, 147 inactive 22 AMP Setup > Network 25 SSL Certificates 138 AMP Setup > NMS 53-54 static IPs, assigning 66 AMP Setup > Roles 27, 29 Static Routes 27 AMP Setup > Users 27-28 switches APs/Devices > Audit 106, 116, 130-132, 156 virtual interfaces 139 APs/Devices > Ignored 112 Symbol 81, 151 APs/Devices > Interfaces 127-128, 139
Home Overview 10-11, 15 Data Set menu 268 Master Console 229 Device Types 269 Master Console > Groups > Basic 231-232 Display Menu 269 Master Console > Groups > Basic, Managed 232 Edit Menu 270 Radio Statistics 121 Enabling 20, 267 RAPIDS > Audit Log 184 Floors 269 RAPIDS > List 179 Frequencies 269 RAPIDS > Rogue APs (Detail), Score Override 184 Icons 267 RAPIDS > Score Override 183 RAPIDS > Setup 171 Reports > Definitions 238, 258 Reports > Generated > Port Usage 254 System 187 System > Ale
Location Calculation Timer Settings 275 Location Settings 274 Resource Utilization 277 Server Settings 273 VLANs 74 Voice overlay 268 W Watched AMPs 233 WDS Role 137 Web Auth bundles 40, 46 widgets adding 11 available 11 Wired Devices Monitoring 126 Wired Interfaces table 118 Dell PowerConnect W-AirWave 7.
320 | Index Dell PowerConnect W-AirWave 7.
