07-17-2014 04:27 AM
We've got a setup with Airwave that has read/write access to our switches. We have the download role from ClearPass as enabled in our AAA profiles and the switches gets the config. The problem is that the switches doesn't report it back to Airwave that they have recived the config which produces a mismatch in Airwave. We decided to just use the ignore function on the audit page to hide the "mismatch" (as we figured this is a software bug that hopefully gets fixed sooner than later), which works. The problem is that on switches that are stacked, we don't have access to the audit page because it's stacked. So the switches that are stacked (apart from the primary) still keeps the mismatch error.... Anyone has any ideas on what to do?
The setting that produces the mismatch:
AAA Profile 'XXXXXXXXXXX' Download Role from ClearPass
Solved! Go to Solution.
07-17-2014 05:06 AM
A couple questions:
- What version of Airwave are you running?
- Can you provide an actual screeshot of the error?
Regarding the audit page comments, let me look into that one. I have not seen that.
07-17-2014 05:27 AM
Hello and thanks for the reply.
1. We're running AirWave 8.0.0
Here you can see the mismatch we are getting in Airwave. We've ignored those two mismatches here, which is why it says "Configuration: Good (Ignoring mismatches)
Now lets look at CLI on the same switch. Here is the AAA-profile (one of them). As we can see "Download Role From ClearPass" is listed as "Enabled"
Here is the same AAA-profile when I run a show running-config. As we see there is no reference to the "Download Role From ClearPass". Which might be why AirWave dont detect it?
07-17-2014 06:33 AM
I think I figured it out. The Mobility Controllers which recently added support for downloadable roles in AOS 6.4 and have this feature disabled by default. The Mobility Access Switches have this feature enabled by default. As a result, I believe Airwave expects to see the "download-role" command in the "show running-configuration" on the Mobility Switches when it's enabled which is won't. Definitly a bug. I would recommend opening a TAC case to get it resolved. I'll give engineering a heads up as well.
I still need to look at your audit comment.
07-17-2014 07:16 AM
I've tried a stack and can get a mismatch to appear on the Primary switch while the other members still say Good. That's not like your situation but does show a strange behavior that the Configuration state should affect all members of the stack not just one. I've mentioned taht as well to Engineering but I would also mention it with the TAC engineer as well to make sure there is proper tracking of these two issues.
11-20-2014 08:25 PM
Our Airwave development team fixed some issues related to stack mismatches as part of bug DE16649 which was resolved in Airwave 8.0.5. What version are you running?