Controller Based WLANs

How do I configure the Phone Home feature (Aruba TAC server)?

Question:  How do I configure the Phone Home feature (Aruba TAC server)?

 

Product and Software: This article applies to ArubaOS 6.1.3.4 and later.



Phone Home (Aruba TAC server) is a new feature introduced in ArubaOS 6.0. This feature allows users to send logs and crash data files securely to the Aruba TAC server. All data are encrypted and signed by the certificate in each controller. Simple Mail Transport Protocol (SMTP) is used to send the data to the Aruba TAC server.

The Phone Home feature has two report types:
· Auto Report
· Report Now

If the Auto Report option is enabled, the controller checks for configuration changes every week. If changes are detected, the logs are sent to the Aruba TAC server.

The Report Now option is an on-demand option that generates logs and a crash file (if any) and they are sent to the Aruba TAC server.

An Aruba TAC Engineer locates the logs and crash files you uploaded using Phone Home by looking for the controller serial number, controller hostname, or the email address or domain name you have configured.



Configuring Using the WebUI
1) Navigate to Maintenance > FILE > Aruba TAC Server > Enable.
2) In the SMTP Configuration Section, click SMTP.

a) Enter the Server IP Address.
i. This is the IP address of the local SMTP server. Check with your mail or server administrator.
ii. The local SMTP server must allow the controller(s) to relay emails. If not, the administrator needs to explicitly allow the subnets or controller IP address in the allowed list. The egress interface IP address is used as the source IP address.
b) Enter the Email-ID.
c) Click Apply.
d) Click Configuration > Save Configuration.

All other options are optional.

Some SMTP servers require authentication, protocol, and port different than TCP port 25 or has a limit set on the size of the attachment. You must get these details from your mail server administrator and configure them accordingly.

 

 

Parameters Default Value Optional? Note
Server IP Address None No Your local SMTP server IP address.
Server Port TCP 25 Yes Your local SMTP server port.
User Name None Yes Your username to login to the local SMTP server. This is usually optional.
Password None Yes Your password to login to the local SMTP server. This is usually optional.
Email-ID None No Your email address.
Max Size of Attachment 10 MB Yes Set the maximum attachment size per email. If the logs file exceeds 10 MB, the controller sends multiple emails with the maximum attachment of size of 10 MB each. Aruba TAC server merges all the attachments into a single log file.

 

 

 

1667_image001.png

Configuring Using the CLI
You can also configure the Phone Home feature using the command line interface (CLI). All the phone home commands are local to the controller and are not pushed from the master controller to local controllers.

To enable Phone Home, follow these steps:
1) Login to the controller using SSH.
2) Type 'Config t' to enter the configuration mode.
3) Type 'phonehome enable' to enable the feature.
4) Type 'phonehome auto-report' to enable the auto reporting.
5) Type 'phonehome smtp <Your Local SMTP Server Address> <Your Email Address>' to set up the email forwarding.
6) Type 'end' to exit the configuration mode.
7) Type 'write mem' to save the configuration.

 

 

Verification Using the WebUI
After you enable and configure the Aruba TAC Support option, you can use the Report Now option to trigger the on-demand report.

To send a report to the Aruba TAC Server, follow these steps:

1) Click Maintenance > FILE > Aruba TAC Support.
2) Click Report Now > Apply.

The logs and crash files (if any) are generated and sent to the configured local SMTP server. The time taken depends on things like the configuration, number of users, sessions, and AP.

After the status change to "Operation executed successfully", click the Aruba TAC Server, and check the status display in the Transaction History section.

Sample transaction log from the WebUI:

 

 

1667_image002.jpg

 

1667_image003.png

 

Verification Using the CLI

To enable Phone Home, follow these steps:

1) Log in to the controller using SSH.
2) Type 'phonehome now'.
3) Type 'show phonehome report-status' to check the Phone Home status.



Troubleshooting
Common issues reported are:
· Relay is denied by local SMTP server.
· Authentication is required by the local SMTP server.
· Local SMTP server configuration is incorrect.
· Firewall is blocking TCP port 25 between the controller and the local SMTP server.
· Routing configuration is incorrect.


The transaction history shows this status if the post to your local SMTP server is failing:

 

1667_image004.png

 

To view status from the CLI, issue the 'show phonehome report-status' command:

(static-master) (config) #show phonehome report-status

PhoneHome Transaction Report-Status
-----------------------------------
1. Transaction: Born Wed Oct 17 14:41:02 2012, Report Type Manual-Report
Transaction ID: xxxxxx17_Manual_2012-10-17_14:41:02
Filename /flash/PhoneHome/trans/sw0/sw0_fault.tar, Size(Kbytes) 2059
Post Status: Post failed, will retry in 60 minutes

 

To debug the issue that posts to the local SMTP server is failing, follow these steps:

Step 1: Assume that Ping is allowed between the subnet of the controller and the local SMTP server.

1) Click Diagnostics > Network > Ping.
2) Enter the IP address of your local SMTP server.
3) Click Ping.
4) If the Ping is successful, go to step 2. If the Ping is not successful, check the routing and firewall configuration.

 

1667_image005.png

 

 

Step 2:
1) Open a SSH connection to the controller.

2) Enable the packet capture option, for example, if the SMTP server is using TCP port 25, enter this command:
packet-capture tcp 25

3) Trigger the on-demand Phone Home.
a. Clear the previous Phone Home status.
config t
phonehome disable
phonehome enable
end
b. Run the report now.
phonehome now
c. Check the Phone Home status.
show phonehome report-status
d. When the status changes to "Post Status: Post failed, will retry in 60 minutes", stop the packet capture.
packet-capture tcp disable
Use 'show packet-capture' to view the active packet capture filter.
e. Generate the log and view the packet capture with any sniffer like Wireshark.

i. From the CLI, run 'tar log' to generate the logs.tar bundle.
ii. Copy this file to an external FTP or TFTP server

OR
From the Web UI, click Maintenance > Copy Logs > Download Logs. Optionally you can uncheck "Include technical support information".

iii. Open the log bundle. It should contain files called filter.pcap. Open it with sniffer software like Wireshark and check for error in the capture. This file is located in the \var\log\oslog directory.

 

Sample sniffer captures that indicate an issue sending Phone Home data
Indicating the error in sending the email through the local SMTP server.
Error in packet capture show Authentication Required.
 

 

1667_image006.png

 

 Indicating issues with firewall blocking the connection to your local SMTP server.

 

1667_image007.png 

 

 Indicating connection to your local SMTP server is reset. This could possibly cause by firewall blocking the request or the IP address of the SMTP server is incorrectly configured.

 

1667_image008.png

 Indicating the SMTP server denied the relay request from the controller. The Mail Server Administrator must specifically permit the controller IP address or subnet to allow mail to be relay.

 

1667_image009.png

 

 

Version history
Revision #:
1 of 1
Last update:
‎07-04-2014 03:15 PM
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.