Network Management

Reply
Frequent Contributor I
Posts: 97
Registered: ‎08-19-2008

Airwave-Aruba Firewall tab

Upgraded to Airwave 7.7.2, so far so good.  One thing I noticed (and have a case open about it) is that the firewll tab in Airwave does not resolve destination IP addresses or services, like it does in the Aruba controller web gui.  I did read on the pdf for Aruba-Airwave best practices that this might happen, the question is, is there a way to fix it?  I do like seeing the App names (youtube, facebook, etc) or destination names (cnn.com, etc) in the firewall tab of the Aruba controllers, so it would be great if Airwave would also reflect that too.  Looks like 7.7.3 just came out, so maybe this version fixes this?  Waiting for a reply ffrom TAC, but figured one of you guys might already know the answer.. :smileyhappy:

Thanks!

 

Marcelo Lew

Wireless Network Architect & Engineer

University Technology Services

University of Denver

Desk: (303) 871-6523

Cell: (303) 669-4217

Fax:  (303) 871-5900

Email: mlew@du.edu

Marcelo Lew
Wireless Network Architect-Engineer
University of Denver
Moderator
Posts: 1,251
Registered: ‎10-16-2008

Re: Airwave-Aruba Firewall tab

The firewall tab relies on the controller to translate values. There's a dependency that the controller must have PEFNG license, controller also needs to point AMON messages to AirWave, and AirWave needs to have AMON data collection enabled. If all these requirements are met, then you should be good to go. I'll double check to see if there were any other issues.

Rob Gin
Senior QA Engineer - Network Services
Aruba Networks, a Hewlett Packard Enterprise Company
Aruba Employee
Posts: 1
Registered: ‎03-21-2013

Re: Airwave-Aruba Firewall tab

[ Edited ]

AirWave receives this message from the controller via AMON, in addition the ExecUIquery  performs to resolve the IP addresses, requires an authenticated controller user with the appropriate CLI credentials. See the logs in the /var/log/exec_ui_query for the particular controller.

 

error => 'could not parse xml: File does not exist: Not logged on.

 at /opt/airwave/local/lib/perl5/site_perl/5.10.0/XML/Simple.pm line 940

    XML:imple::find_xml_file(\'XML:imple=HASH(0x7fbe42ce6140)\', \'Not logged on.\\x{a}\') called at /opt/airwave/local/lib/perl5/site_perl/5.10.0/XML/Simple.pm line 215

 

Means credentials are either incorrect or not have access to the controller

 

Please make sure, you have given the telnet/ssh credential correctly to the Manage page of the Controller in the Airwave. Then disable and enable the firewall again in the Airwave.

 

All being well, you will get the resolved IP address in the both destination and applications

New Contributor
Posts: 4
Registered: ‎01-17-2013

Re: Airwave-Aruba Firewall tab

[ Edited ]

I had the same problem where Airwave didnt track HTTP or HTTPS trafic at all.

With TAC, we found out that Audit Configuration for both Controllers and AP must be enable for those groups in Airwave

 

And as schandrasekaran said, Airwave need access to the controller on CLI level

Search Airheads
Showing results for 
Search instead for 
Did you mean: