Community Home > Discuss > Technology > Network Management > Airwave-Aruba Firewall tab

Network Management

Reply
Frequent Contributor I
mlew2433

Airwave-Aruba Firewall tab

‎08-05-2013 05:47 PM

Upgraded to Airwave 7.7.2, so far so good.  One thing I noticed (and have a case open about it) is that the firewll tab in Airwave does not resolve destination IP addresses or services, like it does in the Aruba controller web gui.  I did read on the pdf for Aruba-Airwave best practices that this might happen, the question is, is there a way to fix it?  I do like seeing the App names (youtube, facebook, etc) or destination names (cnn.com, etc) in the firewall tab of the Aruba controllers, so it would be great if Airwave would also reflect that too.  Looks like 7.7.3 just came out, so maybe this version fixes this?  Waiting for a reply ffrom TAC, but figured one of you guys might already know the answer.. :smileyhappy:

Thanks!

 

Marcelo Lew

Wireless Network Architect & Engineer

University Technology Services

University of Denver

Desk: (303) 871-6523

Cell: (303) 669-4217

Fax:  (303) 871-5900

Email: mlew@du.edu

Marcelo Lew
Wireless Network Architect-Engineer
University of Denver
Alert a Moderator
Message 1 of 4
1,620 Views
Reply
0 Kudos
Moderator Moderator
Moderator
rgin

Re: Airwave-Aruba Firewall tab

‎08-05-2013 06:18 PM

The firewall tab relies on the controller to translate values. There's a dependency that the controller must have PEFNG license, controller also needs to point AMON messages to AirWave, and AirWave needs to have AMON data collection enabled. If all these requirements are met, then you should be good to go. I'll double check to see if there were any other issues.

Rob Gin
Senior QA Engineer - Network Services
Aruba Networks, a Hewlett Packard Enterprise Company
Alert a Moderator
Message 2 of 4
1,614 Views
Reply
0 Kudos
Aruba Employee
Aruba Employee
schandrasekaran

Re: Airwave-Aruba Firewall tab

‎08-07-2013 11:07 PM - edited ‎08-07-2013 11:12 PM

AirWave receives this message from the controller via AMON, in addition the ExecUIquery  performs to resolve the IP addresses, requires an authenticated controller user with the appropriate CLI credentials. See the logs in the /var/log/exec_ui_query for the particular controller.

 

error => 'could not parse xml: File does not exist: Not logged on.

 at /opt/airwave/local/lib/perl5/site_perl/5.10.0/XML/Simple.pm line 940

    XML:imple::find_xml_file(\'XML:imple=HASH(0x7fbe42ce6140)\', \'Not logged on.\\x{a}\') called at /opt/airwave/local/lib/perl5/site_perl/5.10.0/XML/Simple.pm line 215

 

Means credentials are either incorrect or not have access to the controller

 

Please make sure, you have given the telnet/ssh credential correctly to the Manage page of the Controller in the Airwave. Then disable and enable the firewall again in the Airwave.

 

All being well, you will get the resolved IP address in the both destination and applications

Alert a Moderator
Message 3 of 4
1,551 Views
Reply
0 Kudos
chris.t
New Contributor
chris.t

Re: Airwave-Aruba Firewall tab

‎08-12-2013 06:53 AM - edited ‎08-12-2013 06:54 AM

I had the same problem where Airwave didnt track HTTP or HTTPS trafic at all.

With TAC, we found out that Audit Configuration for both Controllers and AP must be enable for those groups in Airwave

 

And as schandrasekaran said, Airwave need access to the controller on CLI level

Alert a Moderator
Message 4 of 4
1,510 Views
Reply
0 Kudos
Search Airheads
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

© Copyright 2018 Hewlett Packard Enterprise Development LP
All Rights Reserved.
Powered by Lithium