Network Management

Reply
Contributor II
Posts: 36
Registered: ‎11-18-2014

Airwave and Controller Rogue Detection

Hi All

 

I have a customer with a master local controller setup running AOS 6.4.2.4 on a pair of 7210's. We also have airwave configured and one of the main reasons for this was Rogue detection and alerting.

 

Currently, the controller can see one rogue on the security tab on dashboard. Airwave is also showing a rogue, which is great. Except, they aren't the same device.

Airwave says it learnt the rogue classification from a controller classification but the rogue Airwave knows about is not listed on the controller.

 

Even more strangely, even though the dashboard on the controller still shows one rogue, if I do 'show wms ap list' on the CLI, there are no rogues listed.

 

Airwave version is 8.0.6.3

 

Any help much appreciated

Guru Elite
Posts: 20,015
Registered: ‎03-29-2007

Re: Airwave and Controller Rogue Detection

Please read the airwave rogue classification chapter here:  http://www.arubanetworks.com/techdocs/AirWave_8_0_Web_Help/UserGuide.htm#AWUserGuide/Chapter6_RAPIDS/Using_RAPIDS_and_Rogue_Classification.htm#07rapids_1654598663_27976

 

Airwave has rules on top of what it learns from the controller about what to classify as a rogue, so you can expect more "rogues" from Airwave, just based on classification.  Rules can be relaxed or tightened based on what you consider a rogue.

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Contributor II
Posts: 36
Registered: ‎11-18-2014

Re: Airwave and Controller Rogue Detection

Yes, I've read that before and I think I am doing the right thing with my rules but why does a rogue get reported as 'controller classified' when I don't have that AP listed on the controller? And why doesn't the AP that is classified as rogue on the controller, and meets one of my rules on Airwave, not appear on Airwave?

Guru Elite
Posts: 20,015
Registered: ‎03-29-2007

Re: Airwave and Controller Rogue Detection

[ Edited ]

You should open a TAC case in parallel to make sure your rules are correct.  If the controller saw a Rogue AP, and the AP is removed, within 30 minutes it will no longer be on the controller.  Airwave will keep in historically much longer.

 

The AP that is classified as rogue on the controller, see if it is even in Airwave, but misclassified by one of your rules.

 

 

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Search Airheads
Showing results for 
Search instead for 
Did you mean: