Wireless Access

Hi,

I'm working on using Airwave in to mange our controller configurations.  I imported my controllers configuration successfully, and can see all the AP groups and profile under Device Setup/Aruba configuration.  However, the RAP whitelist is empty,  is it not possible to import this into my Airwave Aruba configuration

Thanks

Are you running a Master-Local setup?  If so, you need to run the 'Import' from the Audit page of the Master controller to populate the RAP whitelist.  To verify the import, check the audit log and telnet commands log for the controller (log files in /var/log/ap/[ap_id]/).  Best way to verify may be to grep the log for a known whitelisted MAC address.

Hi Rob,

I'm running a master-backup master setup.  I tried what you suggested but still dont see the RAP whitelist.

Any ideas ?

thanks

Let me try to replicate in the lab and see if I can pinpoint what's happening in the background.  I'll get back to you on this.

Here's what I see in the audit log

Thu Feb 28 20:32:34 2013:
>> show whitelist-db rap
<<                               ^
<< % Invalid input detected at '^' marker.

From my controller, the command to see the RAP whitelist is:

show local-userdb-ap

I'm running 6.2.0.2 on my controller and 7.6.1. on Airwave

Hope this helps

This issue has since been fixed.  The 7.6.2 release notes has it documented as this:

DE13310

The whitelist-db rap command is not yet supported in AOS 6.2. AMP will continue to use the
local-userdb-ap command to add, modify, and delete remote AP entries in the Remote AP whitelist.

Essentially, 'whitelist-db rap' is a new command introduced in AOS 6.3.  This means you have a few options: upgrade AirWave to 7.6.2, upgrade AOS to 6.3, or both.

ok, thanks Rob, will upgrade to 7.6.2

Hi Rob,

I upgraded my Airwave to 7.6.3 and now the RAP-Whitelist imports correctly.

However, it has imported into the "default" RAP-whitelist.

I have two separate RAP controller hubs, one in UK and one in US,  so I'd like to have a US RAP whitelist and a UK RAP whitelist.

Is there a way to move the entries in the default RAP Whitelist to a new UK RAP whitelist ?

Thanks

To do this, the 2 controllers would have to be in separate groups.  Also, the Global Aruba Config setting on AMP Setup would have to be set to 'no'.  In this way, your UK controller would sync with the UK group Aruba Config, while the US controller would sync with the US group Aruba Config.  Let me know if you need a walkthrough for setting this up.

if starting from scratch:

1. go to AMP Setup, disable Global Aruba Config

2. create 2 groups: UK, US

3. add UK, US controllers into their designated groups (in monitor only mode)

4. for each group, navigate to controller's config audit page and import settings / profiles

5. check and confirm that the RAP whitelists you desire are separate by verifying on each group's Aruba Config tab

from a pre-approved point (if devices are already in AMP):

1. make sure controllers are in monitor only mode

2. blank out RAP whitelist (show all entries in the table, then select all, delete, save)

3. create new group for one of the controllers

4. leave whichever controller you like in the current group, while moving the other into the new group

5. for each group, navigate to controller's config audit page and import settings / profiles

6. check and confirm that the RAP whitelists you desire are separate by verifying on each group's Aruba Config tab