Wireless Access

Hello All,

I've been struggling with getting snmp informs working with airwave. Airwave shows all devices as up and using snmpv3 for polling and i can manually snmpwalk the controllers in question from the airwave cli. However, all of the controllers are overflowing their trap queue limit and i'm not getting any event type information in airwave. No failed radius authentications, etc. I've defined my snmpv3 user under the inform section of device communication (which i think is hidden away nicely). Any advice is appreciated.

Airwave 7.4

3x 200 controllers running AOS 5.0.4.0

3200 controller running 6.1.2.3

650 controller running 6.1.2.5

Airwave cli returns list of mibs from command, looks to be ok...

snmpwalk 10.0.0.1 -v 3 -a SHA -A XXX -x AES -X XXX -u AMP -l authPriv

Aruba CLI outputs...

(3200) (config) #show running-config | include snmp

snmp-server user "AMP" auth-prot sha XXX priv-prot aes XXX 
snmp-server enable trap
snmp-server host 10.0.13.210 version 3 AMP inform engine-id 80001f8880909a614df6bdca udp-port 162

(3200) (config) #show snmp trap-hosts

SNMP TRAP HOSTS
---------------
HOST VERSION SECURITY NAME PORT TYPE TIMEOUT RETRY
---- ------- ------------- ---- ---- ------- -----
10.0.13.210 SNMPv3 AMP 162 Inform 60 3

(3200) (config) #show snmp trap-queue | include Total

Total traps in the queue : 250
Total traps generated on the controller : 82253

digging in a bit more, i've tried creating a different v3 user using sha/des but have the same results. Log file is reporting this message over and over...

(3200) (config) #show log all 1 | include snmp

Nov 30 11:41:03 snmp[608]: <301134> <WARN> |snmp| SNMP V3 Message parse error: Not in life time window failure: Possible Privacy password mismatch. 663

I've repasted my passwords multiple times into both airwave and controller and i'm now even using simple passwords (12 characters all lowercase alphabetical), and i've also checked to make sure the clocks were in sync between airwave and controller.

[root@amp mercury]# clock
Wed 30 Nov 2011 01:07:33 PM MST -0.655223 seconds

(3200) (config) #show clock

Wed Nov 30 13:07:49 MST 2011

The controller doesn't clear the queue when it sends traps.  The trap queue will always show the last 250 traps generated.

I noticed that you don't have a trap host defined.  You specified "inform" in the snmp-server host command,

Shouldn't you have:

snmp-server host 10.0.13.210 version 3 AMP

that will send the traps instead of informs.

Applying your command, i am prompted for the "engine-id". What is the significance of the "engine-id"? Does it need to be unique per controller, or is unique to all controllers?

Also, i could have sworn that i've seen controllers have their value for "total traps in the queue" be at 0. I thought since theirs were being delivered and mine weren't that would be a clue.

as it is, i'm applying the default engine-id "8000052301A9FEA484" to see if i get anything on amp.

I have always seen the queue filled up with traps.  If you use informs, you can do the command "show snmp inform stats" and you should see a 0 balance.  The difference is that traps are unacknowledged, so you have no clue whether the receiver actually got them.  Informs are ack'd, so you can resend if needed.

Let us know if you start to see events in AMP after changing the snmp type to traps.

nope, no events using traps.

went back to informs to check the queues and i also forced some eap radius failures. got no notifications on amp, controller doesn't even look like it's trying...

Nov 30 14:06:53 station-up * 00:26:08:fd:38:eb 00:1a:1e:16:df:f3 - - wpa2 aes
Nov 30 14:06:53 eap-id-req <- 00:26:08:fd:38:eb 00:1a:1e:16:df:f3 3 5
Nov 30 14:06:53 eap-id-resp -> 00:26:08:fd:38:eb 00:1a:1e:16:df:f3 3 20 AMPTest
Nov 30 14:06:53 rad-req -> 00:26:08:fd:38:eb 00:1a:1e:16:df:f3 60 197
Nov 30 14:06:53 rad-reject <- 00:26:08:fd:38:eb 00:1a:1e:16:df:f3/dc1 60 44
Nov 30 14:06:53 eap-failure <- 00:26:08:fd:38:eb 00:1a:1e:16:df:f3 3 4 server rejected
Nov 30 14:06:53 station-down * 00:26:08:fd:38:eb 00:1a:1e:16:df:f3 - -

(3200) #show snmp inform stats

Inform queue size is 250

SNMP INFORM STATS
-----------------
HOST PORT INFORMS-INQUEUE OVERFLOW TOTAL INFORMS
---- ---- --------------- -------- -------------
10.0.13.210 162 0 FALSE 0

(3200) #

Do "show snmp trap-list" and see if you have the traps you want sent enabled.

everything is on. i would think amp would be getting all kinds of messages if everything was configured correctly.

AirWave only supports informs when you're using SNMP v3, not traps. Traps are supported if you're using v2c. 

If you're not able to get this working, please don't hesitate to open a TAC case. 

i only enabled traps with v3 when it was suggested above, but informs sure dont seem to be working either.

is there a straightforward guide that i can use as a checklist to make sure i'm not missing anything? I have to be missing somehting in amp since i'm getting the same results on all my controllers.

opening a tac case. will post results. thanks.

got it working for a while with code upgrades etc but when i migrated controllers yesterday it went back to mismatching, so i went back to snmp2c.