11-27-2013 10:23 PM - edited 11-28-2013 03:52 AM
Whenever the Aruba controoler detects a Rogue AP, it sends a SNMP trap to registered SNMP trap receiver. I have two questions:
1. Is this trap sent only once? OR repeatedly after every x mins. Say, if the trap receiver missed the first trap, will it again receive any Rogue AP detected trap?
2. Does Aruba controller sends any Rogue AP Removed snmp trap?
Solved! Go to Solution.
11-28-2013 01:30 AM
It's been a long time since I tested this, and obviously my previous tests were now on a much older code, but...
You get one trap when the rogue is discovered.
Whenever the classification changes automatically (or manually by the administrator), you get a trap (saying it's changed).
If you manually go onto the controller and delete the rogue entry, you don't get anything.
Pretty sure that's right!
11-28-2013 02:35 AM - edited 11-28-2013 03:00 AM
Thanks for reply.
Say if the trap receiver misses the trap, does Aruba Controller exposes any SNMP MIB through which we can poll the controller to get the list of:
1. Active Rogue APs
2. All the APs visible in airspace.
11-28-2013 04:21 AM
I believe there is, although I can't claim to know what they are!
If I was to go looking for them, I'd be downloading the MIBs off the support portal, then running a controlled test with a "safe" rogue, walking the tables of a test controller (referencing into the MIBs).
Having said that, it's possible the rogue OIDs might get dynamically built like the APs ones do. I.e. When APs are added to the controllers, they dynamically build OIDs based on the AP MAC. This might give you a challenge!
At a general level, doing stuff like this on anything other than Airwave (which knows all this stuff by default and polls for it), can be a lot of effort for a moderate outcome which tends to distort the value of the exercise.