Controllerless Networks

last person joined: 3 hours ago 

Aruba Instant Wi-Fi: Meet the controllerless Wi-Fi solution that's easy to set-up, is loaded with security and smarts, and won't break your budget.
Expand all | Collapse all

pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

  • 1.  pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

    Posted Jan 17, 2017 08:01 AM

    Hi

     

    did i miss something ? i browsed today thru my config of iap-cluster (105/135) and saw that webui management say "airwave" management instead of "local" as it was for more than 2-3 years. 

    it was never managed by airwave/ams, so i wonder why config lines like this suddenly are added after plain upgrading. 

     

    as i kept config file histories, it seems this already happenend after upgrading to 4.2.4.3 in october , today i upgraded directly from webui to 4.2.4.4 as it was finally once offered again . normally upgrading happens with local file upgrades e.g. with weblinks/dropbox whatever. (pointing to iap105 and iap135 file, the usual way many ppl use).

     

    so, what's up with this magic config additions, BB is watchin' on verizon ? ;-) :

    Name: pool-98-118-82-145.bstnma.fios.verizon.net
    Address: 98.118.82.145

     

    ams-ip 98.118.82.145
    ams-key 63877e96exxxxxxxxxxxxxxxxx2655133c69b617d6
    ams-identity 260dc4xxxxxxxxxx6ec442e011

    organization My-Org

    name Instant-Cluster

     

    someone can clearify this, as i dont see hints in release-notes, perhaps it's the usual cloud management, but i would expect that german customers are freaking out if magically AMS IP adds itself thru upgrading the instant OS ;-)

     

    regards

    ben

     

     



  • 2.  RE: pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

    Posted Jan 17, 2017 08:52 AM

    I think you should open a TAC case.  That is not normal.



  • 3.  RE: pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

    Posted Jan 17, 2017 08:59 AM

    If you have control of your config (if you can see the edit button next to SSIDs), then the Instant AP has no contact with that server.  I would remove the lines:

     

    ams-ip 98.118.82.145
    ams-key 63877e96exxxxxxxxxxxxxxxxx2655133c69b617d6
    ams-identity 260dc4xxxxxxxxxx6ec442e011

     

    ..in the short term to make sure you have no contact with whatever server that might be...



  • 4.  RE: pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

    Posted Jan 18, 2017 09:02 AM

    unfortunately cant open case cause no maintenance on the instant-cluster serial numbers.

     

    cjoseph : is/was there any instant OS with automatic call-home feature like Aruba_Central/Activate which could explain this behaviour? perhaps cause of some instantOS interim upgrade "bug" (or whatever) this just added magically without any intervention? i just wonder why and "how" those config lines added to my config.

     

    i would expect, if this is aruba-central/activate that a hostname would be used instead of a plain IP adress.

     

    Do you know if there's some CLI command showing OS upgrade history , then i try to reproduce by downgrading to the OS where the config lines werent added, restoring october 2016 config and then upgrading the same way again to see if the AWMS config lines add themselves again. 

     

    i cant imagine someone would have hacked my internal network by passing the external firewall, then executing a virus/trojan on one of my clients and just brute-forcing the webui/ssh instant-cluster and adds AWMS config lines just to observe. i just expect this was cause by some software bug during upgrading the OS - which is done regularly. 

     

    do you have guys in engineering where you can ask about the strange verizon.net IP adress?

     

    thanks!

    ben



  • 5.  RE: pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

    Posted Jan 19, 2017 11:38 AM

    Could you please share a show tech from your cluster?

     

    show image version can let you see the one previous image on the IAP.



  • 6.  RE: pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

    Posted Jan 19, 2017 12:14 PM
    show tech wont help here as the config lines were already removed after i experienced the existence.
    feeling little bit unconciousness how those were added.

    what i know from the past is that the iap135 in cluster was once a plain real ap135 which was aruba-lab-converted somehow to iap by reflashing , it was from an old SE who gave that to us few years ago. as iap135 is phased out i decided to use at home.

    so i expect this IP of awms is perhaps from somehow base OS included by lab to call home to aruba and this config line just added during upgrading OS in october.

    i wonder why no one can tell me if that ip/hostname is somehow aruba activate/central related?

    as the image on iapcluster was 4.2.4.3 last week and now upgraded to 4.2.4.4 and afterwards 4.2.4.5 i cant tell what was in place in october/november.

    so overall said, how this config lines magically added without intention of myself? noone else has access to that cluster. cluster is not reachable from external-> internal, network is secured from my POV ;))


  • 7.  RE: pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

    Posted Jan 19, 2017 12:17 PM

    The reason i am requesting show tech, is for other investigative purposes. Mainly for now the serial number and mac address, any other info that might be needed.

     

    Thanks & regards.



  • 8.  RE: pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

    Posted Jan 20, 2017 04:08 AM

    see PM regarding tech-support

     

    @cjoseph : i revised the tech-support and saw the aruba-activate says "enabled" and "successful" , perhaps the iap-cluster just fetched thru aruba-cloud/central/activate a kind of AWMS config as some admin centralized added the S/N  of the mentioned IAP135 to some central AWMS db ? could this be the reason?

     

    perhaps this was done "accidentally" by some AWMS admin on aruba-networks.

     

    regards

    ben



  • 9.  RE: pool-98-118-82-145.bstnma.fios.verizon.net / ams config appearing in instant-config after upgrading

    Posted Jan 31, 2017 01:39 PM

    so, any further ideas regarding tech-support file ?