I'm not really sure if this belongs in the Airwave section or the Controllers section, so I'll try here first because Airwave is where I'm seeing the messages.
I'm getting SNMP/IDS Messages for specific traps I'd like to disable. Specifically, notifications of Clients associating to Rogue APs. While in some areas this is very useful, for my environment it just causes headaches. We're a university that is surrounded by a lot of Apartment buildings to one side of our campus, and I'd like to disable this to clear out my Airwave RAPIDS logs. Can someone direct me to where this is listed so I can disable these messages, and possibly other messages of this nature. I can't seem to find this. Thanks in advance.
I apologize, I guess I haven't had enough coffee this morning, but I finally found it. For those that also want to do this, its located on the Controller. I had to access Configuration -> All Profiles. Then look at the IDS -> IDS Unauthorized Device Profile and remove the checkbox for Detect Station Association to Rogue AP. I believe this will solve my problem. I'm going to give it a while to propagate information.
Thanks to anyone who decided to read this.
You have two choices:
1 - Disable the Specific trap generation on the Aruba Controller, OR
2 - Uncheck the IDS option on the controller
To do #1, I looked at the document here: http://support.arubanetworks.com/DOCUMENTATION/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=5719 to see what trap is being generated. Based on your email it looks like the trap wlsxStaAssociatedToUnsecureAP. I would then do this:
ruba3600) (config) #snmp-server trap disable ?
<name> trap name. A list of valid names can be found using
the command show snmp trap-list
(Aruba3600) (config) #snmp-server trap disable wlsxStaAssociatedToUnsecureAP
You would have to do this on each individual controller.
2. You could then uncheck this parameter, in the IDS Unauthorized Device profile of each AP-Group that you want to apply this to. If every AP uses this profile, you would deal with your issue globally without having to disable traps for each controller:
Thanks! Disabling globally was easiest for me as I'm using the default profle. Thanks for the additional information on the CLI.
To check the trap status on the controller:
> show snmp trap-list
To disable the SNMP traps you don't want to see:
# conf t
# snmp-server trap disable (trap_name)
# snmp-server trap disable (trap_name_2)
# write mem
To enable a trap:
# snmp-server trap enable (trap_name)
# snmp-server trap enable (trap_name_2)
*Note: when enabling/disabling traps, it's 1 trap per entry line, there's no easy way to perform this in bulk. I usually write the list out in notepad (without #s) and then copy / paste into SSH/telnet command line.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.