Network Management

last person joined: yesterday 

Keep an informative eye on your network with HPE Aruba Networking network management solutions
Back to discussions
Expand all | Collapse all

Airwave-Aruba Firewall tab

This thread has been viewed 1 times

  • 1.  Airwave-Aruba Firewall tab

    Posted Aug 05, 2013 08:48 PM

    Upgraded to Airwave 7.7.2, so far so good.  One thing I noticed (and have a case open about it) is that the firewll tab in Airwave does not resolve destination IP addresses or services, like it does in the Aruba controller web gui.  I did read on the pdf for Aruba-Airwave best practices that this might happen, the question is, is there a way to fix it?  I do like seeing the App names (youtube, facebook, etc) or destination names (cnn.com, etc) in the firewall tab of the Aruba controllers, so it would be great if Airwave would also reflect that too.  Looks like 7.7.3 just came out, so maybe this version fixes this?  Waiting for a reply ffrom TAC, but figured one of you guys might already know the answer.. :smileyhappy:

    Thanks!

     

    Marcelo Lew

    Wireless Network Architect & Engineer

    University Technology Services

    University of Denver

    Desk: (303) 871-6523

    Cell: (303) 669-4217

    Fax:  (303) 871-5900

    Email: mlew@du.edu



  • 2.  RE: Airwave-Aruba Firewall tab

    EMPLOYEE
    Posted Aug 05, 2013 09:18 PM
    The firewall tab relies on the controller to translate values. There's a dependency that the controller must have PEFNG license, controller also needs to point AMON messages to AirWave, and AirWave needs to have AMON data collection enabled. If all these requirements are met, then you should be good to go. I'll double check to see if there were any other issues.


  • 3.  RE: Airwave-Aruba Firewall tab

    Posted Aug 08, 2013 02:07 AM

    AirWave receives this message from the controller via AMON, in addition the ExecUIquery  performs to resolve the IP addresses, requires an authenticated controller user with the appropriate CLI credentials. See the logs in the /var/log/exec_ui_query for the particular controller.

     

    error => 'could not parse xml: File does not exist: Not logged on.

     at /opt/airwave/local/lib/perl5/site_perl/5.10.0/XML/Simple.pm line 940

        XML:imple::find_xml_file(\'XML:imple=HASH(0x7fbe42ce6140)\', \'Not logged on.\\x{a}\') called at /opt/airwave/local/lib/perl5/site_perl/5.10.0/XML/Simple.pm line 215

     

    Means credentials are either incorrect or not have access to the controller

     

    Please make sure, you have given the telnet/ssh credential correctly to the Manage page of the Controller in the Airwave. Then disable and enable the firewall again in the Airwave.

     

    All being well, you will get the resolved IP address in the both destination and applications



  • 4.  RE: Airwave-Aruba Firewall tab

    Posted Aug 12, 2013 09:53 AM

    I had the same problem where Airwave didnt track HTTP or HTTPS trafic at all.

    With TAC, we found out that Audit Configuration for both Controllers and AP must be enable for those groups in Airwave

     

    And as schandrasekaran said, Airwave need access to the controller on CLI level