Network Management

Reply
Highlighted
Contributor II

Clear AMP swarm old entries?

Hi All,

I have problem with Airwave. In my setup I use 3 clusters that were once added to Airwave, then removed, groups deleted.

 

Now, when I want do add these 3 clusters to Airwave I get this behavior:

- only 1 cluster is detected in New Devices

- but ALL 3 clusters IAPs appear in amp logs with "PSK based authentication: swarm is not approved in Airwave."

 

I suspect, problem is caused by some old entries in amp DBs. How to view and delete them?

I don't use whitelists, allow all option is enabled.

All network communication between amp and clusters is opened.

I don't want to start from scratch (have some WLCs that I want to stay in amp).

 

Please advice what am I doing wrong?

 


Accepted Solutions
Highlighted
MVP Expert

Re: Clear AMP swarm old entries?

Hi,

Can you try edit the Virtual controller key of VC and check the status

 

1) # show running | include virtual

2) copy the virtual-controller key

3) # conf t

4) type in virtual-controller-key and paste the copied kay

5) change th last 2 digit of the key

6) # commit apply.

 

 


Pavan Arshewar | ACCP

If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post


All Replies
Contributor II

Re: Clear AMP swarm old entries?

Attaching VC logs:

# show log ap-debug

01:14:30  awc[2495]: awc_login: awc_init
01:14:30  awc[2495]: awc_init_connection: 2233: connecting to <AMP-ip>:443
01:14:30  awc[2495]: tcp_connect: 168: recv timeout set to 5
01:14:30  awc[2495]: tcp_connect: 175: send timeout set to 5
01:14:30  awc[2495]: awc_init_connection: 2275: connected to <AMP-ip>:443
01:14:30  awc[2495]: awc_init_connection: 2416: Connected
01:14:30  awc[2495]: Sent header(len=311) 'POST /swarm HTTP/1.1^M Host: <AMP-ip>^M Content-Length: 0^M X-Type: login^M X-Guid: 37063276017716a872c7c438ce591959577a90f13d7fc40db9^M X-Name: CLUSTER-vc^M X-Organization: ^M X-Shared-Secret: ************^M X-OEM-Tag: Aruba^M X-Accept-Authentication: PSK,CERT^M X-Ap-Info: <serial>, <iap-mac>, AP-207^M ^M '
01:14:30  awc[2495]: Message over SSL from <AMP-ip>, SSL_read() returned 157, errstr=Success, Message is "HTTP/1.1 401 Unauthorized^M Server: nginx^M Date: Wed, 12 Sep 2018 09:58:50 GMT^M Content-Length: 0^M Connection: keep-alive^M X-XSS-Protection: 1; mode=block^M ^M ", AWC response: (null)
01:14:30  awc[2495]: disconnected from airwave <AMP-ip>

 

# show log provision

Provisioning Log
----------------
Time                      State    Type         Log Message
----                      -----    ----         -----------
Fri Jan  2 01:08:22 1970  Airwave  Debug        Logging out of AMP server primary
Fri Jan  2 01:09:23 1970  Airwave  In progress  Connecting to primary AMP server at <AMP-ip>...
Fri Jan  2 01:09:23 1970  Airwave  In progress  Connected with primary AMP server <AMP-ip>, logging in...
Fri Jan  2 01:10:25 1970  Airwave  Debug        Logging out of AMP server primary
Fri Jan  2 01:10:25 1970  Airwave  Failed       Login aborted due to incomplete response from primary AMP server
Fri Jan  2 01:11:26 1970  Airwave  In progress  Connecting to primary AMP server at <AMP-ip>...
Fri Jan  2 01:11:26 1970  Airwave  In progress  Connected with primary AMP server <AMP-ip>, logging in...
Fri Jan  2 01:12:28 1970  Airwave  Debug        Logging out of AMP server primary

 

# show ap debug airwave

Airwave Server List
-------------------
Domain/IP Address  Type     Mode  Config-only  Status
-----------------  ----     ----  -----------  ------

<AMP-ip>     Primary  -     -            Not connected

Highlighted
MVP Expert

Re: Clear AMP swarm old entries?

Hi,

Can you try edit the Virtual controller key of VC and check the status

 

1) # show running | include virtual

2) copy the virtual-controller key

3) # conf t

4) type in virtual-controller-key and paste the copied kay

5) change th last 2 digit of the key

6) # commit apply.

 

 


Pavan Arshewar | ACCP

If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post

Highlighted
Contributor II

Re: Clear AMP swarm old entries?

Yes, comapring log output for other clusters, it appeard that virtual-controller-key is the same on all VCs. I had to modify virtual-controller-key on every cluster. For some reason, Airwave has configured same key value on every cluster's VC, while those IAPs have never worked in same cluster.

Gladly I had only 3 to change, any way to deal with let's say 250 VCs?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: