Network Management

Reply
Contributor II

Clear AMP swarm old entries?

Hi All,

I have problem with Airwave. In my setup I use 3 clusters that were once added to Airwave, then removed, groups deleted.

 

Now, when I want do add these 3 clusters to Airwave I get this behavior:

- only 1 cluster is detected in New Devices

- but ALL 3 clusters IAPs appear in amp logs with "PSK based authentication: swarm is not approved in Airwave."

 

I suspect, problem is caused by some old entries in amp DBs. How to view and delete them?

I don't use whitelists, allow all option is enabled.

All network communication between amp and clusters is opened.

I don't want to start from scratch (have some WLCs that I want to stay in amp).

 

Please advice what am I doing wrong?

 

Contributor II

Re: Clear AMP swarm old entries?

Attaching VC logs:

# show log ap-debug

01:14:30  awc[2495]: awc_login: awc_init
01:14:30  awc[2495]: awc_init_connection: 2233: connecting to <AMP-ip>:443
01:14:30  awc[2495]: tcp_connect: 168: recv timeout set to 5
01:14:30  awc[2495]: tcp_connect: 175: send timeout set to 5
01:14:30  awc[2495]: awc_init_connection: 2275: connected to <AMP-ip>:443
01:14:30  awc[2495]: awc_init_connection: 2416: Connected
01:14:30  awc[2495]: Sent header(len=311) 'POST /swarm HTTP/1.1^M Host: <AMP-ip>^M Content-Length: 0^M X-Type: login^M X-Guid: 37063276017716a872c7c438ce591959577a90f13d7fc40db9^M X-Name: CLUSTER-vc^M X-Organization: ^M X-Shared-Secret: ************^M X-OEM-Tag: Aruba^M X-Accept-Authentication: PSK,CERT^M X-Ap-Info: <serial>, <iap-mac>, AP-207^M ^M '
01:14:30  awc[2495]: Message over SSL from <AMP-ip>, SSL_read() returned 157, errstr=Success, Message is "HTTP/1.1 401 Unauthorized^M Server: nginx^M Date: Wed, 12 Sep 2018 09:58:50 GMT^M Content-Length: 0^M Connection: keep-alive^M X-XSS-Protection: 1; mode=block^M ^M ", AWC response: (null)
01:14:30  awc[2495]: disconnected from airwave <AMP-ip>

 

# show log provision

Provisioning Log
----------------
Time                      State    Type         Log Message
----                      -----    ----         -----------
Fri Jan  2 01:08:22 1970  Airwave  Debug        Logging out of AMP server primary
Fri Jan  2 01:09:23 1970  Airwave  In progress  Connecting to primary AMP server at <AMP-ip>...
Fri Jan  2 01:09:23 1970  Airwave  In progress  Connected with primary AMP server <AMP-ip>, logging in...
Fri Jan  2 01:10:25 1970  Airwave  Debug        Logging out of AMP server primary
Fri Jan  2 01:10:25 1970  Airwave  Failed       Login aborted due to incomplete response from primary AMP server
Fri Jan  2 01:11:26 1970  Airwave  In progress  Connecting to primary AMP server at <AMP-ip>...
Fri Jan  2 01:11:26 1970  Airwave  In progress  Connected with primary AMP server <AMP-ip>, logging in...
Fri Jan  2 01:12:28 1970  Airwave  Debug        Logging out of AMP server primary

 

# show ap debug airwave

Airwave Server List
-------------------
Domain/IP Address  Type     Mode  Config-only  Status
-----------------  ----     ----  -----------  ------

<AMP-ip>     Primary  -     -            Not connected

MVP Guru

Re: Clear AMP swarm old entries?

Hi,

Can you try edit the Virtual controller key of VC and check the status

 

1) # show running | include virtual

2) copy the virtual-controller key

3) # conf t

4) type in virtual-controller-key and paste the copied kay

5) change th last 2 digit of the key

6) # commit apply.

 

 

Regards,
Pavan
If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Highlighted
Contributor II

Re: Clear AMP swarm old entries?

Yes, comapring log output for other clusters, it appeard that virtual-controller-key is the same on all VCs. I had to modify virtual-controller-key on every cluster. For some reason, Airwave has configured same key value on every cluster's VC, while those IAPs have never worked in same cluster.

Gladly I had only 3 to change, any way to deal with let's say 250 VCs?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: