Wireless Access

last person joined: 14 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Trouble Getting Started

This thread has been viewed 0 times

  • 1.  Trouble Getting Started

    Posted Nov 03, 2011 01:24 PM
    We just got an AirWave appliance, and I'm working on getting it set up. We already have an existing Aruba network set up with 1 5000 master controller, 2 6000 local controllers, and 136 APs.

    I've gotten AMP to see my controllers and APs, but almost everything shows up as having a mismatched configuration. I've been going over the user guide and BBP for AirWave, but I'm having trouble getting the network elements 'baselined' I saw that I can audit the controllers. So on the 5000 I looked at the audit, which showed that every setting on the existing configuration does not match AMP. So I imported the config differences into AMP. Now the 5000 shows up as 'good'. So I did the same with one of the 6000s. But once it gets updated so that the 6000 config is 'good', the 5000 goes back to mismatched.

    Does anyone have an easy method for getting set up? Once the configurations are good, do you use AMP to make configuration changes? Or do you make them on the Master, then import the changes in AMP?

    The docs have not seemed too helpful in getting set up out of the gate...


  • 2.  RE: Trouble Getting Started

    Posted Nov 03, 2011 04:49 PM
    This is just me, but I strictly use AMP for monitoring only. I don't use it for configuration management and I turn device auditing off.


  • 3.  RE: Trouble Getting Started

    EMPLOYEE
    Posted Nov 03, 2011 05:30 PM
    I do the same. I'm a CLI madman!


  • 4.  RE: Trouble Getting Started

    Posted Nov 04, 2011 07:51 AM
    We have auditing turned on and use it to push out config to our controllers. To get you started, your master and all its locals should be in the same AMP Group. In the AMP group, you define what ap-groups, ap-names, as well as any user-roles/policies that are not tied to aaa-profiles, should be on that controller cluster. You importing the master's config into AMP is the right thing to do, and should hopefully result in a 'Good' state. Since the locals get their config from the master, they, too, should be in a 'Good' state. However, if they are not, do NOT import their configuration right away, as that could cause the mismatched state you describe.

    You need to look at the mismatches on the local and see what is causing it. It could likely be some local configuration applied on the local controller that Airwave simply does not know about. For example, some of my local controllers have a bandwidth contract applied on a vlan interface. This is not on the master, so I had to ensure it was added under that local controller's "Manage" page.

    I hope this helps. If not, you can always run the configuration audit report, export as PDF, and post it for assistance.

    The configuration auditing is great, and 7.4 will be even better allowing for you to maintain your network in a "monitoring-only" mode while still allowing for schedule-able one-time pushes of configuration.

    It's quite powerful, and I'm puzzled why it is not used more often. I, too, am a "CLI guy", but with a network as large as ours, I can't imagine not having Airwave . . . it's basically servicing us as a 3rd full time employee. :-)


  • 5.  RE: Trouble Getting Started

    EMPLOYEE
    Posted Nov 04, 2011 10:19 AM
    Ryan,
    With a network your size, I too can't imagine having to manage all those controllers without Airwave. Aren't you over 10,000 APs now?

    Zach


  • 6.  RE: Trouble Getting Started

    Posted Nov 21, 2011 04:28 PM
    No, Zach. We have ~6K right now.


  • 7.  RE: Trouble Getting Started

    EMPLOYEE
    Posted Nov 21, 2011 04:31 PM
    @Ryan wrote:
    No, Zach. We have ~6K right now.

    My bad. That's still 10x what I have.



  • 8.  RE: Trouble Getting Started

    Posted Nov 22, 2011 04:27 PM

    It's not the size of the network, Zach. It's how you use it.



  • 9.  RE: Trouble Getting Started

    Posted Nov 07, 2011 10:14 AM
    Sounds good to me. I 'ignored' the mismatches, although I only had to do that to my 2 locals; the master and all APs report as having 'good' configs.

    Can I get a few use cases from folks? What all are you doing with your AirWaves? Give me a quick description of what you do when you log in.

    I see a bunch of users with the 'logon' role sitting on the network with IP addresses of 0.0.0.0. I assume these are devices that are configured for our network, but are just sitting there not really logging on. This causes an inaccurate picture of network usage. Is there a way to get these out of AirWave's user table?

    Another question: I've heard there's a way to see if a rogue AP is on physically connected to your LAN. It will report the LAN IP address of the AP if it has it. What do you need to get into Aruba/AirWave to make this happen? I assume it has to have visibility into the LAN, but I'm not sure exactly what's to be done to make this happen.

    Thank God for these forums!


  • 10.  RE: Trouble Getting Started

    Posted Nov 16, 2011 10:43 PM
    @jp.briggs wrote:


    Another question: I've heard there's a way to see if a rogue AP is on physically connected to your LAN. It will report the LAN IP address of the AP if it has it. What do you need to get into Aruba/AirWave to make this happen? I assume it has to have visibility into the LAN, but I'm not sure exactly what's to be done to make this happen.

    In order to see a rouge device in the air and on the wire, there must be an AP on the same L2 as the rouge device.  This happens in the controller first then AMP will recognize the data and report as well. 

     

    So, to test it, take another AP and plug it in on the same L2 as an AP.  You should be able to see it listed (in Airwave) with higher confidence and it will say detected in air and on wire.

     

    Hope that helps...