Dell PowerConnect WAirWave 7.
Copyright © 2012 Aruba Networks, Inc. Aruba Networks trademarks include , Aruba Networks®, Aruba Wireless Networks®, the registered Aruba the Mobile Edge Company logo, and Aruba Mobility Management System®. Dell™, the DELL™ logo, and PowerConnect™ are trademarks of Dell Inc. All rights reserved. Specifications in this manual are subject to change without notice. Originated in the USA. All other trademarks are the property of their respective owners.
Contents Chapter 1 Introduction .......................................................................................................................... 1 A Unified Wireless Network Command Center ............................................................................. 1 AirWave Management Platform .............................................................................................. 1 Dell PowerConnect W Configuration ........................................................................
Available Widgets .................................................................................................................... 24 Customized Search .......................................................................................................................... 26 Setting Severe Alert Warning Behavior ....................................................................................... 27 Defining General AirWave Server Settings ............................................................
Primary or Secondary WDS ........................................................................................... 59 Configuring ACS for WDS Authentication............................................................................ 59 Configuring Cisco WLSE Rogue Scanning ........................................................................... 59 Configuring ACS Servers.................................................................................................................
Manually Adding Individual Devices................................................................................... 112 Adding Devices with the Device Setup > Add Page ................................................ 113 Adding Multiple Devices from a CSV File................................................................... 115 Adding Universal Devices............................................................................................. 117 Assigning Devices to the Ignored Page ..................
Applying Startup-config Files ............................................................................................... 166 WDS Settings in Templates .................................................................................................. 166 SCP Required Settings in Templates................................................................................... 167 Supporting Multiple Radio Types via a Single IOS Template..........................................
Supporting Guest WLAN Users With the Clients > Guest Users Page ......................... 207 Supporting VPN Users with the Clients > VPN Sessions Page ...................................... 209 Supporting RFID Tags With the Clients > Tags Page ....................................................... 209 Evaluating and Diagnosing User Status and Issues................................................................. 210 Evaluating User Status with the Clients > Client Detail Page ............................
Using the New Rogue Devices Report................................................................................ 248 Using the New Users Report ................................................................................................ 250 Using the PCI Compliance Report........................................................................................ 251 Using the Port Usage Report ................................................................................................
Creating a New Building in a Campus ................................................................................ 293 Importing a Floor Plan............................................................................................................ 295 Editing a Floor Plan Image .................................................................................................... 296 Cropping the Floor Plan Image.....................................................................................
Other Available Features............................................................................................................... 317 Firmware Image Management............................................................................................. 317 Intrusion Detection System .................................................................................................. 317 Known Issues of the Dell PowerConnect-W Instant Integration with AirWave.................. 317 Index..................
xii | Dell PowerConnect W-AirWave 7.
Chapter 1 Introduction Thank you for choosing Dell PowerConnect W-AirWave. AirWave makes it easy and efficient to manage your wireless network by combining industry-leading functionality with an intuitive user interface, enabling network administrators and helpdesk staff to support and control even the largest wireless networks in the world. The User Guide provides instructions for the installation, configuration, and operation of AirWave.
Configuration of APs & controllers Automated compliance audits Firmware distribution Monitoring of every device and user connected to the network Real-time and historical trend reports Granular administrative access Role-based (for example, Administrator contrasted with Help Desk) Network segment (for example, “Retail Store” network contrasted with “Corporate HQ” network) Flexible device support Thin, thick, mesh network architecture Multi-vendor support Current
Wireless detection: Uses authorized wireless APs to report other devices within range. Calculates and displays rogue location on VisualRF map. Wired network detection: Discovers rogue APs located beyond the range of authorized APs/sensors. Queries routers and switches. Ranks devices according to the likelihood they are rogues. Multiple tests to eliminate false positive results. Provides rogue discovery that identifies the switch and port to which a rogue device is connected.
Table 1 Components of a WLAN Component Description RADIUS Accounting AirWave itself serves as a RADIUS accounting client Wireless Gateways Provide HTML redirect and/or wireless VPNs TACACS+ and LDAP Used to authenticate AirWave administrative users Routers/Switches Provide AirWave with data for user information and AP and Rogue discovery Help Desk Systems Remedy EPICOR Rogue APs Unauthorized APs not registered in the AirWave database of managed APs Administrative Roles The flexibility of AirWa
Chapter 2 Installing and Getting Started This chapter contains information and procedures for installing and launching AirWave and includes the following topics: “Hardware Requirements and Installation Media” on page 5 “Supported Browsers” on page 5 “Installing Linux CentOS 6.
Installing Linux CentOS 6.2 (Phase 1) Perform the following steps to install the Linux CentOS 6.2 operating system. The Linux installation is a prerequisite to installing AirWave on the network management system. CAUTION: This procedure erases the hard drive(s) on the server. 1. Insert the AirWave installation CD-ROM into the drive and boot the server. 2. Type install and press Enter To configure the partitions manually, type manual and press Enter. Figure 1 AirWave Installation 3.
Current Time: Fri Nov 21 09:18:12 PST 2008 1) Change Date and Time 2) Change Time Zone 0) Finish Ensure that you enter the accurate date and time during this process. Errors will arise later in the installation if the specified date varies significantly from the actual date, especially if the specified date is in the future and it is fixed later. Best practices is to configure NTPD to gradually adjust your clock to the correct time. 1. Select 1 to set the date and select 2 to set the time zone.
Step 5: Assigning an IP Address to the AirWave System While the AirWave primary network interface accepts a DHCP address initially during installation, AirWave does not function when launched unless a static IP is assigned. Complete these tasks to assign the static IP address. The following message appears: STEP 5: Assigning AMP's address AMP must be configured with a static IP. --------------- Primary Network Interface Configuration ------------1) IP Address : xxx.xxx.xxx.xxx 2) Netmask : xxx.xxx.xxx.
STEP 8: Changing default root password. It is strongly recommended that you change the default 'root' password. Please use a password that you consider to be safe, secore, and memorabl. Changing password for user root. New Password: Enter the new root password and press Enter. The Linux root password is similar to a Windows administrator password. The root user is a super user who has full access to all commands and directories on the computer.
Table 2 AirWave Protocol and Port Chart (Continued) Port Type Protocol Description Direction Device Type 22 TCP SSH Configure devices > APs or controllers 22 TCP SSH Configure AMP from CLI < Laptop or workstation 22 TCP VTUN Support connection (optional) > Dell support home office 22 TCP SCP Transfer configuration files or FW < APs or controllers 23 TCP Telnet Configure devices > APs or controllers 23 TCP VTUN Support connection (Optional) > Dell support home office 25
Activity Section The AirWave pages also contain Help links that opens a PDF of the AirWave User Guide. Status Section The Status section is a snapshot view of overall WLAN performance and provides direct links for immediate access to key system components. You can customize the contents of the Status section on the Home > User Info page. Refer to “Configuring Your Own User Information with the Home > User Info Page” on page 220. The table below describes these elements in further detail.
Table 3 Status Section/Top Header Components of the AirWave GUI (Continued) Field Description Severe Alert Threshold The Severe Alert Threshold determines the severity level that results in a Severe Alert. Specify either Normal, Warning, Minor, Major, or Critical as the severity alert threshold value. These threshold values are tied to triggers that are created on the System > Triggers page.
Table 4 Components and Subtabs of AirWave Navigation (Continued) Main Tab Description Subtabs Groups The Groups pages provide information on the logical “groups” of devices that have been established for efficient monitoring and configuration. For additional information, see Chapter 4, “Configuring and Using Device Groups” on page 67. Some of the focused subtabs will not appear for all groups. Focused subtabs are visible based on the device type field on the Groups > Basic page.
Table 4 Components and Subtabs of AirWave Navigation (Continued) Main Tab Description Subtabs System The System page provides information about AirWave operation and administration, including overall system status, the job scheduler, trigger/ alert administration, and so forth. For additional information, refer to “Monitoring and Supporting AirWave with the System Pages” on page 189.
Figure 3 Activity section of the Home>Overview Page Help Links in the UI The Help link is available on every page within AirWave. When selected, this launches the AirWave User Guide PDF file. NOTE: Adobe Reader must be installed in order to view the PDF help file. Common List Settings All of the lists in AirWave have some common options. All lists are paginated with a configurable number of items per page.
Buttons and Icons Standard buttons and icons are used throughout AirWave as follows: Table 5 Standard Buttons and Icons of the AirWave User Page Function Imagea Description Acknowledge Acknowledges and clears an AMP alert. Add Adds the object to both AMP’s database and the onscreen display list. Add Folder Adds a new folder to hierarchically organize APs. Alert Indicates an alert. Apply Applies all “saved” configuration changes to devices on the WLAN.
Table 5 Standard Buttons and Icons of the AirWave User Page (Continued) Function Imagea Description Print Prints the report. Reboot Reboots devices or AMP. Refresh Refreshes the display of interactive graphs when settings have changed. Relate Relates an AP, Group or Client to a Helpdesk incident. Replace Hardware Confers configuration and history of one AP to a replacement device. Revert Returns all configurable data on the screen to its original status.
Use your browser to navigate to the static IP address assigned to the internal page of the AMP, as shown in Figure 5. Enter the User Name and Password as admin/admin for your initial login, and then select Log In. Figure 5 AirWave Login Form If desired, you can set one of the available languages for your login. AirWave will remember your selected language until you log out and select another. You must log out in order to select a different language.
Chapter 3 Configuring AirWave This chapter contains the following procedures to deploy initial AirWave configuration: “Formatting the Top Header” on page 19 “Customizing Columns in Lists” on page 20 “Resetting Pagination Records” on page 21 “Using the Pagination Widget” on page 22 “Using Export CSV for Lists and Reports” on page 22 “Defining Graph Display Preferences” on page 22 “Customizing the Dashboard” on page 23 “Setting Severe Alert Warning Behavior” on page 27 “Def
Figure 6 Navigation Bar Displaying Down Device Statistics You can control the Top Header Stats links that appear from the AMP Setup > General page, as described in “Defining General AirWave Server Settings” on page 27. Top Header Stats can also be customized for individual users on the Home > User Info page. There you can select the statistics to display for certain device types and override the AMP Setup page.
Figure 8 Choose Columns Dropdown List For more information on the universal list elements, see “Common List Settings” on page 15. You can also control which column heads appear for each user role by selecting Yes in the Customize Header Columns field in Home > User Info, as also appears in Figure 7. This exposes the Choose Columns for Roles dropdown menu in all tables shown in Figure 9. The first column shows the user roles that were customized, if any.
Using the Pagination Widget The pagination widget is located at the top and bottom of every list table, as shown in Figure 12. Figure 12 Pagination Widget Use the down arrow next to Page 1 to see all the page numbers for that table in a dropdown menu. From here, you can jump to any portion of the table. Select the > symbol to jump to the next page, and >| to jump to the last page. Using Export CSV for Lists and Reports Some tables have a Export CSV setting you can use export the data as a spreadsheet.
Deselect checkboxes to change the data displayed on each graph. The button with green arrows refreshes data on the graph. The Show All link displays all of the available checkboxes supporting the Flash graphs. Once a change to the slider bars has been made, the same change can be applied to all other Flash graphs on that page with a Set time range button ( ). NOTE: A non-Flash version of the AirWave user page is available if desired.
across two or more lines and turns red if you attempt to place it over gridlines already occupied by widgets. Widgets with a green top banner are properly placed and set to appear when you select Save. Widgets that remain in the left section will not appear; although they can be reinstated by selecting Restore Defaults. Available Widgets Table 6 describes the list of available widgets along with a description for each.
Table 6 Available Widgets Widget Description RAPIDS: Classification Summary The RAPIDS: Classification Summary table shows the number of devices classified as Valid, Suspected Valid, Neighbor, Suspected Neighbor, Suspected Rogue, Rogue, and Unclassified that are attached to AirWave. In addition, contained rogue information will appear if Manage rogue AP containment is set to Yes on the RAPIDS > Setup page. The RAPIDS information appears from the moment a rogue is discovered until it is deleted.
Table 6 Available Widgets Widget Description Clients By AOS Device Type This pie chart shows the percentage of clients that have attached to AirWave over the last 24 hours based on the AOS device type. Clients By Device Type This pie chart shows the percentage of clients that have attached to AirWave over the last 24 hours based on the device type (such as a specific operating system or smart phone type).
Setting Severe Alert Warning Behavior You can control the alert levels you can see on the the Alerts top header stats link from the Home > User Info page. The Severe Alert Threshold determines the severity level that results in a Severe Alert. Specify either Normal, Warning, Minor, Major, or Critical as the severity alert threshold value. These threshold values are tied to triggers that are created on the System > Triggers page.
Figure 19 AMP Setup > General Page Illustration (Partial View) General Settings Browse to the AMP Setup > General page, locate the General section, and enter the information described in Table 7: Table 7 AMP Setup > General > General Section Fields and Default Values Setting Default System Name Description Defines your name for your AirWave server, with a maximum limit of 20 alphanumeric characters.
Table 7 AMP Setup > General > General Section Fields and Default Values (Continued) Setting Default Description Nightly Maintenance Time (00:00 - 23:59) 04:15 Specifies the local time of day AirWave should perform daily maintenance. During maintenance, AirWave cleans the database, performs backups, and completes a few other housekeeping tasks. Such processes should not be performed during peak hours of demand.
Home Overview Settings On the AMP Setup > General page, locate the Home Overview Preferences section. Table 9 describes the settings and default values in this section. Table 9 AMP Setup > General > Home Overview Preferences Fields and Default Values Setting Default Description Configure Channel Busy Threshold Yes Whether you want to configure the threshold at which a channel is considered to be busy at the Top Folders By Radio Channel Usage Overview widget.
Device Configuration Settings Locate the Device Configuration section and adjust the settings. Table 11 describes the settings and default values of this section. Table 11 AMP Setup > General > Device Configuration Section Fields and Default Values Setting Default Description Guest User Configuration Disabled Enables or prevents guest users to/from pushing configurations to devices. Options are Disabled (default), Enabled for Devices in Manage (Read/Write), Enabled for all Devices.
External Logging Settings Locate the External Logging section and adjust settings to send audit and system events to an external syslog server. Table 13 describes these settings and default values. You can also send a test message using the Send Test Message button after enabling any of the logging options. Table 13 AMP Setup > General > External Logging Section Fields and Default Values Setting Default Description Syslog Server N/A Enter the IP address of the syslog server.
Table 14 AMP Setup > General > Historical Data Retention Fields and Default Values (Continued) Setting Default Description Radius/ARM/IDS Events (0-550 days, zero disables) 14 Defines the number of days AirWave retains information about RADIUS, ARM, and IDS events. Setting this value to 0 disables this function, and the information will never expire or be deleted from the database.
Table 15 AMP Setup > General > Firmware Upgrade Defaults Fields and Default Values (Continued) Setting Default Description Maximum Interleaved Jobs (1-20) 20 Defines the number of jobs AirWave runs at the same time. A job can include multiple APs. When jobs are started by multiple users, AirWave will interleave upgrades so that one user's job does not completely block another’s.
Enterprise installations. Please contact Dell support at support.dell.com if you think you might need to change any of these settings. Table 17 describes the settings and default values of this section. Table 17 AMP Setup > General > Performance Fields and Default Values Setting Default Description Monitoring Processes (1-16) Based on the number of cores for your server Optional setting configures the throughput of monitoring data.
Figure 20 AMP Setup > Network Page Illustration Specify the network configuration options described in the sections that follow to define the AirWave network settings. Select Save when you have completed all changes on the AMP Setup > Network page, or select Revert to return to the last settings. Save restarts any affected services and may temporarily disrupt your network connection. Primary Network Interface Settings Locate the Primary Network Interface section.
Network Time Protocol (NTP) Settings On the AMP Setup > Network page, locate the Network Time Protocol (NTP) section. The Network Time Protocol is used to synchronize the time between AirWave and your network’s NTP server. NTP servers synchronize with external reference time sources, such as satellites, radios, or modems. NOTE: Specifying NTP servers is optional. NTP servers synchronize the time on the AirWave server, not on individual access points.
User Roles and VisualRF VisualRF ses the same user roles as defined for AirWave—users can see floor plans that contain an AP to which they have access in AirWave, although only visible APs appear on the floor plan. VisualRF users can also see any building that contains a visible floor plan and any campus that contains a visible building. NOTE: In VisualRF > Setup > Server Settings, a new flag added in AirWave 7.
3. Enter or edit the settings on this page. As explained earlier in this section, Roles define the type of user-level access, the user-level privileges, and the view available to the user for device groups and devices in AirWave. The available configuration options differ for each role type. NOTE: Most users will see two sections on this page: Role and Guest User Preferences. The Guest User Preferences section will not appear, however, if Guest User Configuration is disabled in AMP Setup > General.
Table 22 AMP Setup > Roles > Add/Edit Roles Fields and Default Values for AP/Device Manager Role (Continued) Setting Default Description Top Folder None Defines the highest viewable folder for the role. The role is able to view all devices and groups contained by the specified top folder. The top folder and its subfolders must contain all of the devices in any of the groups it can view.
Table 22 AMP Setup > Roles > Add/Edit Roles Fields and Default Values for AP/Device Manager Role (Continued) Setting Default Description Custom Message none A custom message can also be included. . Table 23 AMP Setup > Roles > Add/Edit Roles Fields and Default Values for Guest Access Sponsor Role Setting Default Description Name None Sets the administrator-definable string that names the role.
Each general user that you add must have a user name, a password, and a role. Use unique and meaningful user names as they are recorded in the log files when you or other users make changes in AirWave. NOTE: Username and password are not required if you configure AirWave to use RADIUS, TACACS, or LDAP authentication. You do not need to add individual users to the AirWave server if you use RADIUS, TACACS, or LDAP authentication.
3. Enter or edit the settings on this page. Table 24 describes these settings in additional detail. Table 24 AMP Setup > Users > Add/Edit User Fields and Default Values Setting Default Description Username None Sets the username as an alphanumeric string. The Username is used when logging in to AirWave and appears in AirWave log files. Role None Specifies the user’s Role, which defines the Top viewable folder as well as the type and access level of the user specified in the previous field.
Configuring LDAP Authentication and Authorization Setting Up Login Configuration Options Administrators can optionally configure AirWave’s user idle timeout or a message-of-the-day that appears when a user first logs in, as shown in Figure 25: Figure 25 Login configuration field and results in AirWave Login page 1. Go to AMP Setup > Authentication. 2.
If Local is selected, then remote will be attempted if a user is not available. If Remote is selected, then the local database is searched if remote authentication fails. The order of remote authentication is RADIUS first, followed by TACACS, and finally LDAP. Select Save if you are finished or follow the next procedure to configure RADIUS, TACACS+, and LDAP Authentication options.
Integrating a RADIUS Accounting Server NOTE: AirWave checks the local username and password before checking with the RADIUS server. If the user is found locally, the local password and role apply. When using RADIUS, it’s not necessary or recommended to define users on the AirWave server. The only recommended user is the backup admin, in case the RADIUS server goes down. Optionally, you can configure RADIUS server accounting on AMP Setup > RADIUS Accounting.
Figure 29 AMP Setup > Authentication Page Illustration for TACACS+ 2. Select No to disable or Yes to enable TACACS+ authentication. If you select Yes, several new fields appear. Complete the fields described in Table 28. Table 28 AMP Setup > Authentication Fields and Default Values for TACACS+ Authentication Field Default Description Primary Server Hostname/IP Address N/A Enter the IP address or the hostname of the primary TACACS+ server.
6. AMP also needs to be configured as an AAA client. On the Network Configuration page, select Add Entry. Enter the IP address of AirWave as the AAA Client IP Address. The secret should be the same value that was entered on the AMP Setup > TACACS+ page. 7. Select TACACS+ (Cisco IOS) in the Authenticate Using drop down menu and select submit + restart. NOTE: AirWave checks the local username and password store before checking with the TACACS+ server.
Table 29 AMP Setup > Authentication Fields and Default Values for LDAP Authentication (Continued) Field Default Description Primary Server Port (165535) 389 Enter the port where the LDAP server is listening. The default port is 389. Secondary Server Hostname/IP Address none Optionally enter the IP address or hostname of the secondary LDAP server. This server will be contacted in the event that the primary LDAP server is not reachable.
Enabling AirWave to Manage Your Devices Once AirWave is installed and active on the network, the next task is to define the basic settings that allow AirWave to communicate with and manage your devices. Device-specific firmware files are often required or are highly desirable. Furthermore, the use of Web Auth bundles is advantageous for deployment of Cisco WLC wireless LAN controllers when they are present on the network.
2. Browse to the Device Setup > Communication page, locate the SNMP Settings section, and enter or revise the following information. Table 30 lists the settings and default values. Table 30 Device Setup > Communication > SNMP Settings Fields and Default Values Setting Default Description SNMP Timeout (3-60 sec) 3 Sets the time, in seconds, that AirWave waits for a response from a device after sending an SNMP request.
6. Locate the ICMP Settings section and adjust the default value as required. Table 33 shows the setting and default value. Table 33 Device Setup > Communication > ICMP Settings Fields and Default Values Setting Default Description Attempt to ping devices that were unreachable via SNMP Yes When Yes is selected, AirWave attempts to ping the AP device. Select No if performance is affected in negative fashion by this function.
Table 35 Device Setup > Upload Firmware & Files Fields and Default Values (Continued) Setting Default Description Server Protocol None Displays the file transfer protocol by which the firmware file was obtained from the server. This can be either FTP or TFTP. Use Group File Server None If enabled, displays the name of the file server supporting the group. Firmware File Server IP address None Displays the IP address for a firmware file server.
3. Select Supported Firmware Versions and Features to view supported firmware versions. NOTE: Unsupported and untested firmware may cause device mismatches and other problems. Please contact AirWave support at support.dell.com before installing non-certified firmware. Enter the appropriate information and select Add. The file uploads to AirWave and once complete, this file appears on the Device Setup > Upload Firmware & Files page.
5. Select Add to import the firmware file. To delete a firmware file that has already been uploaded to AirWave, return to the Device Setup > Upload Firmware & Files page, select the checkbox for the firmware file and select Delete. NOTE: A firmware file may not be deleted if it is the desired version for a group. Use the Group > Firmware page to investigate this potential setting and status.
Figure 34 AMP Setup > Device Type Setup Page Illustration Configuring Cisco WLSE and WLSE Rogue Scanning The Cisco Wireless LAN Solution Engine (WLSE) includes rogue scanning functions that AirWave supports.
Enabling Rogue Alerts for Cisco WLSE Configuring WLSE to Communicate with APs Discovering Devices Managing Devices Inventory Reporting Defining Access Grouping WDS Participation Primary or Secondary WDS Adding an ACS Server for WLSE 1. Go to the Devices > Discover > AAA Server page. 2. Select New from the drop-down list. 3. Enter the Server Name, Server Port (default 2002), Username, Password, and Secret. 4. Select Save. Enabling Rogue Alerts for Cisco WLSE 1.
Managing Devices Prior to enabling radio resource management on IOS access points, the access points must be under WLSE management. NOTE: AirWave becomes the primary management/monitoring vehicle for IOS access points, but for AirWave to gather Rogue information, the WLSE must be an NMS manager to the APs. Use these pages to make such configurations: 1. Go to Device > Discover > Advanced Options. 2. Select the method to bring APs into management Auto, or specify via filter.
4. Select Specified Discovery and enter the IP address of the Primary WDS device (AP or WLSM). 5. Enter the Username and Password for the WLSE server. Primary or Secondary WDS Perform these steps to configure primary or secondary functions for WDS. 1. Go to the Wireless Services > WDS > General Setup page. 2. If the AP is the Primary or Backup WDS, select Use the AP as Wireless Domain Services. Select Priority (set 200 for Primary, 100 for Secondary).
Figure 35 AMP Setup > WLSE > Add WLSE Page Illustration Perform the following steps for optional configuration of AirWave for support of Cisco WLSE rogue scanning. 1. To add a Cisco WLSE server to AirWave , navigate to the AMP Setup > WLSE page and select Add. Complete the fields in this page. Table 38 describes the settings and default values.
Configuring ACS Servers This is an optional configuration. The AMP Setup > ACS page allows AirWave to poll one or more Cisco ACS servers for wireless username information. When you specify an ACS server, AirWave gathers information about your wireless users. Refer to “” on page 56 if you want to use your ACS server to manage your AirWave users. Perform these steps to configure ACS servers: 1. Go to the AMP Setup > ACS page. This page displays current ACS setup, as illustrated in Figure 36.
Log in to the ACS server, select System Configuration, then in the Select frame, select Logging. Under Enable Logging, select CSV Passed Authentications. The default logging options function and support AirWave. These include the two columns AirWave requires: User-Name and Caller-ID. What Next? Go to additional tabs in the AMP Setup section to continue additional setup configurations. Complete the required configurations in this chapter before proceeding.
Complete the required configurations in this chapter before proceeding. Dell support remains available to you for any phase of AirWave installation. Auditing PCI Compliance on the Network This section describes PCI requirements and auditing functions in AirWave, with the following topics: Introduction to PCI Requirements PCI Auditing Enabling or Disabling PCI Auditing Introduction to PCI Requirements AirWave supports wide security standards and functions in the wireless network.
Table 41 PCI Requirements and Support in AirWave Requirement Description 1.1 Monitoring configuration standards for network firewall devices When Enabled: PCI Requirement 1.1 establishes firewall and router configuration standards. A device fails Requirement 1.1 if there are mismatches between the desired configuration and the configuration on the device. When Disabled: firewall router and device configurations are not checked for PCI compliance, and Pass or Fail status is not reported or monitored. 1.2.
Figure 39 AMP Setup > PCI Compliance Page Illustration 2. To enable, disable, or edit any category of PCI Compliance monitoring in AirWave, select the pencil icon next to the category. The Default Credential Compliance page displays for the respective PCI standard. 3. Create changes as required. Specific credentials can be cited in the Forbidden Credentials section of any Edit page to enforce PCI requirements in AirWave . Figure 40 shows an example of how to edit the PCI 2.1 requirement.
The Dell PowerConnect W WMS feature is an enterprise-level hardware device and server architecture with managing software for security and network policy. There are three primary components of the WMS deployment: Air Monitor AP devices establish and monitor RF activity on the network. The WMS server manages devices and network activity to include rogue AP detection and enforcement of network policy. The AirWave graphical user interface (GUI) allows users to access and use the WMS functionality.
Chapter 4 Configuring and Using Device Groups This chapter describes the deployment of device groups within AirWave. The section below describes the pages or focused subtabs available on the Groups tab. Note that the available subtabs can vary significantly from one device group to another—one or more subtabs may not appear, depending on the Default Group display option selected on the AMP Setup > General page and the types of devices you add to AirWave.
PTMP—This page defines settings specific to Proxim MP devices when present. As such, this page is only available when a Proxim MP device is added to this group. Refer to “Configuring Group PTMP Settings” on page 95. Proxim Mesh—This page defines mesh AP settings specific to Proxim devices when present. Refer to “Configuring Proxim Mesh Radio Settings” on page 95. MAC ACL—This page defines MAC-specific settings that apply to Proxim, Symbol, and ProCurve 520 devices when present.
Individual device settings—such as device name, RF channel selection, RF transmission power, antenna settings, and so forth—typically should not be managed at a group level and must be individually configured for optimal performance. Individual AP settings are configured on the APs/Devices > Manage page. You can create as many different groups as required. Administrators usually establish groups that range in size from five to 100 wireless devices.
Table 42 Groups > List Columns (Continued) Column Description Up/Down Status Polling Period The time between Up/Down SNMP polling periods for each device in the group. Detailed SNMP polling period information is available on the Groups > Basic configuration page. Note that by default, most polling intervals do not match the up/down period. Duplicate Creates a new group with the name Copy of with identical configuration settings.
Figure 44 Groups > Basic Page Illustration 3. Define the settings in the Basic and Global Group sections. Table 43 describes several typical settings and default values of this Basic section. Dell PowerConnect W-AirWave 7.
Table 43 Basic and Global Groups Fields and Default Values Setting Default Description Name Defined when first adding the group Displays or changes the group name. As desired, use this field to set the name to uniquely identify the group by location, vendor, department, or any other identifier (such as “Accounting APs,” “Cisco devices,” “802.1x APs,” and so forth).
Table 44 SNMP Polling Periods Fields and Default Values (Continued) Setting Default Description CDP Neighbor Data Polling Period 30 minutes Sets the frequency in which this group polls the network for Cisco Discovery Protocol (CDP) neighbors. Mesh Discovery Polling Period 15 minutes Sets time between SNMP polls for Mesh Device Discovery. 5. To configure support for routers and switches in the group, locate the Routers and Switches section and adjust these settings as required.
7. To configure which options and tabs are visible for the group, complete the settings in the Group Display Options section. Table 46 describes the settings and default values. Table 46 Group Display Options Fields and Default Values Setting Default Description Show device settings for: Only devices on this AMP Drop-down menu determines which Group tabs and options are to be viewable by default in new groups.
Table 48 Spanning Tree Protocol Fields and Default Values (Continued) Setting Default Description Bridge Priority 32768 Sets the priority for the AP. Values range from 0 to 65535. Lower values have higher priority. The lowest value is the root of the spanning tree. If all devices are at default the device with the lowest MAC address will become the root. Bridge Maximum Age 20 Sets the maximum time, in seconds, that the device stores protocol information. The supported range is from 6 to 40.
12. To configure settings specific to Cisco WLC, locate the Cisco WLC section and adjust these settings as required. Table 51 describes the settings and default values. Table 51 Cisco WLC Fields and Default Values Setting Default Description SNMP Version 2c Sets the version of SNMP used by AirWave to communicate to WLC controllers. CLI Communication SSH Sets the protocol AirWave uses to communicate with Cisco IOS devices.
16. To control the conditions by which devices are automatically authorized into this group, locate the Automatic Authorization settings section and adjust these settings as required. Table 53 describes the settings and default values.
Once defined on this page, RADIUS servers are selectable in the drop-down menus on the Groups > Security and Groups > SSIDs configuration pages. Perform these steps to create RADIUS servers. NOTE: TACACS+ servers are configurable only for Cisco WLC devices. Refer to “Configuring Cisco WLC Security Parameters and Functions” on page 94. 1. Go to the Groups > List page and select the group for which to define AAA servers by selecting the group name. The Monitor page appears. 2. Select the AAA Servers page.
AirWave supports reports for subsequent RADIUS Authentication. These are viewable by selecting Reports > Generated, scrolling to the bottom of the page, and selecting Latest RADIUS Authentication Issues Report. 5. To make additional RADIUS configurations for device groups, use the Groups > Security page and continue to the next topic. Configuring Group Security Settings The Groups > Security page allows you to set security policies for APs in a device group: 1.
Table 56 Groups > Security Page Fields and Default Values (Continued) Setting Default Description Create Closed Network No If enabled, the APs in the Group do not broadcast their SSIDs. NOTE: Creating a closed network will make it more difficult for intruders to detect your wireless network. Block All Inter-client Communication No If enabled, this setting blocks client devices associated with an AP from communicating with other client devices on the wireless network.
The Encryption options display on the Groups > Security page when the VLan Tagging and Multiple SSIDs option is set to Disabled. This setting defaults to No Encryption. Refer to Table 57 for information regarding configuring encryption. Table 57 Groups > Security Encryption Mode settings Setting Default Description Encryption Mode Optional WEP, Require WEP, Require 802.1X, Require LEAP, Require 802.1X + WEP, Require 802.
3. Select Save to retain these security configurations for the group, select Save and Apply to make the changes permanent, or select Revert to discard all unapplied changes. 4. Continue with additional security-related procedures in this document for additional RADIUS and SSID settings for device groups, as required. Configuring Group SSIDs and VLANs The Groups > SSIDs configuration page allows you to create and edit SSIDs and VLANs that apply to a device group.
Table 58 Groups > SSIDs Fields and Descriptions (Continued) Field Description Native VLAN Sets this VLAN to be the native VLAN. Native VLANs are untagged and typically used for management traffic only. AirWave requires a Native VLAN to be set. For AP types do not require a native VLAN, create a dummy VLAN, disable it on both radio controls, and ensure that it has the highest VLAN ID. 3.
Table 59 Groups > SSIDs > SSID/VLAN Section Fields and Default Values (Continued) Setting Default Description Maximum Allowed Associations (0-2007) 255 Indicates the maximum number of mobile users which can associate with the specified VLAN/SSID. NOTE: 0 means unlimited for Cisco. Broadcast SSID (Cisco WLC, Proxim and Symbol 4131 only) No For specific devices as cited, this setting enables the AP to broadcast the SSID for the specified VLAN/SSID.
7. Locate the RADIUS Authentication Servers area on the Groups > SSIDs configuration page and define the settings. Table 62 describes the settings and default values. Table 62 Groups > SSIDs > RADIUS Authentication Servers Fields and Default Values Setting Default Description RADIUS Authentication Server 1-3 (Cisco WLC, Proxim only) None Drop-down menu to select RADIUS Authentication servers previously entered on the Groups > RADIUS configuration page.
2. Go to the Groups > Radio page. Figure 49 illustrates this page. Figure 49 Groups > Radio Page Illustration 3. Locate the Radio Settings area and adjust these settings as required. Table 64 describes the settings and default values. Table 64 Groups > Radio > Radio Settings Fields and Default Values Setting Default Description Allow Automatic Channel Selection (2.4, 5, and 4.
Table 64 Groups > Radio > Radio Settings Fields and Default Values (Continued) Setting Default Description RTS/CTS Maximum Retries (1-255) 32 If RTS/CTS is enabled, this specifies the maximum number of times the AP issues an RTS before stopping the attempt to send the packet through the radio. Acceptable values range from 1 to 128. Maximum Data Retries (1- 32 255) The maximum number of attempts the AP makes to send a packet before giving up and dropping the packet.
Table 65 Groups > Radio > Proxim AP-600, AP-700, AP-2000, AP-4000; Avaya AP-3, Avaya AP-7, AP-4/5/6, AP-8; ProCurve520WL Fields and Default Values (Continued) Setting Default Description 802.11abg Operational Mode 802.11b +802.11g This setting sets the operational mode of all a/b/g radios in the group to either a only, b only, g only or b + g. 802.11b Transmit Rate Auto Fallback This setting specifies the minimum transmit rate required for the AP to permit a user device to associate. 802.
the Cisco WLC Config page. It is not recommended to have Symbol 4131 and Proxim APs in the same group as Cisco devices. Also, it is recommended that users set device preferences to Only devices in this group. This topic describes how to access and navigate the Groups > Cisco WLC Config page. Accessing Cisco WLC Configuration Go to the Cisco WLC Config page in one of these two ways: 1. In Groups > List, select a group that has been defined to support Cisco devices.
1. Go to the Groups > Cisco WLC Config page, and select WLANs in the navigation pane at left. This page displays the SSIDs or VLANs that are available for use with Cisco WLC devices and enables you to define new SSIDs or VLANs. Figure 52 illustrates this page. 2. To change the ID/position of a WLAN on the controller by dragging and dropping, set the toggle to Yes.
Figure 54 Groups > Cisco WLC Config > WLANs > Add New SSID/VLAN > Security Tab Illustration Figure 55 Groups > Cisco WLC Config > WLANs > Add New SSID/VLAN > QoS Tab Illustration Dell PowerConnect W-AirWave 7.
Figure 56 Groups > Cisco WLC Config > WLANs > Add New SSID/VLAN > Advanced Tab Illustration Defining and Configuring LWAPP AP Groups for Cisco Devices The Groups > Cisco WLC Config > WLANs > Advanced > AP Groups page allows you to add/edit/delete AP Groups on the Cisco WLC. LWAPP AP Groups are used to limit the WLANs available on each AP. Cisco thin APs are assigned to LWAPP AP Groups. Viewing and Creating Cisco AP Groups 1.
Figure 57 Groups > Cisco WLC Config > WLANS > Advanced > AP Groups Page Illustration 2. To add a new LWAPP AP group, select Yes in the AP Groups section. Additional controls appear. 3. Select Add to create a new LWAPP AP group. To edit an existing LWAPP AP group, select the pencil icon next to that group. Add one or more SSIDs and the interface/VLAN ID mapping on the Add/Edit page of the LWAPP AP Group. 4.
Figure 59 Groups > Cisco WLC Config > Wireless Navigation Illustration Configuring Cisco WLC Security Parameters and Functions AirWave enables you to configure many security settings that are specific to Cisco WLC controllers.
Configuring Group PTMP Settings The Groups > PTMP configuration page configures Point-to-Multipoint (PTMP) for all subscriber and base stations in the device group. Subscriber stations must be in the same group as all base stations with which they might connect. Perform the following steps to configure these functions. 1. Go to the Groups > List page and select the group for which to define PTMP settings by selecting the group name.
Figure 63 Groups > Proxim Mesh Page Illustration The General section contains settings for mesh radio, number of mesh links, RSSI smoothing, roaming threshold and de-auth client. Table 69 Groups > Proxim Mesh > General Fields and Default Values Setting Default Description Mesh Radio 4.9/5Ghz Drop-down selects the radio that acts as the backhaul to the network. Maximum Mesh Links (132) 6 Sets the maximum number of mesh links allowed on an AP.
Table 71 Groups > Proxim Mesh > Mesh Cost Matrix Fields and Default Values (Continued) Setting Default Description RSSI Factor (010) 5 Sets the factor associated with the RSSI values used when calculating the best path to the portal AP. Higher factors will have more impact when deciding the best uplink. RSSI Cutoff (0-26) 10 Specifies the minimum RSSI needed to become a mesh neighbor.
1. Browse to the Groups > Firmware configuration page. Figure 65 illustrates this page. Figure 65 Groups > Firmware Page Illustration 2. For each device type in the group, specify the minimum acceptable firmware version. If no firmware versions are listed, go to the Device Setup > Upload Firmware & Files configuration page to upload the firmware files to AirWave. 3. Select Upgrade to apply firmware preferences to devices in the group. 4.
Figure 66 Comparing Two Devices Groups on the Groups > List > Compare Page (Partial View) 3. Note the following factors when using the Compare page: The Compare page can be very long or very abbreviated, depending on how many configurations the device groups share or do not share. When a configuration differs between two groups, the setting is flagged in red text for the group on the right. The default setting of the Compare page is to highlight settings that differ between two groups.
1. Browse to the Groups > List configuration page. 2. Select the Modify button (the wrench icon) for the group you wish to edit. The Groups > Basic configuration page appears. 3. Select the fields to be edited on the Basic configuration page or go to Radio, Security, VLANs, or MAC ACL configuration page and edit the fields. Use the Save button to store the changes prior to applying them. 4. When all changes for the group are complete select the Save and Apply button to make the changes permanent.
Modifying Multiple Devices AirWave provides a very powerful utility that modifies all APs or a subset of access points unrelated to the typical AirWave group construct. This utility provides the ability to delete simultaneously multiple devices, migrate multiple devices to another group and/or folder, update credentials and optimize channels. Perform these steps to modify multiple devices. 1.
Figure 68 Modify Multiple Devices Section Illustration 3. Select one or more devices that are to share the configurations. Select the checkbox for each device to modify. 4. In the Modify Multiple Devices section, select any button or use any drop-down menu for the supported changes. Any action you take applies to all selected devices. Each action you take will direct you to a new configuration page, or prompt you with a confirmation page to confirm your changes. 5.
Table 72 Modify Multiple Devices Section Fields and Default Values Action Description AMP Group/Folder Move the selected devices to a new group or folder. If the AP is in managed mode when it is moved to a new group, it will be reconfigured. Dell PowerConnect W Moves the selected APs to a new group or folder. If the AP is in managed mode when it is moved to a new group it will be reconfigured. Management Level Move the selected devices into Monitor Only or Manage Read/Write Mode.
Table 72 Modify Multiple Devices Section Fields and Default Values (Continued) Action Description Cancel firmware upgrade for selected devices Cancels any firmware upgrades that are scheduled or in progress for the selected APs. Rename devices Rename all the selected devices in bulk. Note that you can also rename the devices one at a time using the editable Name fields in each row. Delete selected devices from AMP Removes the selected APs from AirWave.
Once Global Groups have been configured, groups may be created or configured to subscribe to a particular Global Group. Go to the Groups > Basic configuration page of a group and locate the Use Global Groups section. Select the Yes radio button and select the name of the Global Group from the drop-down menu. Then select Save and Apply to make the changes permanent. Figure 71 illustrates this page.
106 | Configuring and Using Device Groups Dell PowerConnect W-AirWave 7.
Chapter 5 Discovering, Adding, and Managing Devices This chapter describes how to add, configure, and monitor wired and wireless devices, and contains the following sections corresponding to features of the Device Setup and APs/Devices tabs: “Device Discovery Overview” on page 107 “Discovering and Adding Devices” on page 107 “Monitoring Devices” on page 118 “Configuring and Managing Devices” on page 137 “Troubleshooting a Newly Discovered Down Device” on page 149 “Setting up Spectrum
SNMP/HTTP Scanning SNMP/HTTP discovery scanning is the primary method for discovering devices on your network, including rogue devices. Enable this scanning method from the Device Setup > Discover page. NOTE: This page is only visible to users with the AirWave Administrator role or roles that have “Allow authorization of APs/ Devices” enabled in AMP Setup > Roles.
1. Locate the Credentials section on the Device Setup > Discover page. (Scroll down if necessary.) This page displays scan sets, networks, and credentials that have been configured so far, and allows you to define new elements for device scanning. 2. To create a new scan credential, select the Add button to add a new scan credential. Figure 73 illustrates this page. (Note that you may have to scroll down the page again to view this section.
4. In the Automatic Authorization section, select whether to override the global setting in AMP Setup > General and have New Devices be automatically authorized into the New Device List, the same Group/Folder as the discovering devices, the same Group/Folder as the closest IP neighbor, and/or a specified autoauthorization group and folder. 5. Select Add to create the selected scans, which then appear in a list at the top of the Device Setup > Discover page. 6.
6. Select the pencil icon for the scan to display the results. Table 73 describes the scan results and related information. Table 73 Device Setup > Discover > Discovery Execution Fields Column Description Network Displays the network to be scanned. Credentials Displays the credentials used in the scan. Total Devices Found Displays the total number of APs detected during the scan that AirWave can configure and monitor.
Dell PowerConnect W-Series thin APs can have Dell PowerConnect W AP Group specified, and Cisco thin APs can have LWAPP AP Group specified when they are authorized. The Cisco Discovery Protocol (CDP) CDP uses the polling interval configured for each individual Cisco switch or router on the Groups > List page. AirWave requires read-only access to a router or switch for all subnets that contain wired or wireless devices. The polling interval is specified on the Groups > Basic page.
This section describes the following procedures: Adding Devices with the Device Setup > Add Page Adding Multiple Devices from a CSV File Adding Universal Devices Adding Devices with the Device Setup > Add Page Manually adding devices from the Device Setup > Add page to AirWave is an option for adding all device types.
Figure 77 Device Setup > Add > Device Communications and Location Sections 3. Complete these Device Communications and Location settings for the new device. Table 74 further describes the contents of this page. Settings may differ from device to device based on the type of device and the features that the device supports. In several cases, the default values from any given device derive from the Device Setup > Communication page.
Table 74 Device Communication and Location Fields and Default Values (Continued) Setting Default Description SNMPv3 Username Taken from Device Setup > Communication If you are going to manage configuration for the device, this field provides a read-write user account (SNMP, HTTP, and Telnet) within the Cisco Security System for access to existing APs. AirWave initially uses this username and password combination to control the Cisco AP.
includes make and model information, AirWave will add the information provided in the CSV file as it did before. It will not override what you have specified in this file in any way.
Adding Universal Devices AirWave gets basic monitoring information from any device including switches, routers and APs whether or not they are supported devices. Entering SNMP credentials is optional. If no SNMP credentials are entered, AirWave will provide ICMP monitoring of universal devices. This allows you to monitor key elements of the wired network infrastructure, including upstream switches, RADIUS servers and other devices.
Figure 81 APs/Devices > Ignored Page Illustration This page provides the following information for any ignored device: device name or MAC address, when known controller associated with that device device type device IP address LAN MAC address for the LAN on which the device is located date and time of device discovery 2. To change the device parameters for a given device, select its checkbox and adjust group, folder, monitor, and manage settings as desired. 3.
Figure 82 APs/Devices > List (partial view) Verify that the devices you added are now appearing in the APs/Devices > Up page. NOTE: Newly added devices will have a status of Down until they have been polled the first time. Their configuration status will remain Unknown until they have finished verification. The Up status is not contingent on verification. The same section also appears on the Groups > Monitor page and is hyperlinked from a controller's monitoring interface.
Figure 83 Monitoring Page Top Level Data Common to All Device Types The alert summary and recent events sections are also the same regardless of the device type, and these sections appear toward the bottom of these pages. In addition, a link to the Audit Log is available on the bottom of this page. A portion of this page is shown in Figure 84.
Figure 85 APs/Devices > Monitor Page for Wireless Devices (partial view of an AP ) Table 75 describes the fields and information displayed in the Device Info section. The displayed fields vary from device to device.
Table 75 APs/Devices > Monitor > Device Info Fields and Default Values (Continued) Field Description Status Displays ability of AirWave to connect to the AP. Up (no issue) means everything is working as it should. Down (SNMP “get” failed) means AirWave can get to the device but not speak with it using SNMP. Check the SNMP credentials AirWave is using the view secrets link on the APs/Devices > Manage page and verify SNMP is enabled on the AP. Many APs ship with SNMP disabled.
Table 75 APs/Devices > Monitor > Device Info Fields and Default Values (Continued) Field Description Quick Links Open controller web UI: A drop-down menu that allows you to jump to the controller’s UI in a new window. NOTE: For Dell controllers, if Single Sign-On is enabled for your role in this AirWave and you have access to this controller, you will not have to enter the credentials for this controller again after selecting this link.
Table 77 APs/Devices > Monitor > Wired Interfaces Fields and Descriptions (Continued) Field Description Type Indicates the type of interface - gigabit Ethernet or fast Ethernet for wired interfaces. Admin Status The administrator setting that determined whether the port is on or off. Operational Status Displays the current status of the interface. If an interface is Up, then AirWave is able to ping it and fetch SNMP information.
Table 78 describes the graphs on this page. Table 78 APs/Devices > Monitor Graphical Data Graph Description Clients Formerly “Users”. Shows the max and average client count reported by the device radios for a configurable period of time. User count for controllers are the sum of the user count on the associated APs. Checkboxes below the graph can be used to limit the data displayed. Usage Formerly “Bandwidth”. Shows the bandwidth in and out reported by the device for a configurable period of time.
Table 79 APs/Devices > Monitor > Connected Clients Fields and Default Values (Continued) Field Description Usage Displays the average bandwidth consumed by the MAC address. Goodput The ratio of the total bytes transmitted or received in the network to the total air time required for transmitting or receiving the bytes. Location Displays the QuickView box allows users to view features including heatmap for a device and location history for a user.
Complete ARM statistics from Dell PowerConnect W-Series controllers can be retrieved from the Radio Statistics page by selecting the Run a command drop-down menu and choosing button, as illustrated in Figure 88. Figure 88 Fetch additional radio stats by running a show command When this button is selected, a new browser window launches with the statistics in plain text. Other ARMtracked metrics are visible in the Radio Statistics page for Dell PowerConnect W-Series APs.
Figure 90 802.11 Radio Counters Summary table The frame- per-second rate of these and other 802.11 errors over time are tracked and compared in the 802.11 Counters graph on the same page. Radio Statistics Interactive Graphs Time-series graphs for the radio are displayed across a tabbed, dual-pane interface to show changes recorded at every polling interval over time. Clients and Usage data are polled based on the AP's group's User Data Polling Period.
Table 82 Radio Statistics Interactive Graphs Descriptions (Continued) Graph Title Description 802.11 Counters A line graph that displays statistics such as frame rate, fragment rate, retry rate, duplicate frame rate, and other metrics tracked by 802.11 counters. Utilization (Dell, Dell PowerConnect W, Displays max and average percentages on this radio for busy, interfering receiving and transmitting signals. Special configuration on the controller is required to enable this data.
The columns and values are described in Table 83. Table 83 ARM Events table Columns and Values Column Description Time The time of the ARM event. Trap Type The type of trap that delivered the change information. Current ARM trap types that display in AirWave are: Power Change Mode Change Channel Change Values that display in the following columns depend on the Trap Type. Previous Tx Power Old value for transmit power before the Power Change event took place.
Cordless Phone Freq Hopper Generic Fixed Freq Generic Freq Hopper Microwave Microwave Inverter Unknown Video Device Fixed Freq Wi-Fi XBox Freq Hopper Active BSSIDs Table The Active BSSIDs table maps the BSSIDs on a radio with the SSID it broadcasts to the network, as illustrated in Figure 94. This table appears only for Dell PowerConnect W-Series AP radios.
Figure 95 APs/Devices > Monitor page for a Mesh Device These fields are described in detail in “Viewing Device Monitoring Statistics” on page 118. Monitoring Data for Wired Devices (Routers and Switches) The monitoring page for routers and switches includes basic device information at the top, a bandwidth graph depicting the sum of all the physical interfaces, and beneath that, CPU/Memory utilization graphs as shown in Figure 96.
Figure 96 APs/Devices > Monitor Page for a Mobility Access Switch All managed wired devices also include an Interfaces subtab, as shown in Figure 97. Dell PowerConnect W-AirWave 7.
Figure 97 APs/Devices > Interfaces Page for Wired Devices (partial view) . The Interfaces page includes a summary of all the interfaces at the top. In case of the stacked switches, the master includes the interfaces of all the members including its own. The physical and the virtual interfaces are displayed in separate tables, labeled Physical Interfaces and Virtual Interfaces. VLANs are listed below the interface. NOTE: The Interfaces page for AirMesh APs includes VLANs as part of the Virtual Interfaces.
Figure 98 Interface Monitoring Page for a Wired Device An Interface Monitoring page is comprised of three sections: Interface Information, Usage and Interface Frame Counters graphs, and Connected Clients. Specifics of the interface are in the Interface Information section, as depicted in Figure 99.
Auditing Device Configuration When you have added a newly discovered device successfully to a Group in Monitor mode, the next step is to verify device configuration status. Determine whether any changes will be applied to that device when you convert it to Managed read/write mode. AirWave uses SNMP or Telnet to read a device’s configuration. SNMP is used for Cisco controllers. Dell PowerConnect W-Series devices and wired routers and switches use Telnet/SSH to read device configuration.
groups of the devices. Using folders, you can quickly view basic statistics about devices. You must use folders if you want to limit the APs and devices AirWave users can see. Folder views are persistent in AirWave. If you select the Top folder and then select the Down link at the top of the page, you are taken to all of the down devices in the folder. If you want to see every down device, select the Expand folders to show all devices link.
Compare two configurations to highlight the specific lines that are mismatched. The Audit page provides links to the AirWave pages where any mismatched settings can be configured. NOTE: These procedures assume you are familiar with the function buttons available to save, apply, revert, and so on. For details on button functions, see “Buttons and Icons” on page 16.
Configuring AP Settings 1. Browse to the APs/Devices > List page and select the wrench icon next to the device whose AP settings you want to edit. This directs you to the Manage page for that device. Figure 104 illustrates this page. Figure 104 APs/Devices > Manage Page Illustration If any changes are scheduled for this AP, they appear in a Scheduled Changes section at the top of the page above the other fields. The linked name of the job takes you to its System > Configuration Change Job Detail page.
2. Locate the General section for information about the AP’s current status. Table 84 describes the fields, information, and settings. Table 84 APs/Devices > Manage > General Fields and Descriptions Field Description Name Displays the name currently set on the device. Status Displays the current status of an AP. If an AP is Up, then AirWave is able to ping it and fetch SNMP information from the AP.
Table 85 APs/Devices > Manage > Settings Fields and Default Values (Continued) Setting Default Device Type Description Location Read from the device All The SNMP location set on the device. Latitude None All Text field for entering the latitude of the device. The latitude is used with the Google Earth integration. Longitude None All Text field for entering the longitude of the device. The longitude is used with the Google Earth integration.
Table 86 APs/Devices > Manage, Additional Settings Setting Default Device Type Mesh Role Mesh AP Mesh Devices Description Drop-down menu specifies the mesh role for the AP as shown: Mesh AP —The AP will act like a mesh client. It will use other APs as its uplink to the network. Portal AP —The AP will become a portal AP. It will use a wired connection as its uplink to the network and serve it over the radio to other APs. None —The AP will act like a standard AP.
Table 86 APs/Devices > Manage, Additional Settings (Continued) Setting Default Device Type Description Radio Enabled Yes All The Radio Enabled option allows you to disable the radio's ability to transmit or receive data while still maintaining Ethernet connectivity to the network. AirWave will still monitor the Ethernet page and ensure the AP stays online. Customers typically use this option to temporarily disable wireless access in particular locations.
Table 88 describes the settings and default values. For detailed descriptions of Cisco WLC devices supported by AirWave, refer to the Cisco WLC product documentation. Table 88 APs/Devices > Manage > Interface Fields and Descriptions for Cisco WLC Devices Field Default Description Name None The name of the interface on the controller. VLAN ID None The VLAN ID for the interface on the controller. Port None The port on the controller to access the interface.
Configuring Device Interfaces for Switches When you go to the APs/Devices > Interfaces page for a switch, you can add a Virtual interface by selecting Add and entering the appropriate information in the page that then appears, as shown in Figure 106. Figure 106 Add Virtual Interfaces Page for Wired Devices . New physical and virtual interfaces are discovered using SNMP polling as described in “SNMP/HTTP Scanning” on page 108.
Figure 108 Physical Interfaces Monitoring and Configuration Sections Figure 109 Virtual Individual Interfaces Configuration Section To configure interfaces as a group, select Edit Interfaces above the Physical or Virtual Interfaces table as shown in Figure 110. 146 | Discovering, Adding, and Managing Devices Dell PowerConnect W-AirWave 7.
Figure 110 Edit Multiple Interfaces You will remain on the same page, but will have the option to make changes to the most commonly edited settings in batch mode, as shown in Figure 111. Figure 111 Multiple Interface Editing Page Illustration AirWave assembles the entire running configuration using templates and your modifications to these pages. For a more detailed discussion on templates, see Chapter 6, “Creating and Using Templates” on page 155.
Figure 112 APs/Devices > Manage > Device Communication NOTE: The Device Communication area may appear slightly different depending on the particular vendor and model of the APs being used. 3. Enter and confirm the appropriate Auth Password and Privacy Password. 4. You can disable the View AP Credentials link in AirWave by the root user. Contact Dell support at support.dell.com for detailed instructions to disable the link. 5. (Optional.
Table 89 APs/Devices > Manage > Update Firmware Fields and Default Values (Continued) Setting Default Description Sender Address None Displays the From address in the alert email. Figure 113 APs/Devices > Manage Firmware Upgrades Initiating a firmware upgrade will change the Firmware Status column for the device to Pending in APs/Devices > List. You can review the status of all recent firmware upgrade jobs in System > Firmware Upgrade Jobs.
Table 90 Common System Messages for Down Status (Continued) Message Meaning Downloading The AP is in the process of downloading firmware or configuration. (This only applies to Cisco WLC thin APs and some Symbol APs.) Error fetching existing configuration AirWave could not fetch a config for the AP. Usually this is because AirWave has incorrect credentials and was not able to log in. ICMP Ping Failed (after SNMP Get Failed) The device is not responding and is likely offline.
5. If the credentials are incorrect, return to the Device Communications area on the APs/Devices > Manage page. Enter the appropriate credentials, and select Apply. 6. Return to the APs/Devices > List page to see if the device appears with a Status of Up.
Perform these steps to set the AP group to use the default Spectrum profile settings: 1. In Groups > Dell PowerConnect W Config, select Add New Dell PowerConnect W AP Group. 2. Give the new Group a name (like “Spectrum APs”) and select the plus sign next to the 802.11a Radio Profile to create a new radio profile. 3. Enter a name under the General Settings section of Profiles > RF > 802.11a/g Radio. 4.
Figure 116 Spectrum Analysis on Controller Dashboard NOTE: This chart is only available for Dell PowerConnect W-AP92, 93, 104, 105, 134,and 135 APs. To disable Spectrum mode on this individual AP after it has collected data, return to the APs/Devices > Manage page for this AP and set the Spectrum Override field back to No.
5. In the Field drop-down menu, select the setting you would like to change (such as an Age-Out setting or a Spectrum Band), and enter the overriding value below it. 6. Select Add to save your changes. 7. To create additional overrides for this controller, select Add New Dell PowerConnect W Controller Override again. 8. When you have finished, select Save and Apply.
Chapter 6 Creating and Using Templates This chapter provides an overview and several tasks supporting the use of device configuration templates in AirWave, and contains the following topics: “Group Templates” on page 155 “Viewing and Adding Templates” on page 156 “Configuring General Template Files and Variables” on page 159 “Configuring Templates for Dell PowerConnect W-Instant” on page 164 “Configuring Templates for AirMesh” on page 165 “Configuring Cisco IOS Templates” on page 165
Template Variables Variables in templates configure device-specific properties, such as name, IP address and channel. Variables can also be used to configure group-level properties, such as SSID and RADIUS server, which may differ from one group to the next.
Table 91 describes the columns in this image. Table 91 Groups > Templates Fields and Default Values Setting Description Notes When applicable, this section lists devices that are active on the network with no template available for the respective firmware. Select the link from such a note to launch the Add Template configuration page for that device. Name Displays the template name. Device Type Displays the template that applies to APs or devices of the specified type.
The settings for the Add a Template page are described in Table 92. Note that the fields can vary based on the Group. Table 92 Groups > Templates > Add Template Fields and Default Values Setting Default Description Use Global Template No Uses a global template that has been previously configured on the Groups > Templates configuration page. Available templates will appear in the drop-down menu. If Yes is selected you can also configure global template variables.
Table 92 Groups > Templates > Add Template Fields and Default Values (Continued) Setting Default Description SNMPv3 Username None If the template is updating the SNMP v3 Username password on the AP, enter the new SNMP Username password here. AirWave updates the credentials it is using to communicate to the device after the device has been managed. Auth Password None If the template is updating the SNMP v3 Auth password on the AP, enter the new SNMP Username password here.
variables in this fashion. If you believe that any AP-level settings are not marked correctly, please contact Dell customer support at support.dell.com before proceeding. 7. Specify the device types for the template. The templates only apply to devices of the specified type. Specify whether AirWave should reboot the devices after a configuration push.
Management mode. This removes the APs from Monitor mode (read-only) and instructs the AP to pull down its new startup configuration file from AirWave. NOTE: Devices can be placed into Management mode individually from the APs/Devices > Manage configuration page.
config file of a device. A command inside the push and exclude directive are included in the startup-config file pushed to a device, but AirWave excludes them when calculating and reporting configuration mismatches. NOTE: The opening tag may have leading spaces. Below are some examples of using directives: … line con 0 no stopbits line vty 5 15 ! ntp server 209.172.117.
Sometimes, the running-config file on the AP does not include the command for one of these variables because the value is set to the default. For example, when the “transmission power” is set to maximum (the default), the line “power local maximum” will not appear in the AP running-config file, although it will appear in the startupconfig file. AirWave would typically detect and flag this variance between the running-config file and startupconfig file as a configuration mismatch.
… interface Dot11Radio0 … power local cck %CCK_POWER% power local ofdm %OFDM_POWER% channel %CHANNEL% … The hostname line sets the AP hostname to the hostname stored in AirWave. The power lines set the power local cck and ofdm values to the numerical values that are stored in AirWave. Configuring Templates for Dell PowerConnect W-Instant The first Instant network that is added to AirWave automatically includes the default configuration that is used as a template to provision other Instant networks.
mgmt-user admin 446f8a8ddacdb735dd42a9873a2e80e2 wlan ssid-profile remote-node-guest index 0 type employee essid %ssid% wpa-passphrase a804e1744c137371943bdeed410e720a58eca75717ff714b opmode wpa2-psk-aes rf-band all captive-portal disable dtim-period 1 inactivity-timeout 1000 broadcast-filter none enet-vlan guest wlan external-captive-portal server localhost port 80 url "/" auth-text "%venue%" ids classification ids wireless-containment none Refer to Appendix A “Setting Up Dell PowerConnect-W Instant in Ai
This section includes the following topics: Applying Startup-config Files WDS Settings in Templates SCP Required Settings in Templates Supporting Multiple Radio Types via a Single IOS Template Configuring Single and Dual-Radio APs via a Single IOS Template Applying Startup-config Files Each of the APs in the Group copies its unique startup-config file from AirWave via TFTP or SCP.
SCP Required Settings in Templates A few things must be set up before enabling SCP on the Groups > Basic configuration page. The credentials used by AirWave to login to the AP must have level 15 privileges. Without them AirWave is not able to communicate with the AP via SCP. The line "aaa authorization exec default local" must be in the APs configuration file and the AP must have the SCP server enabled.
Configuring Cisco Catalyst Switch Templates Cisco Catalyst Switch templates are configured much like Cisco IOS templates with the addition of the interfaces and switch_command (for stacked switches) variables. Interfaces can be configured on the Device Interface pages, as shown in “Configuring Device Interfaces for Switches” on page 145. You can import interface information as described in this section or by fetching a template from that device, as described in “Configuring General Templates” on page 159.
country-code us aap-ipfilter-list no port 3333 plz aap-ipfilter-list no port 3333 tcp plz deny tcp src-start-ip 0.0.0.0 src-end-ip 255.255.255.255 dst-start-ip 0.0.0.0 dst-endip 255.255.255.
%endif% %if radio_type=11bg% radio %radio_index% speed basic1 basic2 basic5p5 6 9 basic11 12 18 24 36 48 54 radio %radio_index% on-channel-scan radio %radio_index% adoption-pref-id 7 radio %radio_index% enhanced-beacon-table radio %radio_index% enhanced-probe-table %endif% %if radio_type=11bgn% radio %radio_index% speed basic11b2 6 9 12 18 24 36 48 54 mcs 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 %endif% radio %radio_index% channel-power indoor %channel% %transmit_power% %channel_attribute% %detector% %adoption
Figure 120 Group > Templates > Add Page Illustration 4. Use the drop-down menu to select a device from which to build the global template and select Fetch. The menus are populated with all devices that are contained in any group that subscribes to the global group. The fetched configuration populates the template field. Global template variables can be configured with the Add button in the Template Variables box, illustrated in Figure 121.
6. If you want to add the global template, select Apply Changes Now. If you do not want to add the template, select Cancel and Discard Changes. Canceling from the confirmation configuration page causes the template and all of the template variables to be lost. 7. Once you have added a new global template, you can use a CSV upload option to configure global template variables. Go to the Groups > Templates configuration page and select the CSV upload icon for the template.
Chapter 7 Using RAPIDS and Rogue Classification This chapter provides an overview to rogue device and IDS event detection, alerting, and analysis using RAPIDS, and contains the following sections: “Introduction to RAPIDS” on page 173 “Viewing Rogues on the RAPIDS > List Page” on page 183 “Setting Up RAPIDS” on page 175 “Defining RAPIDS Rules” on page 178 “Score Override” on page 187 “Using the Audit Log” on page 188 “Additional Resources” on page 188 Introduction to RAPIDS Rogue
Viewing Overall Network Health on RAPIDS > Overview The RAPIDS > Overview page displays a page of RAPIDS summary information (see Figure 123). Table 95 defines the summary information that appears on the page. Figure 123 RAPIDS > Overview Page Illustration 174 | Using RAPIDS and Rogue Classification Dell PowerConnect W-AirWave 7.
Table 95 RAPIDS > Overview Fields and Descriptions Summary Description IDS Events Displays a list of attack types for the designated folder and subfolders. Field displays events from the past two hours, the past 24 hours, and total IDS events. Names of attacks link to summary pages with more details. NOTE: AirWave should be configured as the SNMP trap receiver on the controllers to receive IDS traps. See the Dell PowerConnect W-AirWave 7.5 Best Practices Guide for details.
Figure 124 RAPIDS > Setup Page Illustration Table 96 RAPIDS > Setup > Basic Configuration Fields Field Default Description ARP IP Match Timeout (1-168 hours) 24 If you have routers and switches on the AirWave, and it's scanning them for ARP tables, this can assign a rogue IP address information. This timeout specifies how recent that information needs to be for the IP address to be considered valid. Note that the default ARP poll period is long (several hours).
Table 97 RAPIDS > Setup > Classification Options Fields (Continued) Field Default Description Manually Classifying Rogues Automatically Acknowledges them Yes Defines whether acknowledgement happens automatically whenever a rogue device receives a manual classification. Filtered rogues are dropped from the system before they are processed through the rules engine. This can speed up overall performance but will eliminate all visibility into these types of devices.
2. From the Containment Options section, select Yes in the Manage rogue AP containment field. Once this is done, the Contained Rogue classification will appear as an option in the classification drop down menu as shown in Figure 125. Additionally, once this option been enabled, the option to manage contained APs in Monitor-Only mode becomes available. Containment in Monitor-Only mode means configuration changes will still be pushed to the controller, even though it is in monitor-only mode.
“Viewing and Configuring RAPIDS Rules” on page 180 “Recommended RAPIDS Rules” on page 182 “Using RAPIDS Rules with Additional AirWave Functions” on page 182 Controller Classification with WMS Offload This classification method is supported only when WMS offload is enabled on Dell PowerConnect W-Series WLAN switches. Controller classification of this type remains distinct from RAPIDS classification. WLAN switches feed wireless device information to AirWave, which AirWave then processes.
Rogue Device Threat Level The threat level classification adds granularity for each general RAPIDS classification. Devices of the same classification can have differing threat scores based on the classifying rule, ranging from 1 to 10 with a default value of 5. This classification process can help identify the greater threat. Alerts can be defined and sorted by threat level. Threat level and classification are both assigned to a device when a device matches a rule.
To create a new rule, select the Add button next to New RAPIDS Classification Rule to launch the RAPIDS Classification Rule page (see Figure 128). Figure 128 Classification Rule Page Fill in the settings described in Table 102 then select an option from the drop down menu. Table 103 defines the drop down menu options that are at the bottom left of the RAPIDS Classification Rule dialog box (see Figure 128). Once all rule settings are defined, select Add.
Table 103 Properties Drop Down Menu (Continued) Option Description MAC Address Rogue matches the MAC address. Specify matching or non-matching address criteria, or use a wildcard (*) for partial matches. Dell Controller Properties Controller Classification Rogue matches the specified controller classification. Confidence Rogue falls within a specified minimum and maximum confidence level, ranging from 1 to 100. After creating a new rule, select Add to return to the RAPIDS > Rules page.
System > Triggers—Displays triggers that are currently configured, including any triggers that have been defined for rogue events. Reports > Definitions—Allows you to run New Rogue Devices Report with custom settings. VisualRF—Displays physical location information for rogue devices. Viewing Rogues on the RAPIDS > List Page To view a rogue AP, select the RAPIDS > List tab and select a rogue device type from the Minimum Classification drop-down menu (see Figure 129).
Table 104 RAPIDS > List Column Definitions (Continued) Column Description Confidence The confidence level of the suspected rogue. How confidence is calculated varies based on the version of ArubaOS. When an ArubaOS controller sees evidence that a device might be on the wire it will up the confidence level. If ArubaOS is completely sure that it is on the wire, it gets classified as a rogue.
Table 104 RAPIDS > List Column Definitions (Continued) Column Description Notes Indicates any notes about the rogue device that may have been added. Last Seen Indicates the date and time the rogue device was last seen. Current Associations The number of current rogue client associations to this device. Max associations The highest number of rogue client associations ever detected at one time.
Each rogue device frequently has multiple discovery methods, all of which are listed. As you work through the rogue devices, use the Name and Notes fields to identify the AP and document its location. You can use the global filtering options on the RAPIDS > Setup page to filter rogue devices according to signal strength, ad-hoc status, and discovered by remote APs. VisualRF uses the heard signal information to calculate the physical location of the device.
Score Override On RAPIDS > Score Override page you can change the OUI scores that are given to MAC addresses detected during scans of bridge forwarding tables on routers or switches. Figure 131, Figure 132, and Table 105 illustrate and describe RAPIDS Score Override. Perform these steps to create a score override. Once a new score is assigned, all devices with the specified MAC address prefix receive the new score. NOTE: Note that rescoring a MAC Address Prefix poses a security risk.
Using the Audit Log The Audit Log is a record of any changes made to the RAPIDS rules, setup page, and manual changes to specific rogues. This allows you to see how something is changes, when it changed, and who made the alteration. The Audit Log can be found at RAPIDS > Audit Log. For more information, see Figure 133.
Chapter 8 Performing Daily Administration in AirWave Daily WLAN administration often entails network monitoring, supporting WLAN and AirWave users, and monitoring AirWave system operations.
System button provides a graceful way to power cycle your AirWave remotely when it is needed. The Restart AirWave button will restart the AirWave services without power cycling the server or reloading the OS. Figure 134 illustrates this page. Figure 134 System > Status Page Illustration The link diagnostics.tar.gz contains reports and logs that are helpful to Dell support in troubleshooting and solving problems.
engineers may request these logs for help in troubleshooting problems and will provide detailed instructions on how to retrieve them. Table 106 describes some of the most important logs: Table 106 A Sample of Important Status Logs Log Description pgsql Logs database activity. error_log Reports problems with the web server. Also linked from the internal server error page that displays on the web page; please send this log to Dell support whenever reporting an internal server error.
Table 107 describes the columns and the information provided in each: Table 107 System > Syslog & Traps Columns and Descriptions Column Description Time The timestamp of the device event. Type Either Syslog or SNMP Trap. Source Device The name of the device that sent the message. Will be a link if you have visibility to the device. Can be empty if AirWave could not correlate the source IP.
Table 108 Event Log Fields Column Type Description Displays the Type of event recorded, which is one of four types, as follows: Device—An event localized to one specific device. Group—A group-wide event. System—A system-wide event. Alert—If a trigger is configured to report to the log, an Alert type event will be logged here. Event The event AirWave observed; useful for debugging, user tracking, and change tracking.
Figure 138 Add New Trigger Page Illustration 2. In the Trigger section, choose the desired trigger Type and Severity. Figure 139 illustrates some of the supported trigger types. NOTE: The alert summary information at the top of the AirWave screen can be configured to separately display severe alerts. Refer to “Configuring Your Own User Information with the Home > User Info Page” on page 220 for more details.
Once you have selected a trigger type, the Add Trigger page changes, depending on the trigger type that you select. In many cases, you must configure at least one Condition setting. Conditions, settings and default values vary according to trigger type. Triggers with conditions can be configured to fire if any criteria match as well as if all criteria match.
“Setting Triggers for Discovery” on page 197 “Setting Triggers for Clients” on page 198 “Setting Triggers for RADIUS Authentication Issues” on page 199 “Setting Triggers for IDS Events” on page 199 “Setting Triggers for AirWave Health” on page 200 Setting Triggers for Devices Perform the following steps to configure device-related triggers. a. Choose a device type from the Devices listed in the Type drop-down menu. See Figure 139.
Table 110 Device Trigger Types (Continued) Option Description Device Event This trigger is used for alerting based on SNMP traps and syslog messages, which are displayed in System > Syslogs & Traps, APs/Devices > Monitor for affected devices, and in Clients > Client Detail.
a. Choose a trigger type from the Discovery category, listed in the Type drop-down menu. See Figure 139. Table 112 Discovery Trigger Types and Condition Settings Discovery Trigger Options Description New Device Discovered This trigger type flags the discovery of a new AP, router, or switch connected to the network (an device that AirWave can monitor and configure).
Table 113 Client Trigger Types and Condition Settings (Continued) Client Trigger Option Description Client Goodput This trigger type indicates that the goodput for an individual client has exceeded a predefined threshold. Available conditions are Usage Kbps (combined), Usage Kbps (in), and Usage Kbps (out). Client Speed This trigger type indicates that the speed for an individual client has exceeded a predefined threshold. The available condition for this trigger is Speed Mbps. b.
b. Repeat this procedure for as many triggers and conditions as desired. Refer to the start of “Creating New Triggers” on page 193 to create a new trigger. Setting Triggers for AirWave Health After completing steps 1-3 in “Creating New Triggers” on page 193, perform the following steps to configure IDS-related triggers. a. Choose the Disk Usage trigger type from the drop-down Type menu. See Figure 139 for trigger types. Table 116 describes the condition settings for this trigger type.
Figure 140 Alert Summary Table Illustration This table displays alerts as follows; select the alert Type to display alert details: AirWave Alerts—Displays details for all device alerts. IDS Events—Displays details of all Intrusion Detection System (IDS) events and attacks under the RAPIDS tab. You must be enabled as a RAPIDS user to see this page. RADIUS Authentication Issues—Displays RADIUS-related alerts for devices in the top viewable folder available to the AirWave user.
Move the alert to the Alert Log by selecting it and selecting Acknowledge. You can see all logged alerts by selecting the View logged alerts link at the top of the System > Alerts page. Select the Alerts link to return to the list of new alerts. Delete the alert by selecting it from the list and clicking the Delete button.
See “Evaluating Client Status with the Clients > Diagnostics Page” on page 214. Clients > Tags—Displays a list of wireless tags, such as Aeroscout, PanGo and Newbury, that are heard by thin APs, and reported back to a controller that is monitored by AirWave. “Supporting RFID Tags With the Clients > Tags Page” on page 209.
Figure 143 Clients > Connected Page Illustration (Partial View) Table 118 Clients > Connected Table Columns and Links (Alphabetical) Field Description AOS Device Type The type of client device determined by the Dell controller -- a fallback in case the rules set in AMP Setup > Device Type Setup were unable to determine the device type. AP/Device Displays the name of the AP to which the MAC address is associated as a link to this AP's APs/Devices > Monitor page.
Table 118 Clients > Connected Table Columns and Links (Continued)(Alphabetical) Field Description EAP Supplicant The party being authenticated in the Extensible Authentication Protocol. Forward Mode Forwarding mode for the port: Bridge, Tunnel, or Split Tunnel. Goodput The ratio of the total bytes transmitted or received in the network to the total air time required for transmitting or receiving the bytes. Group The group containing the AP that the user is associated with.
Monitoring Rogue Clients With the Clients > Rogue Clients Page You can view connected rogue clients in AirWave by selecting the Clients > Rogue Clients page. In this page, you can click on the MAC address of a rogue to view the Client Details page or on a Rogue AP link to view the RAPIDS > Details page for the AP. Figure 144 illustrates the Clients > Rogue Clients page. Figure 144 Clients > Rogue Clients Page Illustration Table 119 describes the fields on this page.
Supporting Guest WLAN Users With the Clients > Guest Users Page AirWave supports guest user provisioning for Dell PowerConnect W-Series, Alcatel-Lucent, and Cisco WLC devices. This allows frontline staff such as receptionists or help desk technicians to grant wireless access to WLAN visitors or other temporary personnel.
Table 120 Clients > Guest Users Fields Field Description Repair Guest User Errors Sets AirWave to attempt to push the guest user again in an attempt to repair any errors in the Status column. Add New Guest User Adds a new guest user to a controller via AirWave. Username Randomly generates a user name for privacy protection. This name appears on the Guest User detail page. Name Displays the specified guest user name. Enabled Enables or disables the user status.
6. Select Add to complete the new guest user, or select Cancel to back out of new user creation. The Clients > Guest Users page appears and displays results, as applicable. Supporting VPN Users with the Clients > VPN Sessions Page The Clients > VPN Sessions page shows active VPN Sessions along with device type and HTTP fingerprinting information.
from the controller in a table on this page. Figure 149 illustrates this page, and Table 121 describes fields and information displayed. NOTE: The Vendor, Battery Level, and Chirp Interval columns can be filtered using the funnel icon ( ). Figure 149 Clients > Tags Page Illustration Table 121 Clients > Tags Fields Field Description Name Displays the user-editable name associated with the tag. MAC Address Displays the MAC address of the AP that reported the tag.
Clients > Connected Clients > All Home > Search page results or Search field Client results that display the user MAC address This page provides information for the wireless device, signal quality, and bandwidth consumption. This page also provides an AP association history and current association status. Finally, if VisualRF is enabled in AMP Setup > General, this page provides a graphical map of the user location and facility information.
To see more options, select the Show additional properties link.
Quick Links for Clients on Dell Devices In Clients > Client Detail, the following two drop-down menus appear next to the Save button in the Device Info section: Open controller web UI: A drop-down menu that allows you to jump to the controller’s UI in a new window. Thin APs link to Controller > Access Points when not operating in mesh mode, or Controller > Mesh Nodes otherwise.
Figure 155 Rogue Association History table in Clients > Client Detail Evaluating Client Status with the Clients > Diagnostics Page The Clients > Diagnostics page is accessible from the Clients > Client Detail page. You can also search for a user and select the associated MAC address from the search results. This page provides an overview of a WLAN user’s general status and connectivity on the network, as illustrated in Figure 156.
Prerequisites for Using MobiControl with AirWave In order to use the MobiControl integration in AirWave, the following is required: An AirWave running version 7.2.3 or later An MDM server with SOTI MobiControl Console 8.0x A client device that is: associated with WLAN infrastructure managed by the AirWave server running 7.2.3 or later being actively managed by the SOTI MobiControl server For more information about setting up MobiControl, please see http://www.soti.net/mc/help/.
Search results that display user MAC address 2. Select the MAC address in the Clients list table. The Clients > Client Detail page displays. 3. Under the Classification field, select the View device in SOTI MobiControl link. A new window will display the MobiControl Web Console for this device.
Table 123 Home > Overview Sections and Charts Section Description Clients This chart is a graphical summary of the number of users on the network during a period of time. The time can be adjusted. Select Show All to display a list of data series that this graph can display, such as the user count by SSID. Clear the Max Clients or Avg Clients checkbox to change the display of the graph. The graph displays the maximum number of users by default.
Viewing and Updating License Information Navigate to the Home > License page using the standard AirWave menu. Figure 158 illustrates this page, and Table 124 describes the contents. Please be aware that you cannot enter multiple licenses. To combine multiple license entitlements into one new license, contact Dell support at support.dell.com.
Search performs partial string searches on a large number of fields including the notes, version, secondary version, radio serial number, device serial number, LAN MAC, radio MAC and apparent IP address of all the APs, as well as the client MAC, VPN user, Client, LAN IP and VPN IP fields. Figure 159 illustrates this page. Figure 159 Home > Search Page Illustration with Sample Hits on “00:” 1. Enter the keyword or text with which to search.
Accessing AirWave Documentation The Home > Documentation page provides easy access to all relevant AirWave documentation. All of the documents on this page are hosted locally by your AirWave server and can be viewed by any PDF viewer. If you have any questions that are not answered by the documentation, please contact Dell support. Configuring Your Own User Information with the Home > User Info Page The Home > User Info page displays information about the user that is logged into AirWave.
Table 125 Home > User Info Fields and Descriptions Field Description Top Header Stats Filter Level For Rogue Count Specifies the minimum classification that will cause a device to be included in the rogue count header information. More about the classifications can be found in “Controller Classification with WMS Offload” on page 179.
Using the System > Configuration Change Jobs Page Schedule configuration change jobs are summarized on the System > Configuration Change Jobs page. Perform the following steps to use this page, illustrated in Figure 161. Figure 161 System > Configuration Change Jobs Page Illustration 1. To edit an existing configuration change job select on the linked description name.
Use additional links on the page as shortcuts to the Device Setup > Upload Firmware & Files page, or the complete raw text of the Firmware Server Log To view additional details about an individual upgrade job including the devices being upgraded, select the name of an upgrade job from the Name column to go to the System > Firmware Upgrade Job Detail page, illustrated in Figure 163.
Figure 164 System > Performance Page Illustration (Partial Screen) 224 | Performing Daily Administration in AirWave Dell PowerConnect W-AirWave 7.
Table 126 System > Performance Page Fields and Graphs Field Description System Information CPU(s) Basic CPU information as reported by the operating system. Memory The amount of physical RAM and Swap space seen by the operating system. Refer to the Dell PowerConnect W-AirWave Server Hardware Guide at support.dell.com/manuals for hardware requirements. Kernel The version of the Linux kernel running on the box. Architecture The AirWave’s architecture information.
Table 126 System > Performance Page Fields and Graphs (Continued) Field Description Database Statistics Top 5 Tables (by row count) The five largest tables in AirWave. Degraded performance has been noticed for in some cases for tables over 200,000 rows. Decreasing the length of time client data is stored on the AirWave page is recommended if a user/client table exceeds 250,000 rows. Database Table Scans The number of database table scans performed by the database.
Figure 165 Master Console Home > Overview Page Illustration Reports can be run from the Master Console to display information from multiple AirWave stations; because such reports can be extremely large, reports can also be run as summary only so that they generate more quickly and finish as a manageable file size. The Master Console can also be used to populate group-level configuration on managed AirWave installations using the Global Groups feature.
Figure 166 Public Portal Page Illustration The Public Portal supports configuration of the iPhone interface. This can be configured using the Master Console AirWave page. See “Defining General AirWave Server Settings” on page 27. Adding a Managed AMP with the Master Console Perform the following steps to add a managed AirWave console. 1. Navigate to the Home > Managed AMPs page. 2.
1. Navigate to the Master Console's Groups > List page. 2. Select Add to add a new group, or select the name of the group to edit settings for an existing group. 3. Select the Duplicate icon to create a new group with identical configuration to an existing group. Groups created on the Master Console will act as Global Groups, or groups with master configurations that can be pushed out to subscriber groups on managed AMPs.
To download a backup file, select the filename URL and the File Download popup page appears. Regularly save the data backup file to another machine or media. This process can be automated easily with a nightly script. NOTE: Nightly maintenance and amp_backup scripts back up the full AirWave data and save the file as nightly_data00[1-4].tar.gz. In previous AirWave versions, the scripts created both config backup and data backup files.
Navigation Section of AirWave Failover The Navigation section displays tabs to all main GUI pages within AirWave Failover. The top bar is a static navigation bar containing tabs for the main components of AirWave, while the lower bar is context-sensitive and displays the subtabs for the highlighted tab. Table 128 describes the contents of this page.
Table 129 Home > Watched Page Fields and Default Values (Continued) Setting Default Description Password None The password for the username with management rights specified above. HTTP Timeout (5-1000 Sec) 60 The amount of time before AirWave considers a polling attempt failed. Polling Enabled Yes Enables or disables polling of the Watched AMP. NOTE: You do not need to disable polling of the watched AMP system if it is set to be down during nightly maintenance or is being upgraded.
Chapter 9 Creating, Running, and Emailing Reports This chapter describes AirWave reports, including access, creation, scheduling, and distribution. This chapter includes the following sections: “Overview of AirWave Reports” on page 233 “Using Daily Reports” on page 236 “Defining Reports” on page 257 “Emailing and Exporting Reports” on page 261 AirWave ships with several reports enabled by default. Default reports may run nightly or weekly, depending on the AirWave release.
Run Now (visible from the expanded Report Definitions menu) allows immediate running of a custom report as soon as you set the parameters. You must save its definition separately, if you want to remember the parameters. Report definitions for other roles section—This section, supported for admin users, displays additional reports that have been scheduled for other roles. This section of the page adds the Role column, and other columns are the same.
Figure 168 Reports > Definitions Page Illustration (Split View) Figure 169 Report Type Drop-down Menu in Reports > Definitions Illustration NOTE: Only admin users have complete access to all report information. The AirWave reports and online displays of information can vary with configuration, User Roles, and Folders. Reports > Generated Page Overview The Reports > Generated page displays reports that have been run, as well as the most recent daily version of any report.
Figure 170 Reports > Generated Page Example Figure 171 Reports > Generated Page with Single-click Report Viewing Options Using Daily Reports This section describes the default and custom-scheduled reports supported in AirWave. These reports can be accessed from the Reports > Generated page. Viewing Generated Reports The Reports > Generated page supports the following general viewing options: By default, the reports on the Reports > Generated page are sorted by Generation Time.
Table 131 Reports > Generated Page Fields and Descriptions Field Description Subject Displays the scope of the report, to include groups, folders, SSIDs, or any combination of these that are included in the report. User This displays the user who created the customized report. Report Start Displays the beginning of the time period covered in the report. Report End Displays the end of the time period covered in the report.
6. Below the Report Restrictions section are Scheduling Options, Report Visibility, and Email Options sections. Choose the parameters as needed for your report, especially a Report Start and Report End. 7. When finished, select Add and Run to add the report to your list and run it immediately, Run Now to run without being added to the list, Add to add but not run the report, or Cancel to exit this page.
Figure 174 Capacity Planning Report Detail Page Table 132 Capacity Planning Report Fields and Contents, Top Portion Field Description Device Displays the device type or name. Interface Displays the type of 802.11 wireless service supported by the device. Group Displays the device group with which the device is associated. Folder Displays the folder with which the device is associated. Controller Displays the controller with which a device operates. Dell PowerConnect W-AirWave 7.
Table 132 Capacity Planning Report Fields and Contents, Top Portion (Continued) Field Description Time Above 1% of Capacity Displays the time duration in which the device has functioned above 0% of capacity. A low percentage of use in this field may indicate that a device is under-used or poorly configured in relation to its capacity, or in relation to user needs. Capacity Combined (b/s) Displays the combined capacity in and out of the device, in bits-per-second.
Figure 175 Reports > Generated > Daily Configuration Audit Report Page, abbreviated example Table 133 Daily Configuration Audit Report Field Description Name Displays the device name for every device on the network. Selecting a given device name in this column allows you to display device-specific configuration. Folder Displays the folder in which the device is configured in AirWave.
Most Utilized by Bandwidth—By default, this list displays the 10 devices that consistently have the highest bandwidth consumption during the time period defined for the report. This list provides links to additional information or configuration pages for each device. Least Utilized by Maximum Number of Simultaneous Users—By default, this list displays the 10 devices that are the least used, according to the number of users.
Table 134 Reports > Generated > Daily Device Summary Report Unique Fields and Descriptions Field Description Max Simultaneous Users Displays the maximum number of users that were active on the associated device during the period of time that the report covers. Total Bandwidth (MB) Displays the bandwidth in megabytes that the device supported during the period of time covered by the report.
Figure 177 Device Uptime Report Illustration Table 135 Reports > Generated > Device Uptime Report Unique Fields and Descriptions Field Description SNMP Uptime Displays the percentage of time the device was reachable via ICMP. AirWave polls the device via SNMP at the rate specified on the Groups > Basic page. ICMP Uptime Displays the percentage of time the device was reachable via ICMP. If the device is reachable via SNMP it is assumed to be reachable via ICMP.
Selecting the AP device or controller name takes you to the APs/Devices > List page. Figure 178 and Table 136 illustrate and describe the Reports > Generated > IDS Events Detail page. Figure 178 Reports > Generated > IDS Events Report Illustration Table 136 Reports > Generated > IDS Events Detail Unique Fields and Descriptions Field Description Attack Displays the name or label for the IDS event.
Figure 179 Reports > Generated > Inventory Report Illustration (Edited View) 246 | Creating, Running, and Emailing Reports Dell PowerConnect W-AirWave 7.
Using the Memory and CPU Utilization Report The Memory and CPU Utilization Report displays the top memory usage by device, and CPU usage on the network by device. Both are by percentage. To create a scheduled and generated report of this type, refer to “Using Daily Reports” on page 236. Figure 180 illustrates the Reports > Detail page for this report.
Using the New Rogue Devices Report The New Rogue Devices Report summarizes rogue device information including the following categories of information: Rogue devices by RAPIDS classification—described in “Using RAPIDS and Rogue Classification” on page 173 Top rogue devices by number of discovering APs Top rogue devices by signal strength Graphical summary of rogue devices by LAN MAC address vendor Graphical summary of rogue devices by radio MAC address vendor Text-based table summary o
Figure 182 Reports > Generated > New Rogue Devices Report Illustration The rogue device inventories that comprise this report contain many fields, described in Table 137. Dell PowerConnect W-AirWave 7.
Table 137 New Rogue Devices Report Fields Field Description Name Displays the device name, as able to be determined. RAPIDS Classification Displays the RAPIDS classification for the rogue device, as classified by rules defined on the RAPIDS > Rules page. Refer to “Using RAPIDS and Rogue Classification” on page 173 for additional information. Threat Level Displays the numeric threat level by which the device has been classified, according to rules defined on the RAPIDS > Rules page.
Figure 183 Reports > Generated > New Users Report Illustration Using the PCI Compliance Report AirWave supports PCI requirements in accordance with the Payment Card Industry (PCI) Data Security Standard (DSS). The PCI Compliance Report displays current PCI configurations and status as enabled on the network. Verify that AirWave is enabled to monitor compliance with PCI requirements, as described in the “Enabling or Disabling PCI Auditing” on page 64.
List of access and distribution ports Histogram displaying unused ports vs. unused switches by type (access or distribution) List of most used switches List of most used ports A sample of the types of information used to generate in a Port Usage Report appears in Figure 185.
Figure 186 Reports > Generated > RADIUS Authentication Issues Detail Page Illustration Using the RF Health Report The RF Health Report tracks the top AP radio issues by noise, MAC/Phy errors, channel changes, transmit power changes, mode changes, and interfering devices (the last two apply only if there are ARM events). This report assists in pinpointing the most problematic devices on your network, and lists the top 10 devices by problem type.
Figure 187 Reports > Detail > Daily RF Health Report Page Illustration 254 | Creating, Running, and Emailing Reports Dell PowerConnect W-AirWave 7.
All tables in RF Health indicate the rank, device type, number of users, bandwidth, location, controller, folder, and group, and all are sorted according to rank. Selecting a value under the Device column in any table will take you to the APs/Devices > Monitor > Radio Statistics page for the band indicated in the table title (5 GHz or 2.4 GHz).
Using the Rogue Containment Audit Report The rogue containment audit report that lets you know if any containment is failing. Figure 189 illustrates the fields and information in this report type. Figure 189 Reports > Detail > Rogue Containment Audit Report Page Illustration Using the Client Session Report The Client Session Report extensively itemizes user-level activity by session- any instance in which a user connects to the network.
Figure 190 Client Session Detail, Partial View Defining Reports You can create reports in AirWave for any time period you wish, to be run when you wish, and distributed to recipients that you define. Perform these steps to create and run custom reports. Reports created with the Reports > Definition page appear on this and on the Reports > Generated page once defined. 1.
Figure 191 Defining a Report with Reports > Definitions > Add Button 2. Complete the fields described in Table 138 and any additional Report Restrictions. The Report Restrictions section changes according to the report type you choose. Additional information about each report type is described in “Using Daily Reports” on page 236. Table 138 Reports > Definitions > Add Page Fields Field Default Description Title Empty Enter a Report Title.
Table 138 Reports > Definitions > Add Page Fields (Continued) Field Default Description Schedule No When you select Yes, new fields display that allow you to define a specific time for report creation. The report schedule setting is distinct from the Report Start and Report End fields, as these define the period of time to be covered by the report.
Table 139 describes the configurable settings for the custom report to be created. Select any of the report names to view additional information on that report type. Table 139 Report Types and Scheduling Options Supported for Custom Reports Can by Run by Time Period Can be Run by Description Group/Folder Using Custom Reports Yes Yes Summarizes devices based on which have exceeded a defined percentage of their maximum bandwidth capacity.
Table 139 Report Types and Scheduling Options Supported for Custom Reports (Continued) Report Type Using the Client Session Report Can by Run by Time Period Can be Run by Description Group/Folder Yes Yes Summarizes user data by radio mode, SSID and VLAN, as well as lists all sessions.
Transferring Reports Using FTP Once reports are generated, you can also copy them to any ftp accessible destination using a sample script. For more information, contact Dell support at support.dell.com. 262 | Creating, Running, and Emailing Reports Dell PowerConnect W-AirWave 7.
Chapter 10 Using VisualRF This chapter contains information about VisualRF, and includes the following topics: “Features” on page 264 “Useful Terms” on page 264 “Starting VisualRF” on page 265 “Basic QuickView Navigation” on page 265 “Using the Settings in the VisualRF > Setup Page” on page 270 “Configuring QuickView Personal Preferences” on page 275 “Increasing Location Accuracy” on page 279 “Using QuickView to Assess RF Environments” on page 288 “Planning and Provisioni
Features Mesh monitoring page specially for viewing Dell AirMesh devices. VisualRF automatically renders Mesh APs based on GPS coordinates. Floor plan upload wizard enables direct importation of JPEG, GIF, PNG, PDF (single page only) and CAD files for floor plans. NOTE: PDF floor plans must be generated from a source file. Other PDFs, such as those scanned from a printer, will not import properly. Similarly, CAD files must be generated by AutoCAD.
VisualRF - The AirWave service that calculates location, calculates path loss, and provides floor plan editing capabilities. VisualRF Plan - Makes the planning portions of VisualRF available in an offline software package that does not require a server. For more information about VisualRF Plan, see “About VisualRF Plan” on page 307. Starting VisualRF In order to launch VisualRF, AMP Setup must specify to display the VisualRF tab, and the VisualRF engine must be switched on in VisualRF > Setup.
Table 140 Top Level Icons and Descriptions (Continued) Operation Icon Description Preferences Configure personal viewing preferences. The Preferences menu allows you to configure user preferences (overlay types, grid lines, alerts, icon sizes). See “Configuring QuickView Personal Preferences” on page 275 for more details. Help Launch the online help. NOTE: This User Guide currently contains the most up-to-date help information for the VisualRF interface.
Above - show the data from APs located on the floor above Current (default) Below - show the data from APs located on the floor below Frequencies section Select the desired frequency from the following options: 5 GHz (lines are always green) 2.4 GHz (lines are always blue) Display Menu Figure 198 Display Menu Device Types section Clients - Turns the display of wireless users on or off. Clients on the floor plan are indicated by the Rogues - Toggle rogue devices on or off.
Edit Menu Figure 199 Edit Menu Options Options in the Edit menu allow you to add information to the floor plan. Table 141 explains the options in the Edit menu: Table 141 Edit Icons and Descriptions Operation Description Edit Locked/Unlocked Specifies whether to lock or unlock a floor plan for editing. Draw Walls Add walls onto a floor plan. Refer to “Adding Exterior Walls” on page 280. Draw Region Add a region onto a floor plan.
Figure 200 On-Screen Navigation Options Mesh View Navigation Mesh view provides a visual Mesh monitoring page specially for viewing DellAirMesh devices. It automatically renders Mesh APs based on GPS coordinates. Figure 201 displays an example of a Mesh Network view with a mouseover above a network icon: Figure 201 Viewing Mesh Networks in VisualRF You can mouse over each mesh network icon to view the number of APs, Clients, and the Usage.
Figure 202 APs in a mesh network Select an AirMesh’s AP icon to bring up the popup menu showing the Mesh Node Properties by default. This window shows the node’s name, MeshID, MAC, Manufacturer, and other information. Clicking the blue Monitor link inside this window opens the APs/Devices > Monitor page in a new tab. Clicking the blue Manage link inside this window opens the APs/Devices > Manage page for this AP in a new tab.
Figure 204 The VisualRF > Setup Page Server Settings To enable VisualRF and tune memory and performance, navigate to the Server Settings section on this page. The settings in this section are detailed in Table 142: Table 142 Server Settings Section of the VisualRF > Setup Page Setting Default Description Enable VisualRF Engine No Enables or disables the VisualRF engine. This setting must be enabled to use VisualRF. If you do not have a license for VisualRF, this page will not appear.
Table 142 Server Settings Section of the VisualRF > Setup Page (Continued) Setting Default Description Memory Allocation 512 MB The amount of memory dedicate to VisualRF. It is not dynamically allocated and all the memory is consumed upon starting the service. Be sure to check the memory and swap utilization in the Systems > Performance page before making any changes.
Location Calculation Timer Settings To tune the frequency for calculating device locations within the VisualRF UI, navigate to the Location Calculation Timer Settings section. The available settings are described in Table 144: Table 144 Location Calculation Timer Settings Section of VisualRF > Setup Setting Default Description Legacy Laptop Min/Max (sec) 90/360 This timer determines how often to calculate the location for legacy laptop devices.
Table 144 Location Calculation Timer Settings Section of VisualRF > Setup (Continued) Setting Default Description Scale Number of Samples 3 Printer Min/Max (sec) 120/480 This timer determines how often to calculate the location of printers.
Adding a New Attenuation In some cases, it may be necessary to create a special attenuation setting. Click on the Add button to specify a new wall attuenation. Figure 205 Add a New Wall Attenuation Update the fields as described in Table 146. Click the Add button on the form when you are finished. Table 146 New Wall Attenuation in VisualRF > Setup Setting Description Material Specify the type of material for the new wall. Attenuation (0-100 dB) Specify the attenuation decibel value.
Figure 206 QuickView Preferences Page Illustration (General preferences selected) Enable auto-refresh toggle.
Show Channel in Label - view the channel info within the AP label Show Transmit Power in Label - view transmit power within the AP label Clients - select from the Configure Preferences for drop-down menu. Figure 208 QuickView Preferences Page Illustration (Clients preferences selected) Usage - select the kbps threshold for normal (green), high (yellow), and excessive (red).
Figure 210 QuickView Preferences Page Illustration (Grid Lines preferences selected) Show Grid Lines - if enabled, specify the number of feet between grid lines Color of grid lines - select a color for grid lines Navigation - select from the Configure Preferences drop-down menu (campus and buildings).
Increasing Location Accuracy The Location Service will use all RF information available to increase location accuracy of clients, tags, and rogue devices. Understanding your infrastructure's inherent capabilities helps you learn the extra effort required to ensure location accuracy.
Adding Exterior Walls Because VisualRF utilizes much existing RF information, generally only external walls are required for accurate client locations. VisualRF's Dynamic Attenuation feature uses AP-to-AP information to calculate attenuation for interior areas, negating the need to enter interior walls. If your devices support AP-to-AP information in the table above, you should only draw exterior walls. 1. Select Draw Walls button in the Edit menu. 2. The cursor changes to a crosshair.
Location Training for Stationary Devices QuickView provides the ability to statically assign a permanent x,y coordinate to stationary devices like PCs, Scales, and Point-of-Sale terminals. This will reduce the calculation requirements on the VisualRF location service and increase the accuracy of the RF characteristics of individual floor plans. 1. Drag the client device to the proper location. 2. Select the device and a popup menu appears. From that menu, select Surveys and Training. 3.
Figure 215 Client Surveys 3. Select the Surveys and Training option. 4. Select the appropriate transmit power for the wireless client. Leave the default to 30mW if you are unsure. 5. Select the Duration or the time that you want to sample the client's signal measurements. Longer durations will increase Path Loss accuracy and location accuracy. 6. Select OK to begin the survey. To display survey locations, select the Display menu and select Surveys.
Adding Location Probability Regions Location probability regions are optional regions that can be used to increase the accuracy of device location in VisualRF. VisualRF calculates device locations based on probability. VisualRF determines the probability of a device being located in every grid cell and places the device where the probability is the highest. Probability regions will add or remove up to 20% chance from the device location probability.
Figure 217 Adding a new Wiring Closet Region Now that the Wiring Closet is defined you will see a green WiringCloset icon on your floor plan. Double click that icon to navigate into the wired closet. 1. Add a rack to the wired closet by selecting the Add Empty Rack icon and dragging it to the background. 2. To add a planned device, select the Add Planned Device icon to view the Manually Provision Rack Gear menu. Select the device type in the Type menu, and then find the device you want to add.
Figure 218 Provisioning Devices Wired devices that are added to a wired closet are included in any BOM report covering that floor. Viewing Port Status on Deployed Switches Deployed switches on a rack will display the port status as red (down) and green (up) interface icons, which corresponds with the operationally up devices on the APs/Devices > Interfaces list. Planned switches do not display these status indicators in VisualRF.
Grid Size - decreasing the grid size will enable the location to place clients in a small grid which will increase accuracy. You can right-click on a floor plan within a building view and change this setting. Dynamic Attenuation - enabling dynamic attenuation (which is on by default) instructs the location service to sample the current RF environment and to dynamically adjust Path Loss.
Figure 222 WLC RRM Configuration in AirWave Review the values in the Monitor Intervals section. These should be configured to a recommended setting of 180 for better accuracy. Deploying APs for Client Location Accuracy Deploying access points for client location accuracy can be different than deploying access points for capacity.
Using QuickView to Assess RF Environments QuickView has four distinct views or entry points: client view, access point view, floor plan view, and network, campus, and building view.
Radios - the heatmap represents only the radio to which the client in focus is associated Rogues - all rogues are off Client/Rogue Surveys - all surveys are off Walls - all walls are displayed Lines - client to AP of association Labels - all labels are disabled Tracking Location History Select a client icon in the floor plan and select Display from the pop-up menu shown in Figure 227: Figure 227 Show Location History A location history player, illustrated in Figure 228, appears at
Figure 230 QuickView Thumbnail in APs/Devices > Monitor page for an AP A fully interactive QuickView display opens below the thumbnail on the same page (not in a new window), as shown in Figure 231: Figure 231 Full QuickView in APs/Devices > Monitor page for an AP (partial view) This view is focused on enabling quick resolution of AP issues and therefore disables many RF objects by default as follows: Clients - only clients associated with radios within access point of focus are displayed APs - on
Figure 232 Floor Plans List View The VisualRF > Floor Plans page provides a snapshot of how VisualRF is performing, as described in Table 149: Table 149 Floor Plans list columns Field Description Campus Campus associated to the floor. Building Building associated to the floor. Floor Floor number. The decimal place can be used for mezzanine levels. Name Optional name of a floor. (If the name is not changed, it displays the name as Floor [Number] by default.
Viewing Campuses, Buildings, or Floors from a Tree View As an alternative to using QuickView, you can use the Tree View to view floors from a hierarchical tree, as follows: 1. Navigate to the VisualRF > Floor Plans page. 2. Select the Tree icon ( appears on the screen. )at the top right of any view. The Network Tree View window, shown in Figure 233, Figure 233 Network Tree View - Floor highlighted 3. Use the arrows to drill down into the folders to select the Campus, Building, or Floor.
Creating a New Campus Floors are associated with a building, and buildings are associated with a campus. In order to create a new floor, you must first create a campus with at least one building. To create and place your campus, follow these steps: 1. Navigate to VisualRF > Floor Plans. 2. Select the Add Campus button located above the floor plan on the top left. The Create New Campus window, illustrated in Figure 234, appears. 3.
Table 150 New Building Fields and Descriptions (Continued) Field Description Distance between floors The normal distance between floors in the building. This value can be overridden as each floor is created, but this is the default value for every new floor added to the system. This data element can be imported or exported to external planning tools like Ekahau. It is not currently utilized by AirWave. Attenuation between floors Enter the attenuation loss in decibels between floors.
You are now ready to import your floor plan. Importing a Floor Plan The following steps show how to import a floor plan background image file. NOTE: When importing RF plans, be sure that the devices to be included are also available in the device catalog. 1. In VisualRF > Floor Plans, click the Add Floorplan icon (displays when viewing a Building) or use the Add button above the floor plan list at the bottom of the page. 2. Select Choose File to locate a floor plan image file from your hard drive.
If the floor plan does require cropping, sizing, or layer control, then proceed to the next procedure. NOTE: Floor plans can be added (imported), edited, and deleted. Currently, functionality does not exist to replace a floor plan. If you want to import a newer floor plan to replace a current one, you must first delete the original plan and then add the new plan.
2. Locate two points within the floor plan that you know the distance. Most door jams (door openings) are 3 feet. 3. Select and hold to establish the first point and drag your mouse to the second point and release. 4. A distance dialogue box appears. Enter the proper length in feet, as shown in Figure 237. Figure 237 Manually Measuring a Floor Plan 5. Select OK. Floor plans can be resized in VisualRF after they have been uploaded.
Assigning Optional Planner, Owner, or Installer Information for the Floor Plan Locate the Optional Information section and enter the following information in Table 152: Table 152 Optional Information for the Floor Plan Setting Default Description Owner N/A The owner of the floor (used in diagnostics and alerts). Planner N/A The person in charge of planning the RF layout for the floor. Installer N/A The person in charge of installing RF equipment for the floor.
5. Select whether to navigate by Group or by Folder in the View By field. NOTE: Alternatively, you can use the Search field. 6. Expand the Group or Folder containing the access points which need to be provisioned on this floor plan. Note that by default, devices that have already been added to VisualRF are hidden. To show them, clear the “Hide Devices already added to VisualRF” checkbox at the bottom of the list. 7.
Figure 241 Planning Region Drawing and Selection Illustration 2. Draw your polygon as follows: Left-click to initiate the process. The tool will automatically shade in your provisioning area. Complete the polygon by double-clicking. 3. Once you have finished drawing the region, enter a name for the region and select a Region Type of Planning. Then select OK. The following image displays. Figure 242 Autoprovisioning APs 300 | Using VisualRF Dell PowerConnect W-AirWave 7.
4. Enter the following information into the Autoprovision APs window as described in Table 153: Table 153 Fields in the Autoprovision APs Window Field Description Device Selection AP Type The type of AP used in this planning region. Radio Section Phy Whether they PHY is set to 11n or no radio. Xmit Transmit power of the APs. Gain Gain of the APs. EIRP EIRP of the APs.
Edit the region - Change the name of the region Copy the Region to floors above - Will copy the region and auto plan for floors above. NOTE: The starting floor will add one to the highest floor in the building and the ending floor defaults to 10 more than the starting floor. To replicate a floor plan, follow these steps: 1. Navigate back to the Building view by clicking on the navigation tags in the bottom-right corner of the window. 2. Right-click the floor and select Duplicate. 3.
Figure 243 Bill of Materials Report Illustration Importing and Exporting in VisualRF Exporting a campus To export a campus from VisualRF so you can import it into another AirWave, follow these steps: 1. Navigate back to the Network view. 2. Right-click the Campus icon. 3. Select Export. An object selection window appears. 4. Select the objects to export and select Export. A File Download window appears. 5. Select Save and save the zipped file to your local hard drive for importation to another AirWave.
Batch Importing CAD Files This process provides the ability to automatically upload many CAD files and auto provision existing walls and access points, and contains the following topics: “Requirements” on page 304 “Pre Processing Steps” on page 304 “Upload Processing Steps” on page 304 “Post Processing Steps” on page 304 “Sample Upload Instruction XML File” on page 305 “Common Importation Problems” on page 305 Requirements Operating System: Client machine must be Windows XP, Windo
2. Review the VisualRF > Floor Plans page to ensure server is keeping up. Sample Upload Instruction XML File PAGE 318To change the memory allocation, navigate to the VisualRF > Setup page and configure the memory allocation accordingly. Memory allocation should equal .5 GB for 1-75 floor plans, 1 GB for 76-250 floor plans, 1.5 GB for 251-500 floor plans, and 2 GB for 501-1,000 floor plans. NOTE: Importing a large number of floor plans can impact performance of the AirWave server. VisualRF must create a thumbnail, provision APs, create attenuation grid, and locate all clients on each imported floor plan.
Remax ft 314.45 425.88 /var/example/snapshot/b45e7a49-23-2e6d2c.677/background.jpg /snapshot/b423b5-4db0-891a2e0d2c.677/background.
Installation To install VisualRF Plan after you have downloaded it from the Dell support site: 1. The installer will prompt you for the location of the data directory. You must have access to the directory you choose for the installation. 2. Choose a directory for auto-backup. The default is user directory. 3. Follow the rest of the instructions on your installation screen. Differences between VisualRF and VisualRF Plan online Table 154 VisualRF Plan vs.
Appendix A Setting Up Dell PowerConnect-W Instant in AirWave This appendix describes the Dell PowerConnect W-Instant access point and Virtual Controller system, and the procedure to integrate this system with AirWave.
Discovery: AirWave does not discover Dell PowerConnect W-Instant devices via scanning (SNMP or HTTP) the network. Each Dell PowerConnect W-Instant deployment will automatically check-in to the AirWave configured within the IAP’s user interface. The first Virtual Controller for an organization will automatically appear as a new device in AirWave. Subsequent IAPs are discovered via the Virtual Controller, just like standard controller/thin AP deployments.
Setting up Dell PowerConnect W-Instant Manually When setting up Dell PowerConnect W-Instant manually, you will be requested to provide an Organization string, the AirWave IP address, and a Shared Key. Creating your Organization String The Organization String is a set of colon-separated strings created by the AirWave administrator to accurately represent the deployment of each Dell PowerConnect W-Instant system. This string is entered into the Dell PowerConnect W-Instant UI by the on-site installer.
2. Click on either the Set up Now at the bottom of the UI or on the Settings tab in the top right corner. This opens the Settings menu. Figure 244 Dell PowerConnect W-Instant > Settings page. 3. Locate the AirWave section on the Admin tab. 4. Enter the Origanization string, the AirWave IP address, and the Shared key. 5. Click OK when you are finished. Setting up Dell PowerConnect W-Instant Automatically Instant can be configured automatically using DHCP options 60 and 43.
A group called Acme is created. A top-level folder called Acme is created. Two sub-folders called Store1 and Store2 are created which will contain the IAPs. Reset your IAP to factory default state and reboot the IAP. You will see that the IAP will create a new role automatically with the name that you have used in option 43. It will append the name with ‘Admin’ so it becomes “Acme Admin”.
Figure 246 Mouseover the Dell PowerConnect W- Instant Type to Indicate Shared Secret If the incoming Shared Secret matches the one you created, select Add, then Save and Apply in the confirmation page. NOTE: With an Organization specified, you do not have to select any Group or Folder from the drop-down menus on the APs/ Devices > New page.
Figure 248 Audit page Perform the following steps to resolve the mismatch. 1. Navigate to the AP/Devices->Manage page for that Instant device. 2. Change the the Management Mode option to Manage Read/Write. 3. Click on Save and Apply at the bottom on the page. 4. When the Confirm changes page opens, click on Apply Changes Now for the changes take effect. Upon completion, the configuration will be synced to the Instant network.
intervention to provision these new Instant networks. The new networks will automatically be placed into the same group (if this is the desired configuration), but a new folder will be created to contain these devices. Figure 250 Adding a new Instant device to AirWave The golden template configuration from the first Instant network is used to provision the second Instant network in the new folder. When provisioning is complete, the status of the device will change from Verifying to Good.
AirWave Pages with Instant-Specific Features The following is a summary of AirWave pages affected by Dell PowerConnect W-Instant support: APs/Devices > New: When an Dell PowerConnect W-Instant device appears in the APs/Devices > New page, an admin user can mouse over the value on the Type column to display the device's Shared Secret with AirWave. APs/Devices > List: The Virtual Controller is listed as an additional device, even though it is part of the existing set of IAPs.
318 | Setting Up Dell PowerConnect-W Instant in AirWave Dell PowerConnect W-AirWave 7.
Index Numerics 802.11 counters ........................72, 127, 128, 129, 202 A device configuration ....................................... 136 PCI Compliance ............................................... 63 Audit (Read Only)................................................... 39 authentication priority ............................................ 44 AAA Servers ........................................................67, 77 Auto Detect Upstream Device setting .................
CSV File, adding multiple devices with ..............115 firewall,configuring ................................................... 9 Current Association ...............................................213 firmware MD5 Checksum ................................................ 53 specifying minimum versions for APs .............. 97 uploading ..................................................... 52, 54 D Dashboard Customizing Display ........................................23 Date and Time Configuring ....
HTTP Timeout ........................................................51 I IAP ..........................................................................309 ICMP settings ..........................................................52 IDS Events .............................................................201 ignore device ..........................................................117 Incidents .................................................................201 Instant Dell PowerConnect W ....................
product overview Configuring Date and Time ...............................6 defining a scan .................................................109 executing a scan ...............................................110 navigating...........................................................10 New Clients ..................................................... 250 New Rogue Devices ......................................... 248 RADIUS Authentication Issues ..................... 252 RF Health Report ....................
Signal Cutoff..................................................266, 289 Transmit Power Level............................................ 142 Signal Quality ........................................................125 trap types ................................................................ 130 single sign-on ...............................39, 40, 44, 122, 123 Trapeze ................................................................... 155 Smarthost .....................................................
Groups > Security .............................................79 Groups > SSIDs ................................................82 Groups > Templates ...............156, 157, 171, 172 Help....................................................................15 Home ................................................................216 Home > License..............................................218 Home > Managed AMPs ...............................228 Home > Overview ...........................................
Resource Utilization .......................................275 Server Settings .................................................271 VLANs ......................................................................82 Voice overlay ..........................................................266 W Watched AMPs ......................................................231 WDS Role...............................................................143 Web Auth bundles .............................................
326 | Index Dell PowerConnect W-AirWave 7.