Aruba Airwave 8.2.10.1 User Manual

AirWave 8.2.10.1

User Guide

Open Source Code

This product includes code licensed under the GNU General Public License, the GNU Lesser General Public License, and/or certain other open source licenses. A complete machine-readable copy of the source code corresponding to such code is available upon request. This offer is valid to anyone in receipt of this information and shall expire three years following the date of the final distribution of this product version by HewlettPackard Enterprise Company. To obtain such source code, send a check or money order in the amount of US $10.00 to:

Hewlett-Packard Enterprise Company Attn: General Counsel 6280 America Center Drive San Jose, CA 95002 USA

Please specify the product and version for which you are requesting source code.

You may also request a copy of this sourcecode free of charge at: http://hpe.com/software/opensource.

Nove mber 2019 | Rev. 01 AirWave 8.2.10.1 | User Guide

Contents

Introduction 15

Aruba Mobility Controllers 15 Instant Access Points 15 ArubaOS-S Switches and ArubaOS-CX Switches 16

Configuring AirWave 17

Defining General AirWave Server Settings 17

Configuring the AirWave Server 17

General Settings 18 Automatic Authorization Settings 19 Aruba Instant Settings 20 Top Header Settings 21 Search Method 22 Home Overview Preferences 22 Display Settings 23 Device Configuration Settings 24 AMP Features 24 External Logging Settings 25 Historical Data Retention Settings 26 Firmware Upgrade/Reboot Options 28 Additional AMP Services 29 Performance Settings 32

Defining Network Settings 33

Primary Network Interface Settings 34 Secondary Network Interface Settings 35 Network Time Protocol (NTP) Settings 35

Static Routes 36 Creating AirWave Users 36 Configuring AirWave User Roles 38

User Roles and VisualRF 38

Creating AirWave User Roles 38 Configuring the User Login and Authentication 43

Configuring the User Login 44

Configuring Whitelists 44

Setting Up Single Sign-On 45

Specifying the Authentication Priority 45

Integrating a RADIUS Accounting Server 45

Configuring RADIUS Authentication and Authorization 46

Configuring TACACS+ Authentication 48

Configuring LDAP Authentication and Authorization 50 Enabling AirWave to Manage Your Devices 53

Configuring Communication Settings for Newly Discovered Devices 53

Uploading Firmware and Files 54 Managing Certificates 59

Uploading Certificates 59

Changing the SSL Certificate for Aruba Instant 61

AirWave 8.2.10.1 | User Guide Contents | iii

Generating Certificate Signing Requests (CSRs) 61

Setting Up Certificate Authentication 62

Disabling the Certificate Authentication Requirement 63

Installing Signed Certificates 64

Regenerating Self-Signed Certificates 64

Adding DTLS Certificates 65

Configuring Certificate Revocation Lists (CRLs) 65 Setting Up Device Types 66

Configuring Cisco WLSE and WLSE Rogue Scanning 66

Introduction to Cisco WLSE 66 Initial WLSE Configuration 67

Adding an ACS Server for WLSE 67

Enabling Rogue Alerts for Cisco WLSE 67

Configuring WLSE to Communicate with APs 67

Discovering Devices 68

Managing Devices 68

Inventory Reporting 68

Defining Access 68

Grouping 68 Configuring IOS APs for WDS Participation 69

WDS Participation 69

Primary or Secondary WDS 69 Configuring ACS for WDS Authentication 69 Configuring Cisco WLSE Rogue Scanning 70

Configuring ACS Servers 71 Integrating NMS Servers 72

Add an NMS Server 72 Download the MIB Files 72

PCI Compliance Monitoring 72

Check Compliance 72 Enabling PCI Compliance Monitoring 73

Supported PCI Requirements 74

Deploying WMS Offload 74

WMS Offload Configuration 75

Integrating External Servers 75

Add a Juniper Network Director 75 Add a BrocadeNetwork Advisor 76 Add an HPE Intelligent Management Center 76

Using Device Groups 77

Navigation Basics 77

Viewing Device Groups 78

Comparing Device Groups 80 Changing Group Configurations 81 Using Global Groups for Group Configuration 83

About Global Group Membership 83 Creating a Global Group 83 Subscribing other Groups to a Global Group 84

Deleting a Group 85

Monitoring Device Groups 85

Modifying Multiple Devices 86

iv | Contents AirWave 8.2.10.1 | User Guide

Configuring Basic Settings for Device Groups 89

Basic Settings 90 Global Groups 90 SNMP Polling Periods 91 Routers and Switches 92 Notes 92 GroupDisplay Options 93 Automatic Static IP Assignment 93 Spanning Tree Protocol 94 NTP 94 Aruba Switch Configuration 94 Aruba 95 Aruba Instant 95 Cisco IOS/Catalyst 97 Cisco WLC 97 Proxim/ Avaya 97 HP ProCurve 98 Symbol 98 Juniper/3Com/Enterasys/Nortel/Trapeze 99 Universal Devices, Routers and Switches 99 Automatic Authorization 99 Maintenance Windows 100

Configuring AAA Servers for Device Groups 100 Configuring Security for Device Groups 101 Configuring SSIDs and VLANs for Device Groups 106 Configuring Group Radio Settings 110 Configuring Cisco WLC Device Groups 114

Accessing Cisco WLC Configuration 114 Configuring WLANs for Cisco WLC Devices 114 Defining and Configuring LWAPP AP Groups for Cisco Devices 118 Viewing and Creating Cisco AP Groups 118 Configuring Cisco Controller Settings 118 Configuring Wireless Parameters for Cisco Controllers 119 Configuring Cisco WLC Security Parameters and Functions 119 Configuring Management Settings for Cisco WLC Controllers 120

Configuring PTMP Settings for DeviceGroups 120 Configuring Proxim Mesh Radio Settings 121 Configuring Group MAC ACLs for Device Groups 123 Specifying the Minimum Firmware Version for Device Groups 124

Discovering, Adding, and Auditing Devices 126

How to Set Up Device Discovery 126

Adding Networks for SNMP/HTTP Scanning 126 Adding Credentials for Scanning 127 Defining a Scan Set 128 Running a Scan Set 128 The Cisco Discovery Protocol (CDP) 130 Adding Devices into AirWave 130

Adding Devices Manually 130

Adding Devices from a CSV File 133

Setting the Management Mode 133

AirWave 8.2.10.1 | User Guide Contents | v

Verifying the Device Configuration 134 Ignoring Discovered Devices 135

Unignoring a Device 135 Troubleshooting a Newly Discovered Down Device 136

Using ZTP Orchestrator Beta 138

Before You Begin 138

Minimum Requirements 138

Network Setup 138

Step 1: Create Groups for ZTP 139 Step 2: Add ClearPass Policy Manager 140 Step 3: Add Mobility Master 142 Step 4: Add the ArubaOS-CX Switch 143

Deployment 144

Step 1: Deploying Mobility Controllers 144 Step 2: Deploying ArubaOS-S Switches 144

Automated Workflow 145

Deployment Verification 146 Post Deployment 146

Monitoring the Network 147

Monitoring Basics 147

Customizing the Monitoring Page 148

First 25 Results 148

Creating Filtered Views 148

Editing Filtered Views 149

Showing Filters, Clearing Filters, Resetting Grouping 149 Using Device Folders 150

Adding Device Folders 150

Moving Folders 150

Expanding Folders 150

Changing Default Views 151

Monitoring Access Points, Mesh Devices, and Controllers 152

Device Information for Access Points, Mesh Devices, and Controllers 152

Radios 154

Wired Interfaces 155

Graphs for Access Points, Mesh Devices, and Controllers 156

Location 157 Clients 157 AirMesh Links 158 Neighbors 158 RF Neighbors 160 Alerts & Events 160 Advanced Monitoring 160 Viewing the Radio Statistics Page 160 Running Commands from the Radio Statistics Page 160

Issues Summary section 161

802.11 Radio Counters Summary 161

Radio Statistics Interactive Graphs 162

Recent ARM Events Log 163

Detected Interfering Devices Table 164

Active BSSIDs Table 165

vi | Contents AirWave 8.2.10.1 | User Guide

AirMatch Statistics for Mobility Master 166 Monitoring Mesh Devices 166 Setting up Spectrum Analysis 167

Spectrum Configurations and Prerequisites 168 Setting up a Permanent Spectrum Aruba AP Group 168

Configuring an Individual AP to run in Spectrum Mode 169

Configuring a Controller to use the Spectrum Profile 170

Monitoring ArubaOS-CX and Mobility Access Switches 171

Device Information 171 Graphs 172 Detailed Summary Tables 172

Neighbors 172

Connected Devices 174

Interfaces 175

Monitoring ArubaOS Switches 177

Getting Started 177

Color-Coded Status 177

Navigate Using Quick Links 178

Get Details from Tooltips 179 SummaryTab 180 Ports Tab 181

See Port Counts 182

Open a Port Status Pop-Up 182

Edit a Physical Interface 183

Get Interface Details 184 PoE Tab 184

See PoE Statistics 185

Change the Faceplate Using Overlays 185

Get Port Details 186

View Power Consumption 186 VLANs Tab 186

Change the VLANs View in the Faceplate 187

Get Trunk Details 187

Get Virtual Interface Details 187

Edit a Virtual Interface 187 Connected Tab 188

See Connected Device and Neighbor Counts 188

Determine Which Device Is Connected to a Port 188

View Dynamic Segmentation Information 189

Get Connected Devices Details 189

Edit a Connected Device 190

Get Neighbor Details 191 Hardware Tab 192 Alerts & Events Tab 193

Acknowledge an Alert 194 Troubleshooting Tab 195

Run a Command 195

Test a Cable 196

Monitoring 7000 Controllers 196

SummaryTab 197

AirWave 8.2.10.1 | User Guide Contents | vii

WANTab 198

See WAN Ports 198

Open the Port Details Pop-Up 198

WAN Interface Summary 199

Get WANInterface Details 199 Tunnel Tab 200

See Tunnel Counts and Details 200

Tunnel Details 200

Monitoring Controller Clusters 201

Viewing Details about the Controller Cluster 202

Capacity Graphs 202

Controller Statistics 202

Monitoring Cluster Events 203 Where to Find Additional Cluster Information 203

Monitoring Clients 204

Monitoring Wired and Wireless Clients 205 Monitoring Rogue Clients 206 Supporting Wireless Guest Users 207 Supporting VPN Users 210 Monitoring RFID Tags 211

Managing Mobile Devices with SOTI MobiControl and AirWave 212

Overview of SOTI MobiControl 212 Prerequisites for Using MobiControl with AirWave 213 Adding a Mobile Device Management Server for MobiControl 213 Accessing MobiControl from the Clients > Client Detail Page 214

Troubleshooting Client Issues 214

Evaluating User Status 214

Enabling Mobile Device Access Control 215

Classifying Aruba Devices 216

Quick Links for Clients on Aruba Devices 216

Using the Deauthenticate Client Feature 217

Viewing the Client Association History 217

Viewing the Rogue Association History 217 Diagnosing Status and Connectivity 218

Configuring and Managing Devices 219

Moving a Device from Monitor Only to Manage Read/Write Mode 219 Configuring Device Settings 220 Adding a Maintenance Window for a Device 228 Creating Dynamic Variables 229 Configuring Device Interfaces for Switches 230 Individual Device Support and Firmware Upgrades 231

Using Configuration Templates 234

Group Templates 234

Supported Devices 234 Template Variables 234

Viewing, Adding and Editing Templates 236 Configuring General Template Files and Variables 239

Configuring General Templates 240

IOS Configuration File Template 241

Device Configuration File on Devices > Device Configuration Page 241

viii | Contents AirWave 8.2.10.1 | User Guide

Template Syntax 241

Using AP-Specific Variables 241

Using Directives to Eliminate Reporting of Configuration Mismatches 242

Using Conditional Variables in Templates 242

Using Substitution Variables in Templates 243

Configuring Templates for Aruba Instant 245 Configuring Templates for AirMesh 246 Configuring Cisco IOS Templates 246

Applying Startup-config Files 246 WDS Settings in Templates 247 SCP Required Settings in Templates 247 Supporting Multiple Radio Types via a Single IOS Template 247 Configuring Singleand Dual-Radio APs via a Single IOS Template 248

Configuring Cisco Catalyst Switch Templates 248 Configuring Symbol Controller / HPE WESM Templates 248 Configuring a Global Template 250

Using the Home Pages 253

Customizing the Dashboard 253

Available Widgets 253 Adding Widgets 257 Available Widgets 257 Defining Graph Display Preferences 261 Monitoring Your Network Health 262 Monitoring Application Traffic 265 Using the UCC Dashboard 266

Viewing Call Details 266

Viewing UCC Charts, Graphs, and Tables 267

Viewing End-to-End Call Details 268

Get Call Summary 268

Using the UCCReport 269

Viewing RF Performance 270 Viewing RFCapacity 271 Using the AirMatch Dashboard 272 Viewing Network Deviations 273

How Standard Deviation is Calculated 274

Using Clarity 275

View Clarity Charts 275

Failures Rates 275

Process Times 275

Clarity Thresholds 276 View User Details from the Summary Table 276 View Authentication Failure Data 278 View DHCP Failure Data 278 View DNS Failure Data 279 View Association Data 279 Working with Clarity Data 279

First 25 Results 279

Sorting and Filtering Clarity Data 280

Selecting a Folder from the Navigation Bar 280

Exporting Clarity Data 280

AirWave 8.2.10.1 | User Guide Contents | ix

Changing the Time Range 280 Evaluate User Status 281

Using Topology 282

Getting Started 282

Navigate the Map 283

Respond to Alerts 283 Setting up Your Map 284

Locate Your Device 284

Select Your Layout 285

Arrange Devices on the Map 285

Show Spanning Tree Members 286

Show VLANs 288

Apply Filters 289

Set the Root Node 291

Saving Your Preferences 291

Changing the Default Expansion 292 Checking the Status of Your Network 292

Device Status 292

Health Status 292

Link Status 293 Taking Action from Quick Links 293

View Tooltips 293 Viewing Device and Stack Membership Details 294 Running a Command 295

Accessing AirWave Documentation 296 Working with Licenses 296

Adding licenses 297 Viewing licenses 297

Configuring License Expiration Email Notifications 298

Configuring User Information and Customizing the WebUI 298

Configure Your User Information 298 Customizing the WebUI 298

Setting Severe Alert Warning Behavior 301

Using the System Pages 302

Checking the Status of AirWave Services 302

Important AirWave Logs 303

Downloading Log Files 303 Viewing Device Events 303 Using the Event Log 305 Viewing Triggers 305 Creating New Triggers 306

Types of Triggers 308

Device Triggers 308

Interfaces and Radios Triggers 311 About Alerts 316 Viewing System Alerts 317

Delivering Triggered Alerts 318

Responding to Alerts 319

Backing Up Your Data 319

Viewing and Downloading Backups 319

x | Contents AirWave 8.2.10.1 | User Guide

Using the System > Configuration Change Jobs Page 319 Using the System > Firmware Upgrade Jobs Page 320 Viewing DRT Upgrade Jobs 321 Using the System > Performance Page 321

Creating, Running, and Sending Reports 326

What You Can Do With Reports 326

Track licenses 326

Improve Network Efficiency and User Experience 326

Monitor Clients and Devices 327

Show Compliance 327

Troubleshoot Device and Network Issues 327 Sorting Reports 328

About the Default Reports 328

Using the LicenseReport 328 Using the Capacity Planning Report 329

Example Custom Report 329 Using the Memory and CPU Utilization Report 331 Using the Network Usage Report 331 Using the Port Usage Report 333 Using the RF Health Report 335

Thresholds 335

Top Folders and Radio Statistics 336

Lists of Top Radio Issues 337 Using the Client Inventory Report 337

Example Custom Report 338 Using the Client Session Report 339 Using the Configuration Audit Report 341 Using the Device Summary Report 343 Using the Device Uptime Report 344 Using the Inventory Report 345

Example Custom Report 345 Using the Rogue Containment Audit Report 347 Using the PCI Compliance Report 348 Using the IDS Events Report 348 Using the Match Event Report 350 Using the New Clients Report 350 Using the New Rogue Devices Report 352 Using the RADIUS Reports 354

RADIUS Authentication Issues 354

RADIUSAccounting Issues 354 Using the Rogue Clients Report 355 Using the VPN Session Report 357

Creating Custom Reports 358

Tips for Restricting Time Ranges 358

Running Reports on Selected Devices 359 Cloning Reports 359

Selecting the Report Definition 359 Selecting the Devices and a Report Template 360 Selecting the Devices Without Using a Report Template 361

Viewing Generated Reports 361

AirWave 8.2.10.1 | User Guide Contents | xi

Get an Updated Report 362

Sending Reports 363

Exporting Reports in CSV Format 363

Exporting a Report 363

Exporting Multiple Reports 364 Sending Reports to a Smart Host 365

Using VisualRF 366

Features 367 Useful Terms 367 Starting VisualRF 368 Basic VisualRF Navigation 368

Network View Navigation 368 Customize Your Floor Plan View 369

Devices 369

Client Overlays 370

AP Overlays 370

Relation Lines 370

Floor Plan Features 371 Mesh View Navigation 371

Advanced VisualRF Settings 373

Server Settings 373 Location Settings 374 Location Calculation Timer Settings 375 Disabling Client Calculation 378 Wall Attenuation Settings 379

Adding a Wall Attenuation 379 VisualRF Resource Utilization 380

Planning and Provisioning 380

Creating a New Campus 381 Creating a New Building 381 Adding a Floor Plan 382

Change Settings in VisualRF Floor Plans 383 Editing a Floor Plan Image 383

Replacing the Background 383

Cropping the Floor Plan Image 384

Copying a Floor Plan in the Same Building 385

Sizing a Non-CAD Floor Plan 385

Defining Floor Plan Boundaries 385 Defining Floor Plan Regions 386

Adding Region to a New Floor using the Floor Upload Wizard 386

Adding a Region to an Existing Floor Plan 386 Editing a Planning Region 387 Floor Plan Properties 387 Adding Deployed Access Points onto the Floor Plan 388 Adding Planned APs onto the Floor Plan 389 Auto-Matching Planned Devices 390 Printing a Bill of Materials Report 390

Increasing Location Accuracy 390

Adding Exterior Walls 391 Fine-Tuning Location Service in VisualRF > Setup 392

xii | Contents AirWave 8.2.10.1 | User Guide

Decreasing Grid Size 392

Enabling Dynamic Attenuation 393

Configuring Infrastructure 393

Deploying APs for Client Location Accuracy 393

Using VisualRF to Assess RF Environments 394

Viewing a Wireless User’s RF Environment 394

Tracking Location History 395

Checking Signal Strength to Client Location 396 Viewing an AP’s Wireless RF Environment 396 Viewing a Floor Plan’s RF Environment 397 Viewing a Network, Campus, Building’s RF Environment 398 Viewing Campuses, Buildings, or Floors from a List View 398

Importing and Exporting in VisualRF 399

Importing from CAD 400 Batch Importing CAD Files 400

Requirements 400

Pre Processing Steps 400

Upload Processing Steps 401

Post Processing Steps 401

Sample Upload Instruction XML File 401

Common Importation Problems 402 Importing from an Aruba Controller 402

Pre-Conversion Checklist 402

Process on Controller 402

Process on AirWave 402 Importing from Ekahau Backups 402 Before you begin 402

Using the VisualRF Audit Log 403 VisualRF Location APIs 403

Sample Device Location Response 403 Sample Site Inventory Response 404

About VisualRF Plan 404

Overview 404 Minimum requirements 405 VisualRF Plan Installation 405 Differences between VisualRF and VisualRF Plan 405

Using RAPIDS 407

Introduction to RAPIDS 407 Viewing RAPIDS Summary 408 Setting Up RAPIDS 409

RAPIDS Setup 409

Basic Configuration 409

Classification Options 410

Containment Options 410

Filtering Options 411 Additional Settings 412

Defining RAPIDS Rules 412

Controller Classification with WMS Offload 412 Device OUI Score 413 Rogue Device Threat Level 413

AirWave 8.2.10.1 | User Guide Contents | xiii

Viewing and Configuring RAPIDS Rules 414

RAPIDS Classification Rule Properties 416

Deleting or Editing a Rule 417

Changing the Rule Priority 418 Recommended RAPIDS Rules 418 Using RAPIDS Rules with Additional AirWave Functions 418

Viewing Rogues 418

Predefined, Default Views for Rogue Devices 419 Filtered Views for Rogue Devices 420

Overview of the RAPIDS > Detail Page 422

Important Considerations 423 Filter the Device Data 423 Update Rogue Devices 423 Viewing Ignored Rogue Devices 424 Using RAPIDS Workflow to Process Rogue Devices 424

Score Override 424 Using the Audit Log 425 Additional Resources 426

Using the Master Console 427

Using the Public Portal on Master Console 427 Adding a Managed AMP with the Master Console 428 Using Global Groups with Master Console 429

Appendix A Using FIPS Encryption 430

Enabling FIPS 140-2 Approved Mode 430

Appendix B AMP Command Line Interface 431

About the Command Line Interface 431

CLI Access 431

How to Reset Your Password 431 CLI Options 432

Appendix C VisualRF and Performance 440

How Floor Components Impact Performance 440 Identifying Performance Problems 440 Resolving Performance Problems 440 Contacting Support 441

Index 442

xiv | Contents AirWave 8.2.10.1 | User Guide

Chapter 1

Introduction

AirWave is a network management platform that provides a single console whereyou can monitor, analyze, and configure wired and wireless networks. Whether your network is simple or a large, complex, multi-vendor installation, AirWave makes it easy to monitor your network with features like AppRF, Clarity, and VisualRF.

AirWave also provisions Aruba switches, provides CPU, memory and interface monitoring, configuration management, and upgrades switch firmware. AirWave can be used to implement zero-touch provisioning for Aruba Instant APs (IAP), Aruba switches and branch controllers.

With AirWave, you can configure:

l "Aruba Mobility Controllers" on page 15

l "Instant Access Points" on page 15

l "ArubaOS-S Switches and ArubaOS-CX Switches" on page 16

Aruba Mobility Controllers

AirWave supports global and group-level configuration of Aruba mobility controllers. Several controllers can work together with APs to provide a hierarchical and redundant mobility controller system.

The mobility controller system provides:

l AP tunnel termination and translational bridging

l GRE tunnel between each AP and a mobility controller

l A virtual connection point to wireless clients

l Frame translation from 802.11 to 802.3 and 802.3 to 802.11, including encryption and decryption of

wireless traffic

l Quality of service(QoS) and traffic prioritization

Working alone or in conjunction with ClearPass, the mobility controller authenticates wireless clients and includes a stateful firewall that can be configured to filter wireless traffic.

In this document, mobility controllers are also called access devices. For information about controller configuration, refer to the AirWave 8.2.10.1 Controller Configuration Guide.

Instant Access Points

Aruba Instant (Instant) is a system of access points in a Layer 2 subnet. The Instant APs (IAPs) are controlled by a single IAP that serves a dual role as both an IAP and primary Virtual Controller (VC), eliminating the need for dedicated controller hardware. This system can be deployed through a simplified setup process appropriate for smaller organizations, or for multiplegeographically dispersed locations without an on-site administrator.

With AirWave, IT can centrally configure, monitor, and troubleshoot ArubaInstant WLANs, upload new software images, track devices, generate reports, and perform other vital management tasks, all from a remote location.

A Virtual Controller or Instant AP can authenticate to the AirWave server using a pre-shared key, or using twoway certificate-based authentication using an SSL certificate sent from AirWave to the Instant device. Virtual Controllers push data to AirWave via HTTPS. If your enterprise has a security policy that restricts the use of port 443 for inbound communication, you can change the port AirWave uses to communicate with Instant devices.

For additional information about Instant AP configuration, refer to the Aruba Instant in AirWave 8.2.8.2 Deployment Guide.

AirWave 8.2.10.1 | User Guide Intro duction | 15

ArubaOS-S Switches and ArubaOS-CX Switches

AirWave supports group-level configuration of ArubaOS-S Switches andArubaOS-CX Switches. These switches connect APs, wired clients and other endpoints to the network. Working alone or in conjunction with ClearPass, the ArubaOS-S Switches provide authentication, authorization and accounting.

In this document, ArubaOS-S Switches are also called access switches, and ArubaOS-CX Switches are also called core and aggregation switches. For informationabout switch configuration, refer to the AirWave 8.2 Switch Configuration Guide.

16 | Introduction AirWave 8.2.10.1 | User Guide

Chapter 2

Configuring AirWave

After you install the AirWave software, or any time you need to make changes to network settings, refer to the following procedures:

l "Defining Network Settings" on page 33

l "Configuring Cisco WLSE Rogue Scanning" on page 70

l "Configuring ACS Servers" on page 71

l "Integrating NMS Servers" on page 72

l "PCI Compliance Monitoring" on page 72

l "Deploying WMS Offload" on page 74

l "Integrating External Servers" on page 75

Defining General AirWave Server Settings

The initial tasks to configure the AirWave server include:

l "Configuring the AirWave Server" on page 17

l "Defining Network Settings" on page 33

l "Creating AirWave Users" on page 36

l "Configuring AirWave User Roles" on page 38

l "Configuring the User Login and Authentication" on page 43

l "Enabling AirWave to Manage Your Devices" on page 53

l "Managing Certificates" on page 59

l "Setting Up Device Types" on page 66

Configuring the AirWave Server

The following topics describe how to configure the general settings for the AirWave server. Figure 1 illustrates the AMP Setup > General page.

AirWave 8.2.10.1 | User Guide Configuring AirWave | 17

Figure 1: AMP Setup > General Settings

Whenever you save changes to these settings, AirWave applies them globally across the product for all users.

General Settings

Browse to the AMP Setup > General page, locate the General section, and enter the information described in

Table 1:

Table 1: AMP Setup >General > General Section Fields and Default Values

Setting Default Description

System Name Defines your name for your AirWave server using alphanumeric

characters.

Default Group Access

Points

Sets the device group that this AirWave server uses as the default for device-level configuration. Select a device group from the drop-down menu. A group must first be defined on the Groups > List page to appear in this drop-down menu. For additional information, refer to

"Using Device Groups" on page 77.

18 | Configuring AirWave AirWave 8.2.10.1 | User Guide

Table 1: AMP Setup >General > General Section Fields and Default Values (Continued)

Setting Default Description

Device Configuration Audit Interval

Automatically repair misconfigured devices

Help improve AirWave by sending anonymous usage data

Nightly Maintenance Time (00:00 23:59)

Daily This setting defines the interval of queries which compares actual

device settings to the Group configuration policies stored in the AirWave database. If the settings do not match, the AP is flagged as mismatched and AirWave sends an alert via email, log, or SNMP.

NOTE: Enabling this feature with a frequency of Daily or more frequently is recommended to ensure that your AP configurations comply with your established policies. Specifying Never is not recommended.

Disabled If enabled, this setting automatically reconfigures the settings on the

device when the device is in Manage mode and AirWave detects a variance between actual device settings and the Group configuration policy in the AirWave database.

Disabled If enabled, AirWave will send anonymous data to Aruba, which may be

used to improve the AirWave software.

04:15 Specifies the local time of day AirWave should perform daily

maintenance. During maintenance, AirWave cleans the database, performs backups, and completes a few other housekeeping tasks. Such processes should not be performed during peak hours of demand.

License APs Usage Threshold

Check for software updates

Yes Enables AirWave to check automatically for multiple update types.

Sets a threshold to display an alert on the controller monitor page when the license usage has reached this number.

Check daily for AirWave updates, to include enhancements, device template files, important security updates, and other important news. This setting requires a direct Internet connection via AirWave.

Automatic Authorization Settings

On the AMP Setup > General page, locate the Automatic Authorization section. These settings allow you to control the conditions by which devices are automatically authorized into AP groups and folders. AirWave validates the Folder and Group to ensure that both settings have been set to valid drop down options. Table 2 describes the settings and default values in this section.

AirWave 8.2.10.1 | User Guide Configuring AirWave | 19

Table 2: AMP Setup > General > Automatic Authorization Fields and Default Values

Setting Default Description

Add New

New Device List Globally add new controllers and autonomous devices to: Controllers and Autonomous Devices Location

Add New Thin APs

New Device List Globally add new thin APs to: Location

Automatically Authorized Virtual

Manage

Read/Write Controller Mode

Aruba Instant Settings

l The New Device List (located in Devices > New). l The same folder and group as the discovering device. l The same group and folder of their closest IP neighbor on the

same subnet.

l Choose a group and folder. If you select this option, enter the

folder/group in the Auto Authorization Group and Auto Authorization Folder fields that display.

NOTE: This setting can be overridden in Groups > Basic.

l The New Devices list. l The same folder and group as the discovering device. l The same group and folder of their closest IP neighbor on the

same subnet.

l Choose a group and folder. If you select this option, enter the

folder/group in the Auto Authorization Group and Auto Authorization Folder fields that display.

NOTE: This setting can be overridden in Groups > Basic.

Specify whether Virtual Controller mode for Instant APs will be in Manage Read/Write mode or Monitor Only mode.

A Virtual Controller can communicate with the AirWave server over a configurable communication port, and authenticate to the server using a pre-shared key, and/or two-way certificate-based authentication using an SSL certificate sent from AirWave to the Instant device.

The AMP Setup > General > Aruba Instant Options page includes the following Configuration settings:

Table 3: AMP Setup > General > ArubaInstantOptions Fields and Default Values

Setting Default Description

Communication port (443,1000-65534):

Security method for adding new Virtual Controllers:

443 By default, an Instant Virtual Controller communicates with AirWave

over port 443. If your enterprise has a security policy that restricts the use of port 443 for inbound communication, use this field to change the port the Virtual Controller uses to communicate with AirWave.

PSK Only

AirWave can use the following security methods to authenticate a Virtual Controller to the AirWave server:

l PSK Only l PSK and Certificate l Certificate Only

If you enable certificate-based authentication, you are directed to the AMP Setup > General > Upload SSLCertificate page, where you are prompted to upload an certificate file in PEM format that contains both a private key and certificate.

20 | Configuring AirWave AirWave 8.2.10.1 | User Guide

Table 3: AMP Setup > General > ArubaInstantOptions Fields and Default Values (Continued)

Setting Default Description

Allow None-TPM Devices

Configuration Only No By default, AirWave will push Instant configuration settings as well as

Yes If certificate-based authentication is enabled for the Virtual Controller,

AirWave allows low assurance, non-TPM device. This setting is unavailable when PSK authentication is used.

AirWave settings such as RAPIDS settings and traps from an AirWave group to a Virtual Controller assigned to that group. Select the Yes option to push Instant configuration settings only.

If you select a security method that includes Certificate-based authentication, you must upload the a certificate from a supported certificate authority to the AirWave server, as the default AirWave certificate will not be recognized by the Instant AP, and will cause the SSL handshake to fail. Certificate authentication also requires that the AMP IPaddress information configured on the Instant AP is a domain name, and not an IP address.

AirWave supports the following trusted certificate authorities:

l Chain 1: Trusted Root CA: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External

CA Root Intermediate CA: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO High-Assurance Secure Server CA

l Chain 2: Trusted Root CA: C=US, O=GeoTrust Inc., CN=GeoTrust Global CA Intermediate CA: Subject: C=US,

O=Google Inc, CN=Google Internet Authority G2

For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5 Intermediate CA: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Secure Server CA - G3

l Root CA: Trusted Root CA: C=US, O=Equifax, OU=Equifax Secure Certificate Authority

If you enable certificate authentication, you are prompted to upload an SSLcertificate. you can view the current AirWave certificate using the View Certificate link on that page, or click Change to upload a new certificate file to the AirWave server.

Top Header Settings

The top header of each AirWave WebUI page displays icons that provide counts on newly discovered devices, device status, mismatches, rogues, clients, and both unacknowledged and severe alerts. These icons also provide direct links for immediate access to key system components.

Figure 2: Header Statistics Icons

You can configure what is displayed in the top header for all pages, or for individual AirWave users.

To change the header statistic icons:

1. Navigate to AMP Setup > General, then scroll down to Top Header.

2. Choose the statistics.

3. Choose the devices.

4. Click Save.

A confirmation message does not appear when you make modifications to the top header statistic icons.

To change statistics that display for an AirWave user:

AirWave 8.2.10.1 | User Guide Configuring AirWave | 21

1. Navigate to Home > User Info page, then scroll down to Top Header Stats.

2. Choose the statistics.

3. Choose the devices.

4. Click Save. These user settings will override the general settings on the AMP Setup page.

Search Method

On the AMP Setup > General page, locate the Search Method section. Select one of the following drop down options as the system-wide default search method. This default search type will be used when a user types an entry in the Search field and then clicks Enter without selecting a specific search type.

l Use System Defaults: The Search Method will be based on the system-wide configuration setting. This

method is configured on the AMP Setup > General page.

l Active clients + historical clients (exact match) + all devices: Commonly referred to as Quick Search, this looks

at all active and historical clients and all devices. This search is not case-sensitive. The results of this search display in a pop up window rather than on the Home > Search page. This pop up window includes top-level navigation that allows you to filter the results based on Clients, APs, Controllers, and Switches.

l Active clients + all categories: This looks at all active clients (not historical) and all categories. This search is not

case-sensitive.

l Active clients + all categories (exact match): This looks at all active clients (not historical) and all categories.

This search returns only matches that are exactly as typed (IP, user name, device name, etc). This search is case-sensitive for all searched fields.

l Active + historical clients + all categories: This looks at all active and historical clients and all categories. This

search is not case-sensitive.

l Active + historical clients + all categories (exact match): This looks at all active and historical clients and all

categories. This search returns only matches that are exactly as typed (IP, user name, device name, etc). This search is case-sensitive for all searched fields.

A confirmation message does not appear after you make modifications to Search Preferences.

Per-user search preferences can be set in the Home > User Info page.

Home Overview Preferences

On the AMP Setup > General page, locate the Home Overview Preferences section. Table4 describes the settings and default values in this section.

Table 4: AMP Setup > General > Home Overview Preferences Fields and Default Values

Setting Default Description

Configure Channel Busy Threshold

Channel Busy Threshold (%)

Yes Whether you want to configure the threshold at which a channel is

considered to be busy at the Top Folders By Radio Channel Usage Overview widget.

n/a The threshold percent at which the radio channel is considered busier

than normal. This field is only available if the Configure Channel Busy Threshold setting is Yes.

22 | Configuring AirWave AirWave 8.2.10.1 | User Guide

Display Settings

On the AMP Setup > General page, locate the Display section and select the options to appear by default in new device groups.

Changes to this section apply across all of AirWave. These changes affect all users and all new device groups.

Table 5 describes the settings and default values in this section.

Table 5: AMP Setup > General > Display Fields and Default Values

Setting Default Description

AP Fully Qualified Domain Name Options

Show vendorspecific device settings for

No Sets AirWave to use fully qualified domain names for APs instead of the

AP name. For example, ‘testap.yourdomain.com; would be used instead of ‘testap.’ Select one of the following options:

l Don’t use FQDN - This default value specifies that the fully qualified

domain name will not be used.

l Use AP Name with FQDN - The AP name will prepend the FQDN, for

example “somehostname (my.hostname.com).” Note that if the AP name is not present, then the FQDN will still appear in parenthesis.

l Use only FQDN - Only the fully qualified domain name will be used.

NOTE: This option is supported only for Cisco IOS, Dell Networking WSeries, Aruba Networks, and Alcatel-Lucent devices.

All Devices Displays a drop-down menu that determines which Group tabs and

options are viewable by default in new groups, and selects the device types that use fully qualified domain names. This field has three options, as follows:

l All devices—When selected, AirWave displays all Group tabs and

setting options.

l Only devices on this AMP—When selected, AirWave hides all

options and tabs that do not apply to the APs and devices currently on AirWave.

l Selected device type—When selected, a new field appears listing

many device types. This option allows you to specify the device types for which AirWave displays group settings. You can override this setting.

Look up device and wireless user

Yes Enables AirWave to look up the DNS for new user hostnames. This setting

can be turned off to troubleshoot performance issues.

hostnames

DNS Hostname Lifetime

Device Troubleshooting Hint

AirWave 8.2.10.1 | User Guide Configuring AirWave | 23

24 hours Defines the length of time, in hours, for which a DNS server hostname

remains valid on AirWave, after which AirWave refreshes DNS lookup:

l 1 hour l 2 hours l 4 hours l 12 hours l 24 hours

N/A The message included in this field is displayed along with the Down if a

device’s upstream device is up. This applies to all APs and controllers but not to routers and switches.

Device Configuration Settings

Locate the Device Configuration section and adjust the settings. Table 6 describes the settings and default values of this section.

Table 6: AMP Setup > General > Device Configuration Section Fields and Default Values

Setting Default Description

Guest User Configuration

Allow WMS Offload configuration in monitor-only mode

Allow disconnecting users while in monitor-only mode

Use Global Aruba Configuration

Disabled Enables or prevents guest users to/from pushing configurations to

devices. Options are Disabled (default), Enabled for Devices in Manage(Read/Write), Enabled for all Devices.

No When Yes is selected, you can enable the ArubaOS WMS offload

feature on the Groups > Basic page for WLAN switches in Monitor Only mode. Enabling WMS offload does not cause a controller to reboot. This option is supported only for Aruba and Dell Networking W-Series devices.

No Sets whether you can deauthenticate a user for a device in monitor-

only mode. If set to No, the Deauthenticate Client button for in a Clients > Client Detail page is enabled only for Managed devices.

No Enables Aruba configuration profile settings to be globally configured

and then assigned to device groups. If disabled, settings can be defined entirely within Groups > Controller Configand Groups

>Switch Config instead of globally.

NOTE: Changing this setting may require importing configuration on

your devices. When an existing Aruba configuration setup is to be converted from global to group, follow these steps:

1. Set all the devices to Monitor Only mode before setting the flag.

2. Each device Group will need to have an import performed from the Device Configuration page of a controller in the AMP group.

3. All of the thin APs need to have their settings imported after the device group settings have finished importing.

4. If the devices were set to Monitor Only mode, set them back to Managed mode.

AMP Features

Locate the AMPFeatures section and adjust settings for VisualRF, RAPIDS, and AirWave Glass. Table 7 describes these settings and default values.

Table 7: AMP Setup Setup > General > AMP Features Fields and Default Values

Setting Default Description

Display VisualRF No Enable or disable the VisualRF navigation tab.

Display RAPIDS No Enable or disable the RAPIDS navigation tab.

24 | Configuring AirWave AirWave 8.2.10.1 | User Guide

Table 7: AMP Setup Setup > General > AMP Features Fields and Default Values (Continued)

Setting Default Description

Hide setup pages from non-admin users

Allow role based report visibility

Enable Central Authentication

Yes Restrict access to following pages to users with the AMP Administration

role only:

l VisualRF > Setup l AMP Setup > NMS l RAPIDS > Score Override l RAPIDS > Rules l RAPIDS > Setup l System > Triggers

Yes Enable or disable role-based reporting in AMP. When disabled, reports

can only be generated with by-subject visibility.

Yes Toggles on or off single-sign on (SSO) authentication between AirWave

and AirWave Glass.

Service

Central Authentication Hostname

If the Central Authentication Service is enabled and the managed AMP is attached to AirWave Glass, this field is automatically populated, and you don't need to configure the hostname.

External Logging Settings

Locate the External Logging section and adjust settings to send audit and system events to an external syslog server. Table 8 describes these settings and default values. You can also send a test message using the Send Test Message button after enabling any of the logging options.

For information about creating triggers in order to receive event notifications, see "Creating New Triggers" on

page306.

Table 8: AMP Setup > General > External Logging Section Fields and Default Values

Setting Default Description

Include event log messages

Syslog Server N/A Enter the IP address of the syslog server. Note that this field is hidden if

Syslog Port 514 Enter the port of the syslog server. Note that this field is hidden if both

Event log facility local1 Select the facility for the event log from the drop-down menu. This field is

Include audit log messages

No Select Yes to send event log messages to an external Syslog server.

NOTE: If you enable event logging, other options to configure the Syslog server and enable logging using Common Event Format (CEF) become available.

both "Include event log messages" and "Include audit log messages" are set to No.

"Include event log messages" and "Include audit log messages" are set to No.

only available if the "Include event log messages" setting is Yes.

No Select Yes to send audit log messages to an external syslog server.

AirWave 8.2.10.1 | User Guide Configuring AirWave | 25

Table 8: AMP Setup > General > External Logging Section Fields and Default Values (Continued)

Setting Default Description

Audit log facility local1 Select the facility for the audit log from the drop-down menu. This field is

only available if the "Include audit log messages" setting is Yes

Send Test Message N/A If messaging is enabled and a server and port are configured, click this

button to send a test message. Upon completion, a message will appear at the top of this page indicating that the message was sent successfully.

Historical Data Retention Settings

Locate the Historical Data Retention section and specify the number of days you want to keep client session records and rogue discovery events. Table 9 describes the settings and default values of this section. Many settings can be set to have no expiration date.

Table 9: AMP Setup > General > Historical Data Retention Fields and Default Values

Setting Default Description

Inactive Client and VPN User Data (01500 days, zero disables)

Client Association and VPN Session History (0-550 days, zero disables)

Tag History (0-550 days, zero disables)

Rogue AP Discovery Events (14-550 days, zero disables)

Reports (0-550 days, zero disables)

Automatically Acknowledge Alerts(0-550 days, zero disables)

60 Defines the number of days AirWave stores basic information about

inactive clients and VPN users. A shorter setting of 60 days is recommended for customers with high user turnover such as hotels. The longer you store inactive user data, the more hard disk space you require.

14 Defines the number of days AirWave stores client and VPN session

records. The longer you store client session records, the more hard disk space you require.

14 Sets the number of days AirWave retains location history for Wi-Fi tags.

14 Defines the number of days AirWave stores Rogue Discovery Events. The

longer you store discovery event records, the more hard disk space you require.

60 Defines the number of days AirWave stores Reports. Large numbers of

reports, over 1000, can cause the Reports > Generated page to be slow to respond.

14 Defines automatically acknowledged alerts as the number of days AirWave

retains alerts that have been automatically acknowledged. Setting this value to 0 disables this function, and alerts will never expire or be deleted from the database.

Acknowledged Alerts(0-550 days, zero disables)

26 | Configuring AirWave AirWave 8.2.10.1 | User Guide

60 Defines the number of days AirWave retains information about

acknowledged alerts. Large numbers of Alerts, over 2000, can cause the System > Alerts page to be slow to respond.

Table 9: AMP Setup > General > Historical Data Retention Fields and Default Values (Continued)

Setting Default Description

Radius/ARM/IDS Events(0-550 days, zero disables)

Archived Device Configurations (0100, zero disables)

Archive device configs even if they only have rogue classifications

Guest Users (0-550 days, zero disables)

Inactive SSIDs (0550 days, zero disables)

Inactive Interfaces (0-550 days, zero disables)

14 Defines the number of days AirWave retains information about RADIUS,

ARM, and IDS events. Setting this value to 0 disables this function, and the information will never expire or be deleted from the database.

10 Defines the number of configurations that will be retained for archived

devices. Whether rogue information is included depends on the setting of the Archive device configs even if they only have rogue classifications setting.

No Sets whether to archive device configurations even if the device only has

rogue classifications.

30 Sets the number of days that AirWave is to support any guest user. A value

of 0 disables this function, and guest users will never expire or be deleted from the AirWave database.

425 Sets the number of days AirWave retains historical information after

AirWave last saw a client on a specific SSID. Setting this value to 0 disables this function, and inactive SSIDs will never expire or be deleted from the database.

425 Sets the number of days AirWave retains inactive interface information

after the interface has been removed or deleted from the device. Setting this value to 0 disables this function, and inactive interface information will never expire or be deleted from the database.

Interface Status History (0-550 days, zero disables)

Interfering Devices (0-550 days, zero disables)

Device Events (Syslog, Traps)(131 days)

Mesh Link History (0-550 days)

Device Uptime (0120 months, zero disables)

425 Sets the number of days AirWave retains historical information on

interface status. Setting this value to 0 disables this function.

14 Sets the number of days AirWave retains historical information on

interfering devices. Setting this value to 0 disables this function.

2 Sets the number of days AirWave retains historical information on device

events such as syslog entries and SNMP traps. Setting this value to 0 disables this function. Refer to "Viewing Device Events" on page 303.

NOTE: If your data table has more than 5 million rows, AirWave will truncate the device event retention data. In this case, the "number of days" setting becomes "number of hours."

30 Sets the number of days AirWave retains historical information for mesh

links.

60 Sets the number of months AirWave retains historical information on

device uptime. Setting this value to 0 disables this function.

AirWave 8.2.10.1 | User Guide Configuring AirWave | 27

Table 9: AMP Setup > General > Historical Data Retention Fields and Default Values (Continued)

Setting Default Description

Client Data Retention Interval (1-425 days)

UCC Call History (1-30 days)

UCC Call Details (1-7 days)

Config Job Retention Interval (1-31 days)

425 Sets the number of days AirWave retains historical information for clients.

30 Sets the number of days that calls remain in AirWave's call history.

2 Sets the number if days that the AirWave retains details for individual calls.

31 Sets the number of days AirWave retains information about configuration

jobs.

Firmware Upgrade/Reboot Options

Locate the Firmware Upgrade/Reboot Options section and adjust settings as required. This section allows you to configure the default firmware upgrade behavior for AirWaveTable 10

Table 10 describes the firmware upgrade and reboot options.

Table 10: AMP Setup > General > Firmware Upgrade Defaults Fields and Default Values

Setting Default Description

Allow firmware upgrades in monitor-only mode

No If Yes is selected, AirWave upgrades the firmware for APs in Monitor

Only mode. When AirWave upgrades the firmware in this mode, the desired configuration are not be pushed to AirWave. Only the firmware is applied. The firmware upgrade may result in configuration changes AirWave does not correct those changes when the AP is in Monitor Only mode.

Allow Rebooting Monitor Only Devices

Enable firmware distribution via http

Fast Download No When fast download is enabled, standalone IAPs in the same RF zone are

Sequential Reboot No When sequential reboot is enabled, the APs in the same RF zone will

No If Yes is selected, AirWave can reboot devices in Monitor Only mode.

No By default, we use HTTPS and require user log in for firmware updates.

NOTE: For IAPs running versions earlier than Instant 3.4.0.0, set this option to "Yes" in order to get firmware updates using HTTP.

grouped so that they can download the image from each other. This assumes that the APs are behind the same firewall so that they can reach each other, thereby making the firmware download faster.

reboot sequentially. At any given time, only one AP is being rebooted. As a result, users can use another AP that is visible in RF and have uninterrupted service.

28 | Configuring AirWave AirWave 8.2.10.1 | User Guide

Table 10: AMP Setup > General > Firmware Upgrade Defaults Fields and Default Values (Continued)

Setting Default Description

Maximum Interleaved Jobs (1-

20)

Maximum Interleaved Devices Per Job (1-1000)

Failures before stopping (0-20, zero disables)

Failure timeout (560 mins)

DRT upgrade failure timeout (2-30 mins)

Number of tries in failure (1-4)

Periodic run failed upgrade interval

20 Defines the number of jobs AirWave runs at the same time. A job can

include multiple APs. When jobs are started by multiple users, AirWave will interleave upgrades so that one user's job does not completely block another’s.

20 Defines the number of devices that can be in the process of upgrading at

the same time. Within a single job, AirWave may start the upgrade process for up to this number of devices at the same time. However, only one device will be actively downloading a firmware file at any given time.

1 Sets the default number of upgrade failures before AirWave pauses the

upgrade process. User intervention is required to resume the upgrade process. Setting this value to 0 disables this function.

60 Sets the timeout for an upgrade attempt.

6 Sets the timeout for a Downloadable Regulatory Table (DRT) upgrade

attempt.

1 Sets the number of retry attempts.

Disabled Set the length of time AirWave retries running a failed upgrade.

Additional AMP Services

Locate the AdditionalAMP Services section, and adjust settings as required. Table 11 describes the settings and default values of this section.

Table 11: AMP Setup > General > Additional AMP Services Fields and Default Values

Setting Default Description

Enable FTP Server No Enables or disables the FTP server on AirWave. The FTP server is only

used to manage Aruba AirMesh and Cisco Aironet 4800 APs. Best practice is to disable the FTP server if you do not have any supported devices in the network.

AirWave 8.2.10.1 | User Guide Configuring AirWave | 29

Table 11: AMP Setup > General > Additional AMP Services Fields and Default Values (Continued)

Setting Default Description

Enable RTLS Collector

No Enables or disables the RTLS Collector, which is used to allow

ArubaOScontrollers to send signed and encrypted RTLS (real time locating system) packets to VisualRF; in other words, AirWave becomes the acting RTLS server. The RTLS server IP address must be configured on each controller. This function is used for VisualRF to improve location accuracy and to locate chirping asset tags. This function is supported only for Dell Networking W-Series, Alcatel-Lucent, and Aruba Networks devices.

If Yes is specified, the following additional fields appear. These configuration settings should match the settings configured on the controller:

l RTLS Port—Specify the port for the AirWave RTLS server. l RTLS Username—Enter the user name used by the controller to

decode RTLS messages.

l RTLS Password—Enter the RTLS server password that matches the

controller’s value.

l Confirm RTLS Password—Re-enter the RTLS server password.

Use Embedded Mail Server

Yes Enables or disables the embedded mail server that is included with

AirWave.

Mail Relay Server Optional If you enable the "Use embedded mail server" option, enter information

for an optional mail relay server. This field supports a Send Test Email button for testing server functionality. Click this button to enter valid email addresses.

Process user roaming traps from Cisco WLC

Enable AMON data collection

Enable Clarity Data Collection

Enable Traffic Analysis Data Collection

Yes Whether AirWave should parse client association and authentication traps

from Cisco WLC controllers to give real time information on users connected to the wireless network.

Yes Allows AirWave to collect enhanced data from Aruba devices on certain

firmware versions. See the Best Practices Guide on the Home >

Documentation page for more details

NOTE:

l When enabling AMON, auditing should be set to daily and have been

successful at least once to allow AirWave to calculate the proper BSSIDs per radio. If these BSSIDs do not exist, clients are dropped because they do not have any corresponding BSSIDs in the AirWave database. Auditing should be set to daily because the BSSIDs are kept in cache memory and cleared every 24 hours.

l To view usage data on a standalone controller or managed device, set

the Enable AMON Data Collection option to No to allow usage data to be aggregated from the AP level.

Yes Allows AirWave to collect enhanced Clarity Monitoring data from Aruba

devices running ArubaOS 6.4.3 and later versions

Yes If AMON is enabled for a controller, you can enable AirWave to collect

Traffic Analysis data from the controller by setting this to Yes. When enabled, the Home > Traffic Anaylsis dashboard is available in the WebUI.

30 | Configuring AirWave AirWave 8.2.10.1 | User Guide

+ 418 hidden pages