Cisco Works Wireless LAN Solution Engine User Manual
FAQ and Troubleshooting Guide for
the CiscoWorks Wireless LAN
Solution Engine
Release 2.5
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT
NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT
ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR
THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION
PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO
LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as
part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE
PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED
OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL
DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR
INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
CCIP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, iQ
Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, Networking Academy, ScriptShare, SMARTnet, TransPath, and
Voice LAN are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All That’s Possible, The Fastest Way to
Increase Your Internet Quotient, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE,
CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital,
the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, Internet Quotient,
IOS, IP/TV, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Pac ke t, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar,
SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S.
and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a
partnership relationship between Cisco and any other company. (0208R)
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Copyright © 2003 Cisco Systems, Inc. All rights reserved.
CONTENTS
CHAPTER
CHAPTER
1 FAQs and Troubleshooting 1-1
General FAQs and Troubleshooting 1-1
Faults FAQs and Troubleshooting 1-11
Devices FAQs and Troubleshooting 1-13
Configuration FAQs and Troubleshooting 1-19
Firmware FAQs and Troubleshooting 1-24
Reports FAQs and Troubleshooting 1-32
Radio Manager FAQs and Troubleshooting 1-36
Administration FAQs and Troubleshooting 1-43
2 Fault Descriptions 2-1
Access Point Faults 2-2
WLSE Fault 2-20
AAA Server Faults 2-20
Switch Faults 2-25
Router Fault 2-28
I
NDEX
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
iii
Contents
iv
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
CHAPTER
1
FAQs and Troubleshooting
This FAQ and troubleshooting guide consists of the following sections:
• General Questions—See General FAQs and Troubleshooting, page 1-1
• Faults—Faults FAQs and Troubleshooting, page 1-11
• Devices—Devices FAQs and Troubleshooting, page 1-13
• Configuration—Configuration FAQs and Troubleshooting, page 1-19
• Firmware—Firmware FAQs and Troubleshooting, page 1-24
• Reports—Reports FAQs and Troubleshooting, page 1-32
• Radio Manager —Radio Manager FAQs and Troubleshooting, page 1-36
• Administration—Administration FAQs and Troubleshooting, page 1-43
General FAQs and Troubleshooting
• General FAQs, page 1-1
• General Troubleshooting, page 1-3
General FAQs
• Can several users be logged on and managing the same access point at once?
• What ports and protocols does the WLSE use?
• Can I use a different HTTP port to manage the access point?
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-1
General FAQs and Troubleshooting
• Is Telnet enabled or disabled by default on the WLSE?
• Can SSH be disabled?, page 1-2
• Can I run a job to convert a number of access points from non-IOS to IOS?
• What are the requirements for WLSE usernames and passwords?
Q.
Can several users be logged on and managing the same access point at once?
A.
Yes, several users can view data and reports on the same access point. More
than one user can create configuration and firmware update jobs for the same
access point and these will be run in the order they are scheduled.
Configuration templates may be modified by more than one user at the same
time and the last write will overwrite the others.
Q.
What ports and protocols does the WLSE use?
A.
For discovery and fault monitoring, the WLSE primarily uses SNMP (UDP
port 161). For applying configuration changes, the WLSE uses SNMP, HTTP
(TCP port 80 or as configured), and TFTP (UDP port 69).
Q.
Can I use a different HTTP port to manage the access point?
Chapter 1 FAQs and Troubleshooting
1-2
A.
Yes, the HTTP port can be changed on the access point. The change will be
reflected in WLSE after the next inventory cycle, or if you choose to run
inventory now for the devices on which HTTP port was changed. This is
assuming the inventory is done by SNMP and not HTTP.
Q.
Is Telnet enabled or disabled by default on the WLSE?
A.
Telnet is disabled by default for security reasons. SSH is enabled by default.
Q.
Can SSH be disabled?
A.
It cannot be disabled on the WLSE itself, but you can use the firewall
command to deny all SSH connections. For example, the following CLI
command will cause the WLSE to reject all incoming SSH connections on the
Ethernet 0 interface but allows connections through other protocols and other
ports:
firewall ethernet0 private firewall ethernet0 private ssh
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Chapter 1 FAQs and Troubleshooting
Q.
Can I run a job to convert a number of access points from non-IOS to IOS?
A.
Yes, you can run a firmware job, using a special IOS upgrade image that is
available on Cisco.com. For more information, see the firmware upgrade
information in the online help or the User Guide for the CiscoWorks Wireless
LAN Solution Engine, Release 2.5.
Q.
What are the requirements for WLSE usernames and passwords?
A.
Usernames can be up to 32 characters long, and you can use the alphanumeric
characters and other characters as described in the Naming Guidelines
appendix of the User Guide for the CiscoWorks Wireless LAN Solution
Engine, Release 2.5. Passwords are from 5 to 8 characters long, and you can
use the alphanumeric characters plus the underscore (_). Both usernames and
passwords are case sensitive.
General Troubleshooting
This section provides the following troubleshooting information:
• After the WLSE reboots, the login screen appears, followed by an Internal
Server Error message.
• A search for an access point using APs Based on Client IP, displays the
following message, “search yielded no results.”
General FAQs and Troubleshooting
• When I try to access an access point web page through the WLSE, the
following error message appears: Action Cancelled.
• Cannot recover after incorrect setup program entry.
• Cannot log into the system.
• Cannot log in as a system administrator.
• After the WLSE starts up, the setup login prompt appears. Use the setup
program. The WLSE cannot connect to the network.
• Cannot connect to the WLSE using a Web browser.
• The system time or date is incorrect.
• The system cannot boot from the hard drive during a reboot.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-3
General FAQs and Troubleshooting
Symptom After the WLSE reboots, the login screen appears, followed by an
Internal Server Error message.
Possible Cause The servlet engine in the WLSE is starting up.
Recommended Action Wait for 20 to 30 seconds, then log in again.
Symptom A search for an access point using APs Based on Client IP, displays the
following message, “search yielded no results.”
Possible Cause The device you are searching for is an IOS device. This type
of search only works for non-IOS devices.
Recommended Action None.
Symptom When I try to access an access point web page through the WLSE, the
following error message appears: Action Cancelled.
Possible Cause The SNMP user on the access point does not have enough
rights.
Chapter 1 FAQs and Troubleshooting
1-4
Recommended Action Log in to the access point web interface, select Setup >
Security > User Information, and make sure that the user corresponding to the
SNMP community (which is set up in the WLSE under Discovery > Device
Credentials) has been granted rights for the following: firmware, admin, and
snmp.
Symptom Cannot recover after incorrect setup program entry.
Possible Cause You entered incorrect text during the initial setup and want to
fix the entry.
Recommended Action Exit setup by pressing Ctrl-c. Then run erase config to
remove the incorrect installation information and rerun the setup program. If
you use the erase config command to erase the previous WLSE configuration,
and run the setup program again, you will be required to get a new certificate.
Use the mkcert command or Administration > Appliance > Security > SSL
(HTTPS).
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Chapter 1 FAQs and Troubleshooting
Symptom Cannot log into the system.
Possible Cause You did not run the setup program to create an initial system
configuration or you lost all the user account passwords.
Recommended Action
1.
2. Do you know the password for any system user accounts?
3. If you are certain you entered a valid username and password, contact
Symptom Cannot log in as a system administrator.
General FAQs and Troubleshooting
Did you run the setup program after booting the system for the first time?
If no, run the setup program.
If yes, continue to the next step.
If no, see Cannot log in as a system administrator., page 1-5.
If yes, continue to the next step.
Cisco’s Technical Assistance Center for assistance.
Possible Cause All administrator passwords have been lost.
Recommended Action Perform the following procedure:
1. Connect a console to the WLSE’s console port.
For the WLSE 1105, use the serial port on the front panel; do not use the
serial port on the back panel as a console port.
For the WLSE 1130, the serial/console port is on the back panel.
2. Power the system off, then power it back on. The following prompt
appears:
LILO boot:
3. Press the Tab key. The following prompt appears:
boot:
4. Enter the following command. This puts the WLSE in maintenance
image mode.
CiscoBreR
[root@CiscoMaintImage/]#
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-5
General FAQs and Troubleshooting
5. Enter the following command. This erases the WLSE’s configuration,
Symptom After the WLSE starts up, the setup login prompt appears. Use the setup
program. The WLSE cannot connect to the network.
Possible Cause
–
–
–
–
Recommended Action
1. Verify that the network cable is connected to the Ethernet 0 port and the
Chapter 1 FAQs and Troubleshooting
returns the WLSE to factory defaults, and reloads the WLSE.
[root@CiscoMaintImage/]# erase config
The network cable is not connected to the Ethernet 0 port.
The Ethernet 0 interface is disabled or misconfigured.
The system is configured correctly, but the network is down or
misconfigured.
DNS is misconfigured. Ping commands will result in a 50-70% failure
rate in Pings from the WLSE (Web interface and CLI).
Ethernet indicator is lit.
1-6
–
If the network cable is not connected, connect it.
–
If the network cable is connected but the Ethernet indicator is not lit,
these are the probable causes:
The network cable is faulty.
The network cable is the wrong type (for example, a cross-over type,
rather than the required straight-through type).
The port on the default gateway to which the system connects is down.
–
If the network cable is connected and the Ethernet indicator is on but the
system cannot connect to the network, continue to the next step.
2. Use the ping command to perform the following tests:
–
Try to ping a well-known host on the network. A DNS server is a good
target host.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Chapter 1 FAQs and Troubleshooting
–
3. Use the show interfaces command to determine if the Ethernet 0
General FAQs and Troubleshooting
If the ping command gets a response, the system is connected to the
network. If the system cannot connect to a particular host, the problem is
either with the network configuration or that host. Contact your network
administrator for assistance.
If the ping command does not get a response, continue.
Attempt to connect to another host on the same subnet as the system.
If the ping command can connect to a host on the same subnet, but cannot
connect to a host on a different subnet, the default gateway is probably
down.
If the ping command cannot connect to any hosts, continue to the next
step.
interface is disabled or misconfigured.
For more information on the show interfaces command, see the CLI
appendix in the User Guide for the CiscoWorks Wireless LAN Solution
Engine, Release 2.5. You can access a PDF version of this guide by
clicking View PDF in the WLSE’s online help.
If the Ethernet 0 interface is disabled, enable it. If it is misconfigured,
configure it correctly. For more information, see the Installation and
Configuration Guide for the CiscoWorks Wireless LAN Solution Engine.
If the interface is enabled and correctly configured, continue to the next
step.
4. Contact your network administrator to verify that there are no conditions
on the network that prevent the system from connecting to the network.
If conditions prevent the system from connecting to the network, have
your network administrator correct them.
5. If no conditions are preventing the system from connecting to the
network, contact Cisco’s Technical Assistance Center.
Symptom Cannot connect to the WLSE using a Web browser.
Possible Cause
–
The system cannot connect to the network.
–
HTTP or HTTPS is not enabled
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-7
General FAQs and Troubleshooting
–
–
Recommended Action
1.
2. If you are attempting to connect via HTTP, verify that the IP address is
3. If you are attempting to connect via HTTP, verify that HTTP is enabled.
4. Verify that the browser is configured correctly, and attempt to connect to
Chapter 1 FAQs and Troubleshooting
If connecting via HTTP, the IP address was not appended with :1741.
The client system is not configured.
Make sure that the system can connect to the network. Attempt to connect
the system using a Web browser.
If you cannot connect, continue.
appended with :1741.
If you are attempting to connect via HTTPS, verify that HTTPS is
enabled. For more information, see the Installation and Configuration
Guide for the CiscoWorks Wireless LAN Solution Engine.
the WLSE. For more information, see these Installation and
Configuration Guide for the CiscoWorks Wireless LAN Solution Engine.
If you cannot connect, continue to step 5.
1-8
5. At the system console, or through Telnet, verify that the Web Server and
tomcat are running by entering the following:
# services status
If they are running, go to step 7. If they are not running
continue to step 6.
6. Stop the system services by entering the following:
# services stop
7. Restart the system services by entering the following:
# services start
8. Try to connect the system using a Web browser.
If you cannot connect, continue to the next step.
9. Reboot the system by entering the reload command.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Chapter 1 FAQs and Troubleshooting
10. If you still cannot connect to the system using a Web browser, contact
Symptom The system time or date is incorrect.
Possible Cause
–
–
Recommended Action Make sure NTP is configured correctly and that the
system clock is set correctly.
For information about maintaining the system time and date, see the User
Guide for the CiscoWorks Wireless LAN Solution Engine, Release 2.5. You
can access a PDF version of this guide by clicking View PDF in the WLSE’s
online help.
General FAQs and Troubleshooting
For more information on the reload command, see the CLI appendix in
the User Guide for the CiscoWorks Wireless LAN Solution Engine,
Release 2.5. You can access a PDF version of this guide by clicking View
PDF in the WLSE’s online help.
Cisco’s Technical Assistance Center for assistance.
NTP is misconfigured.
The system clock is set incorrectly.
Symptom The system cannot boot from the hard drive during a reboot.
Possible Cause
–
The disk has a physical error.
–
The disk image is corrupted.
Recommended Action If the WLSE cannot boot from the hard drive, the hard
drive needs to be reimaged. Use the Recovery CD to reimage your WLSE. For
more information, see the User Guide for the CiscoWorks Wireless LAN
Solution Engine, Release 2.5. You can access a PDF version of this guide by
clicking View PDF in the WLSE’s online help.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-9
General FAQs and Troubleshooting
Symptom Cannot connect to system with Telnet or Telnet interaction is slow.
Possible Cause
–
–
Note Telnet is disabled by default. SSH is enabled by default.
Recommended Action
If the problem is not the network, perform the following steps. Connect to the
console port if you cannot Telnet to the WLSE.
1. Check the Telnet settings to be sure Telnet is enabled and configured
Chapter 1 FAQs and Troubleshooting
Telnet is disabled or configured incorrectly.
The WLSE cannot recognize host names.
If you are not using name recognition, slow or non-existent telnet
interaction is an expected problem.
correctly. For more information, see the following
To check the Telnet settings, or to enable or disable Telnet on specific
domains or IP addresses, use the telnetenable CLI command. For more
information on this command, see the User Guide for the CiscoWorks
Wireless LAN Solution Engine, Release 2.5. You can access a PDF
version of this guide by clicking View PDF in the WLSE’s online help
1-10
To enable or disable Telnet on individual ports, use the firewall CLI
command. For more information on this command, see the User Guide
for the CiscoWorks Wireless LAN Solution Engine, Release 2.5. You can
access a PDF version of this guide by clicking View PDF in the WLSE’s
online help
2. If you have specified hosts using the telnetenable CLI command, make
sure the host from which you are attempting to Telnet is on the list.
3. If you are using a DNS server, perform the following step:
Configure the system to use a functioning DNS server by entering:
# ip name-server
where ip-address is the IP address of the DNS server.
ip-address
If you are using the import CLI command, proceed to the next step.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Chapter 1 FAQs and Troubleshooting
4. Verify that the system can get DNS services from the network by entering
5. If the system cannot resolve DNS names to IP addresses, the DNS server
6. If you are using the import CLI command to resolve host names, verify
7. If the system can resolve DNS names to IP addresses but you still cannot
Faults FAQs and Troubleshooting
the following command:
# nslookup
where dns-name is the DNS name of a host on the network that is
registered in DNS and hostname and ip-address is the same IP address
specified in 2. The command returns the IP address of the host.
it is using is not working properly.
Resolve the network DNS problem, then continue.
that the WLSE can resolve host names by entering the following
command:
ping
where hostname is a host name that has been mapped to an IP address, or
imported in a host file, using the import command.
connect to the system using Telnet, or Telnet interaction with the system
is extremely slow, contact Cisco’s Technical Assistance Center.
dns-name {hostname | ip-address
hostname
}
Faults FAQs and Troubleshooting
• Faults FAQs, page 1-11
• Faults Troubleshooting, page 1-12
Faults FAQs
• Does acknowledging a fault clear it?
• What traps are sent from the WLSE?
• What trap types are forwarded by the WLSE?
• Does a MIB or trap definition file exist for the WLSE?
• What information is emailed in a fault notification?
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-11
Faults FAQs and Troubleshooting
Q.
Does acknowledging a fault clear it?
A.
No, it only removes it from the Active list. For a description of fault states,
see the information on understanding fault states in the online help.
Q.
What traps are sent from the WLSE?
A.
Traps are sent based on fault policy and threshold settings on the WLSE. The
WLSE only sends out v2c traps, so make sure your trap listener is configured
to accept v2c traps.
Solaris 2.8- based NetView 7.1 receives and displays the SNMP v2c fault
notification traps from WLSE, but Windows-based NetView 7.1 supports
only v1 traps and cannot receive and display any v2c traps from the WLSE.
Q.
What trap types are forwarded by the WLSE?
A.
No traps are forwarded from other devices.
Q.
What information is emailed in a fault notification?
A.
For a description see the online help.
Chapter 1 FAQs and Troubleshooting
Q.
Does a MIB or trap definition file exist for the WLSE?
A.
Yes, from the Cisco.com download site, download MIB
CISCO-DEVICE-EXCEPTION-REPORTING-MIB.my and load it into the
trap receiver.
Faults Troubleshooting
• The Display Fault view is blank.
• Email fails to arrive at its destination.
• No VLAN fault information is displayed for IOS access points.
Symptom The Display Fault view is blank.
Possible Cause There are no faults to report based on the filtering criteria you
entered.
Recommended Action Not applicable.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-12
Chapter 1 FAQs and Troubleshooting
Symptom Email fails to arrive at its destination.
Possible Cause The SMTP server is not configured properly.
Recommended Action Configure the SMTP server by selecting Administration
> Appliance > Configure Mailroute.
Symptom No VLAN fault information is displayed for IOS access points.
Possible Cause WEP keys have not been configured in each VLAN. When the
WEP keys are configured in the IOS access points, VLAN information is
accessible by SNMP.
Recommended Action Configure the WEP keys for the corresponding VLAN.
Devices FAQs and Troubleshooting
• Devices FAQs, page 1-13
Devices FAQs and Troubleshooting
Devices FAQs
• Devices Troubleshooting, page 1-15
• Why is hostname (device name), sysContact, and sysLocation information
not updated in the WLSE after I change these parameters on the access point?
• What is an invalid CDP seed?
• Can I discover devices if CDP is disabled?
• What are the extra inventories listed in the Run Now folder?
• What are the results of adding or removing an interface from an access point?
• Can the WLSE discover access points that are connected to non-Cisco
switches?
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-13
Devices FAQs and Troubleshooting
Q.
Why is hostname (device name), sysContact, and sysLocation information
not updated in the WLSE after I change these parameters on the access point?
A.
The hostname (device name), sysContact, and sysLocation parameters are
updated during discovery, not during inventory. Make sure you schedule a
periodic discovery under Administration > Discover > Scheduled Discovery.
Q.
What is an invalid CDP seed?
A.
An invalid seed is a device that does not run Cisco Discovery Protocol (CDP),
such as a PC or workstation). Such a device does not function as a seed
because it does not allow the WLSE to traverse the network and find other
devices. In the discovery run log, invalid seeds are shown as SNMP
unreachable.
Q.
Can I discover devices if CDP is disabled?
A.
If CDP is disabled on network devices, you can still discover access points by
entering the IP addresses of all of them on the WLSE as seed values.
However, the WLSE cannot discover switches directly attached to such
access points, and switch-related reports will be empty.
Chapter 1 FAQs and Troubleshooting
1-14
Q.
What are the extra inventories listed in the Run Now folder?
A.
The radio management module runs periodic immediate inventories.
Q.
What are the results of adding or removing an interface from an access point?
A.
If you physically remove an interface (for example, removing 11b from a
dual-interface AP 1200), the WLSE will automatically detect the change
during the next inventory cycle. If you physically add an interface, you must
delete the device and rediscover it. Otherwise, the inventory data might be
invalid.
Q.
Can the WLSE discover access points that are connected to non-Cisco
switches?
A.
The APs cannot be discovered through CDP, but you can import the APs from
a file or enter them all as seeds in the WLSE UI.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Chapter 1 FAQs and Troubleshooting
Devices Troubleshooting
This section contains the following troubleshooting information:
• Devices were discovered but are not displayed in the GUI; for example, in
Reports.
• There is a time discrepancy in the scheduled discovery jobs.
• Devices are placed in Misconfigured Devices group after discovery and
dot11mib fault is displayed.
• Access points are placed in Misconfigured Devices group even though they
have been configured with the correct ISO views.
• The SNMP Query Authorization Exception is recorded in the discovery log.
• Frequent client inventories are causing too much network traffic or degrading
WLSE performance.
• Inventory is taking longer than expected and a message about no logs
available appears in the inventory log.
• When entering device Telnet or SSH credentials on the WLSE, authentication
fails if the & character appears in a name or password.
Devices FAQs and Troubleshooting
Symptom Devices were discovered but are not displayed in the GUI; for example,
in Reports.
Possible Cause The devices have not been moved to the Managed state.
Recommended Action Select Administration > Discover > Managed Devices.
Move the devices from New or Unmanaged to Managed.
Intermediate switches with no access points directly connected to them are
shown to be discovered in the Administration > Tasks History > Discovery
logs but will not show up in Administration > Discover > Managed Devices
> Manage/Unmanage.
Symptom There is a time discrepancy in the scheduled discovery jobs.
Possible Cause The local or system time is not set correctly on the WLSE.
Recommended Action
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-15
Devices FAQs and Troubleshooting
a. Reset the WLSE system time (UTC) using CLI commands as follows:
b. Set the local browser time. Select Administration > Appliance >
Symptom Devices are placed in Misconfigured Devices group after discovery and
dot11mib fault is displayed.
Possible Cause IOS devices are not configured correctly with an ISO view.
Also, see the following Symptom: Access points are placed in Misconfigured
Devices group even though they have been configured with the correct ISO
views., page 1-18.
Recommended Action Perform the following tasks on the devices and the
WLSE. Either configure the devices individually or create a configuration
template with the relevant custom values and create a job for the devices.
Chapter 1 FAQs and Troubleshooting
Enter services stop to stop services.
Enter the clock command to reset the time.
Enter services start to restart the services.
Time/NTP/Name.
1-16
–
To configure devices individually:
a. Use Telnet or SSH to log in to the device, then enter enable mode.
b. In global configuration mode, enter the following commands in
sequence:
# snmp-server view iso iso included
# snmp-server community community_string view iso RO
where community_string is the device’s read-only community string.
This is the same string that should exist in the WLSE’s SNMP credentials
screen (Devices > Discover > Device Credentials > SNMP
Communities). If it is not entered there, see the following instructions for
entering device credentials in the WLSE.
c. Exit from the global configuration mode, and enter the following
command:
# write memory
–
To configure devices by using a template:
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Chapter 1 FAQs and Troubleshooting
a. Use the procedures in the configuration template instructions in the
b. Enter the following custom values in the template:
c. Run a configuration job on the devices in the Misconfigured Devices
d. After the configuration job finishes successfully, the dot11 mib fault will
Devices FAQs and Troubleshooting
online help or the User Guide for the CiscoWorks Wireless LAN Solution
Engine, 2.5 to create a template.
snmp-server view iso iso included
snmp-server community community_string view iso RO
group:
— Select the template created in the previous step.
—Either select the Misconfigured Devices group or the devices in the
group.
—Schedule the job to run at the desired time.
be cleared after the next discovery cycle. You can run a manual discovery
immediately after the configuration job finishes; select Devices >
Discover > Run Inventory > Run Now.
–
Perform the following steps on the WLSE:
a. If the device’s ISO community string has not been entered on the WLSE,
select Devices > Discover > Device Credentials > SNMP Communities.
Then, enter the same community strings that you configured on the
devices in the previous procedure.
Otherwise, the devices will be placed back in the Misconfigured Devices
group after the next discovery cycle.
b. Rediscover the devices by using them as seed devices in an immediate
discovery. Select Devices > Discover > Run Inventory > Run Now. For
more information on discovery, see the online help discovery section or
the User Guide for the CiscoWorks Wireless LAN Solution Engine,
Release 2.5.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-17
Devices FAQs and Troubleshooting
Symptom Access points are placed in Misconfigured Devices group even though
they have been configured with the correct ISO views.
Possible Cause Unknown.
Recommended Action Delete the access points from the WLSE and run a new
discovery on them.
Symptom The SNMP Query Authorization Exception is recorded in the
discovery log.
Possible Cause The community string on the access point does not have admin
and firmware rights.
Recommended Action In the configuration template or on the access point,
assign the missing rights to the community string. For more information, see
the information on setting up devices in the online help or the User Guide for
the CiscoWorks Wireless LAN Solution Engine, Release 2.5.
Chapter 1 FAQs and Troubleshooting
1-18
Symptom Frequent client inventories are causing too much network traffic or
degrading WLSE performance.
Possible Cause Running frequent client inventories when managing large
numbers of access points (1,000 or more) generates a great deal of traffic and
may degrade WLSE performance.
Recommended Action Increasing the Wireless Client Poll Interval in Devices >
Discover > Inventory > Polling will reduce the polling frequency. If you need
more frequent client polling for a subset of your access points, use the
Scheduled Inventory feature instead (Devices > Discover > Inventory > Run
Inventory).
Symptom Inventory is taking longer than expected and a message about no logs
available appears in the inventory log.
No logs available. Waiting for resources to start job.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Chapter 1 FAQs and Troubleshooting
Configuration FAQs and Troubleshooting
Possible Cause If there are also SNMP timeouts on the network, inventory
jobs will take much longer. Other jobs may be using all of the available
resources. Also, the next scheduled inventory will not run until the current
inventory finishes.
Recommended Action None.
Symptom When entering device Telnet or SSH credentials on the WLSE,
authentication fails if the & character appears in a name or password.
Possible Cause The WLSE ignores the & character and all characters that
follow it.
Recommended Action Do not use & in Telnet/SSH credentials that must be
entered on the WLSE.
Configuration FAQs and Troubleshooting
• Configuration FAQs, page 1-19
• Configuration Troubleshooting, page 1-22
Configuration FAQs
• If I create a configuration template that includes WEP key settings how can I
verify that they were set on the access point (the access point does not show
WEP key settings on its web interface)?
• Can you undo a configuration update?
• How long is the configuration job history kept in the WLSE?
• Do jobs use HTTP or SNMP to initiate a configuration upload?
• Is it necessary to validate a job?
• What kinds of job logs are available?
• What is startup configuration?
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-19
Configuration FAQs and Troubleshooting
• If I make changes to the startup template, will those modifications be
automatically uploaded to the access points that already had that startup
template applied?
• What is auto configuration?
• Can I give a configuration job a name that is used for a firmware or radio
management job?
Q.
If I create a configuration template that includes WEP key settings how can I
verify that they were set on the access point (the access point does not show
WEP key settings on its web interface)?
A.
For security reasons, the access point does not show or send WEP key
information. One of the ways to verify the update is to look at the WEP Key
length. The only way to verify the contents of the WEP key is to try
associating a client that uses that WEP key.
Q.
Can you undo a configuration update?
A.
Yes, but only for successful jobs and device versions 11.23T and above for
the 340 and 350 access points and bridges, and versions 11.56 and above for
AP1200. The Undo feature cannot be used for IOS devices.
Chapter 1 FAQs and Troubleshooting
1-20
To undo a job, view the Job Run Details table under Configuration > Jobs,
select the job you want to undo, and click Undo. For more specific
information, see the online help.
Q.
How long is the configuration job history kept in the WLSE?
A.
The default time is 30 days. You can change this by navigating to Devices >
Discover > Inventory > Polling > Job History Truncation Interval. Also, by
default, for the recurring jobs, the last 30 runs are maintained in the database.
Q.
Do jobs use HTTP or SNMP to initiate a configuration upload?
A.
WLSE Configuration jobs can use either HTTP or SNMP as the mechanism
to initiate a configuration template upload to an access point.
• The HTTP mechanism is valid for all supported device versions. The
following setup parameters must be in place for HTTP mechanism to function
properly:
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
Chapter 1 FAQs and Troubleshooting
–
–
Note Both username and password in the device credentials are case
• The SNMP mechanism is valid for versions 11.08T and higher. The following
setup parameters must be in place for SNMP to function properly:
–
–
Configuration FAQs and Troubleshooting
HTTP credentials for the device (with admin and firmware privileges on
the access point) must match those entered on the WLSE HTTP device
credentials screen.
TFTP server settings on the access point (Setup > FTP), must refer to the
WLSE’s IP address.
sensitive.
SNMP credentials for the device (with admin and firmware privileges on
the access point) must match those entered on the WLSE SNMP device
credentials screen.
There is no need to change TFTP server settings for the SNMP
mechanism, although you can use the SNMP mechanism to change the
TFTP server settings on the AP to be used in the HTTP mechanism. Enter
valid credentials in the Security > Local Admin Access template screen.
The SNMP job mechanism can be used to update TFTP settings, which are
needed by HTTP-based jobs. This setting is available under Service > FTP in
the configuration templates screens.
Q.
Is it necessary to validate a job?
A.
We recommend that you always validate a job before saving it. This will help
in locating any possible problems before applying the job.
Q.
What kinds of job logs are available?
A.
There are two kinds of job logs: Job run log and the jobvm log.
• The job run log is where events are logged for a particular job’s run. This log
can be used to check what went wrong with the job and make any required
corrections. The job run log can be viewed by selecting a particular job from
the job list, then clicking Job Run Detail. From the window that pops up,
select a particular run for the job, then click Job Run Log.
• The jobvm.log is a global log for all types of jobs. It is used mainly for
development troubleshooting. The jobvm.log can be viewed by selecting
Administration > Appliance > View Log File, then clicking jobvm.log.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-21
Configuration FAQs and Troubleshooting
Q.
What is startup configuration?
Startup configuration is used right after a device (access point) reboots. It
requires DHCP server to be properly set up to allow the access point to pick
its startup configuration from WLSE. For this to work, you must set up the
following:
a. Enter the <IP address of the WLSE> in the Boot Server Host Name
field (option number 066) on the DHCP server.
b. Enter <startup file name> in the BootfileName field (option number
067) on the DHCP server.
For additional information, or for information about configuring a router as a
DHCP server, see the online help.
Q.
What is auto configuration?
A.
Auto configuration is used after the device has been discovered and inventory
has been collected for it. This template can be applied based on criteria you
define while saving your auto-configuration template.
Q.
If I make changes to the startup template, will those modifications be
automatically uploaded to the access points that already had that startup
template applied?
Chapter 1 FAQs and Troubleshooting
A.
No. If you make modifications to the startup template, you will have to
reapply the template.
Q.
Can I give a configuration job a name that is used for a firmware or radio
management job?
A.
No. Job names cannot be duplicated.
Configuration Troubleshooting
• HTTP configuration jobs are picking up the wrong template.
• An IOS template job failed.
• Configuration jobs fail because the Telnet/SSH credentials are not valid, even
though credentials have been entered on the WLSE.
FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine
1-22
Loading...