Professional Documents
Culture Documents
Release 3.0
NN47251-700
Issue 08.01
June 2014
Contents
Chapter 1: Introduction............................................................................................................ 6
Purpose..................................................................................................................................6
Related Resources..................................................................................................................6
Documentation..................................................................................................................6
Training............................................................................................................................ 6
Viewing Avaya Mentor videos.............................................................................................7
Support.................................................................................................................................. 7
Chapter 2: New in this release.................................................................................................8
Features.................................................................................................................................8
Other changes........................................................................................................................ 9
Chapter 3: Troubleshooting Planning...................................................................................10
Chapter 4: Troubleshooting Tools........................................................................................ 12
Port mirroring........................................................................................................................ 12
Port mirroring commands.......................................................................................................13
Port statistics........................................................................................................................ 13
Time domain reflectometer.....................................................................................................13
System logs.......................................................................................................................... 13
IP Flow information export......................................................................................................14
Remote packet capture..........................................................................................................14
Traffic monitoring.................................................................................................................. 15
Chapter 5: Configuring troubleshooting features............................................................... 16
Configuring Serviceability.......................................................................................................16
Configuring RMON with the CLI........................................................................................16
Configuring IPFIX using CLI............................................................................................. 21
Configuring diagnostics and graphing..................................................................................... 24
System diagnostics and statistics using CLI.......................................................................25
Network monitoring configuration using CLI.......................................................................28
Chapter 6: General diagnostic tools..................................................................................... 41
CLI command modes.............................................................................................................41
Wireless Management System............................................................................................... 42
Virtual link aggregation control protocol (VLACP)..................................................................... 42
Chapter 7: Initial Troubleshooting........................................................................................ 44
Gather information.................................................................................................................44
Chapter 8: Troubleshooting WLAN ...................................................................................... 47
Troubleshooting Wireless LAN Management System issues..................................................... 47
Troubleshooting Layer 2 and Layer 3 issues............................................................................49
Troubleshooting a failed configuration restore (from an ascii file) on a domain controller............. 50
Troubleshooting AP related issues..........................................................................................50
Troubleshooting client-related issues...................................................................................... 55
June 2014
Contents
June 2014
Chapter 1: Introduction
Purpose
This document:
Provides troubleshooting information and procedures for the WLAN Controller 8180 and
Access Point 8120.
Describes the diagnostic tools and utilities available for troubleshooting the WLAN 8100 Series
products including the Command Line Interface (CLI) and the Wireless Management System
(WMS).
Guides you through some common problems to achieve a first tier solution to these situations.
Advises you what information to compile prior to troubleshooting or calling Avaya for help.
This document assumes that you:
Are familiar with networking concepts and terminology.
Have experience with Graphical User Interface (GUI).
Have basic knowledge of network topologies.
Related Resources
Documentation
For a list of the documentation for this product, see Documentation Reference for Avaya WLAN
8100, NN47251-100.
Training
Ongoing product training is available. For more information or to register, see http://avayalearning.com/.
Enter the course code in the Search field and click Go to search for the course.
June 2014
Comments? infodev@avaya.com
Support
Course Code
Course Title
6769X
4D00045V
Procedure
To find videos on the Avaya Support website, go to support.avaya.com and perform one of the
following actions:
In Search, type Avaya Mentor Videos to see a list of the available videos.
In Search, type the product name. On the Search Results page, select Video in the
Content Type column on the left.
To find the Avaya Mentor videos on YouTube, go to www.youtube.com/AvayaMentor and
perform one of the following actions:
Enter a key word or key words in the Search Channel to search for a specific product or
topic.
Scroll down Playlists, and click the name of a topic to see the available list of videos posted
on the website.
Note:
Videos are not available for all products.
Support
Go to the Avaya Support website at http://support.avaya.com for the most up-to-date
documentation, product notices, and knowledge articles. You can also search for release notes,
downloads, and resolutions to issues. Use the online service request system to create a service
request. Chat with live agents to get answers to questions, or request an agent to connect you to a
support team if an issue requires additional expertise.
June 2014
The following sections detail what's new in the Troubleshooting Avaya WLAN 8100, NN47251-700
for Release 3.0.
Related Links
Features on page 8
Other changes on page 9
Features
See the following sections for information about the feature changes:
Support for External Captive Portal on page 8
Support for Link Layer Discovery Protocol (LLDP) on page 8
Bonjour Gateway support on page 9
For information on the WMS enhancements and on Avaya Command Line Interface (CLI)
commands, see Using WMS and EDM on Avaya WLAN 8100, NN47251-108 and ACLI Commands
Reference for Avaya WLAN 8100, NN47251-107 respectively.
For more information on feature fundamentals, see Feature Overview for Avaya WLAN 8100,
NN47251-102.
June 2014
Comments? infodev@avaya.com
Other changes
LLDP support on AP can advertise its status, capabilities, and process information from other LLDP
neighbors. Eg. PoE switches.
Other changes
There are no other changes to this document for release 3.0.
Related Links
New in this release on page 8
June 2014
There are some things you can do to minimize the need for troubleshooting and to plan for doing it
as effectively as possible.
First, use the WLAN 8100 Series Documentation Roadmap to familiarize yourself with the
documentation set, so you know where to get information when you need it.
Second, make sure the system is properly installed and maintained so that it operates as expected.
Third, make sure you gather and keep up to date the site map, logical connections, device
configuration information, and other data that you will require if you have to troubleshoot.
A site network map identifies where each device is physically located on your site, which helps
locate the users and applications that are affected by a problem. You can use the map to
systematically search each part of your network for problems.
You must know how your devices are connected logically and physically with virtual local area
networks (VLAN).
You should maintain online and paper copies of your device configuration information. Ensure
that all online data is stored with your sites regular data backup for your site. If your site has no
backup system, copy the information onto a backup medium and store the backup offsite.
Store passwords in a safe place. It is a good practice to keep records of your previous
passwords in case you must restore a device to a previous software version. You need to use
the old password that was valid for that version.
It is a good practice to maintain a device inventory, which list all devices and relevant
information for your network. Use this inventory to easily see the device types, IP addresses,
ports, MAC addresses, and attached devices.
If your hubs or switches are not managed, you must keep a list of the MAC addresses that
correlate to the ports on your hubs and switches.
Maintain a change-control system for all critical systems. Permanently store change-control
records.
It is a good practice to store the details of all key contacts, such as support contacts, support
numbers, engineer details, and telephone and fax numbers. Having this information available
during troubleshooting saves you time.
Fourth, understand the normal network behavior so you can be more effective at troubleshooting
problems.
Monitor your network over a period of time sufficient to allow you to obtain statistics and data to
see patterns in the traffic flow, such as which devices are typically accessed or when peak
usage times occur.
Use a baseline analysis as an important indicator of overall network health. A baseline view of
network traffic as it typically is during normal operation is a reference that you can compare to
10
June 2014
Comments? infodev@avaya.com
network traffic data that you capture during troubleshooting. This should speed the process of
isolating network problems.
June 2014
11
The WLAN 8100 series products support a range of protocols, utilities and diagnostic tools that you
can use to monitor and analyze traffic, capture and analyze data packets, trace data flows, view
statistics, and manage event messages.
Certain protocols and tools are tailored for troubleshooting specific WLAN 8100 Series network
topologies. Other tools are more general in their application and can be used to diagnose and
monitor ingress and egress traffic.
This chapter describes the available troubleshooting tools and their applications.
Related Links
Port mirroring on page 12
Port mirroring commands on page 13
Port statistics on page 13
Time domain reflectometer on page 13
System logs on page 13
IP Flow information export on page 14
Remote packet capture on page 14
Traffic monitoring on page 15
Port mirroring
The WLAN 8100 port mirroring feature helps you to monitor and analyze network traffic. Port
mirroring requires one or more ports for mirroring and one for monitoring.
The mirror port allows both ingress and egress traffic. When port mirroring is enabled, a copy of the
ingress or egress packets on the mirrored port also flow through the monitoring port. This helps you
observe and analyze packet traffic on the monitoring port while it continues uninterrupted and flows
normally through the mirror port. You can analyse packet traffic on the monitoring port using a
network analyzer.
Related Links
Troubleshooting Tools on page 12
12
June 2014
Comments? infodev@avaya.com
Port statistics
Use port statistics commands to display information on received and transmitted packets at the
ports. The ingress and egress counts occur at the MAC layer. Count updates occur once every
second.
Related Links
Troubleshooting Tools on page 12
System logs
You can use the syslog messaging feature of the WLAN 8100 series products to manage event
messages. The WLAN 8100 series syslog software communicates with a server software
component named syslogd that resides on your management workstation.
The daemon syslogd is a software component that receives and locally logs, displays, prints, or
forwards messages that originate from sources that are internal and external to the workstation. For
example, syslogd software concurrently handles messages received from applications running on
the workstation, as well as messages received from an WLAN 8100 series device running in a
network accessible to the workstation.
Related Links
June 2014
13
Troubleshooting Tools
14
June 2014
Comments? infodev@avaya.com
Traffic monitoring
Wireshark can be configured to decode all packets received on the UDP port of the capture stream
as CAPWAP data packets.
The UDP port that is used for CAPWAP capture stream to the observer host is configured in the
capture profile.
To troubleshoot wireless clients using remote packet capture, see Troubleshooting wireless clients
using Remote Packet Capture on page 67.
Traffic monitoring
Traffic monitoring is the collection and analysis of traffic flow and application related measurements.
This involves collecting, storing, and analyzing flow and application measurements exported from
the flow meters in the IP network, and provides access to the analyzed measurement. The collection
process is hosted by the flow collector-analyzer devices under the IPFIX architecture.
Related Links
Troubleshooting Tools on page 12
June 2014
15
This chapter describes methods and procedures necessary to configure RMON and IPFIX and the
methods and procedures necessary to configure diagnostics and graphing.
Related Links
Configuring Serviceability on page 16
Configuring diagnostics and graphing on page 24
Configuring Serviceability
The following sections describe the methods and procedures necessary to configure RMON and
IPFIX.
Related Links
Configuring troubleshooting features on page 16
Configuring RMON with the CLI on page 16
Configuring IPFIX using CLI on page 21
16
June 2014
Comments? infodev@avaya.com
Configuring Serviceability
Procedure
1. Enter Privileged Executive mode.
2. Use the show rmon alarm command to display information about RMON alarms.
Procedure
1. Enter Privileged Executive mode.
2. Enter the show rmon event command.
Procedure
1. Enter Privileged Executive mode.
2. Enter the show rmon history [<port>] command.
Variable Definitions
Variable
Definition
<port>
Procedure
1. Enter Privileged Executive mode.
June 2014
17
Procedure
1. Enter Global Configuration mode.
2. Enter the rmon alarm <1-65535> <WORD> <1-2147483647> {absolute | delta}
rising-threshold <-2147483648-2147483647> [<1-65535>] fallingthreshold <-2147483648-2147483647> [<1-65535>] [owner <LINE>]
command.
Variable Definitions
Parameter
Description
<1-65535>
<WORD>
<1-2147483647>
absolute
Use absolute values (value of the MIB object is compared directly with
thresholds).
delta
Use delta values (change in the value of the MIB object between samples
is compared with thresholds).
rising-threshold
<-2147483648-2147483647 >
[<1-65535>]
The first integer value is the rising threshold value. The optional second
integer specifies the event entry to be triggered after the rising threshold is
crossed. If omitted, or if an invalid event entry is referenced, no event is
triggered.
falling-threshold
<-2147483648-2147483647 >
[<1-65535>]
The first integer value is the falling threshold value. The optional second
integer specifies the event entry to be triggered after the falling threshold is
crossed. If omitted, or if an invalid event entry is referenced, no event is
triggered.
[owner <LINE>]
Procedure
1. Enter Global Configuration mode.
2. Enter the no rmon alarm [<1-65535>] command.
18
June 2014
Comments? infodev@avaya.com
Configuring Serviceability
Variable Definitions
Variable
Definition
[<1-65535>]
Procedure
1. Enter Global Configuration mode.
2. Enter the rmon event <1-65535> [log] [trap] [description <LINE>] [owner
<LINE>] command.
Variable Definitions
Parameter
Description
<1-65535>
[log]
[trap]
[description <LINE>]
[owner <LINE>]
Procedure
1. Enter Global Configuration mode.
2. Enter the no rmon event [<1-65535>] command to delete the entries.
Variable Definitions
Variable
Definition
[<1-65535>]
June 2014
19
Procedure
1. Enter Global Configuration mode.
2. Enter the rmon history <1-65535> <LINE> <1-65535> <1-3600> [owner
<LINE>] command to configure the RMON history..
Variable Definitions
Parameter
Description
<1-65535>
<LINE>
<1-65535>
<1-3600>
[owner <LINE>]
Procedure
1. Enter Global Configuration mode.
2. Enter the no rmon history [<1-65535>] command to delete the entries.
Variable Definitions
Variable
Definition
[<1-65535>]
Procedure
1. Enter Global Configuration mode.
2. Enter the rmon stats <1-65535> <LINE> [owner <LINE>] command to configure
RMON statistics.
Variable Definitions
20
Parameter
Description
<1-65535>
[owner <LINE>]
June 2014
Comments? infodev@avaya.com
Configuring Serviceability
Procedure
1. Enter Global Configuration mode.
2. Enter the no rmon stats [<1-65535>] command to disable RMON statistics.
Variable Definitions
Variable
Definition
<1-65535>
June 2014
21
Procedure
1. Enter Global Configuration mode.
2. Use the ip ipfix collector <unit_number> <collector_ip_address>
command to configure the IPFIX collector.
Variable Definitions
Parameter
Description
<unit_number>
<collector_ip_address>
Procedure
1. Enter Global Configuration mode.
2. Use the ip ipfix enable command to enable IPFIX on the switch.
Procedure
1. Enter Global Configuration mode.
2. Use the ip ipfix slot <unit_number> [aging-interval <aging_interval>]
[export-interval <export_interval>] [exporter-enable] [templaterefresh-interval <template_refresh_interval>] [template-refreshpackets <template_refresh_packets>] command to enable IPFIX on the switch.
Variable Definitions
22
Parameter
Description
<unit_number>
<aging_interval>
<export_interval>
The IPFIX export interval. This interval is the value at which IPFIX data is
exported in seconds from 10 to 3600.
<template_refresh_interval>
The IPFIX template refresh interval. This value is in seconds from 300 to
3600.
<template_refresh_packets>
The IPFIX template refresh packet setting. This value is the number of
packets from 10000 - 100000.
June 2014
Comments? infodev@avaya.com
Configuring Serviceability
Procedure
1. Enter Interface Configuration mode.
2. Use the ip ipfix enable command to enable IPFIX on the interface.
Procedure
1. Enter Interface Configuration mode.
2. Use the ip ipfix port <port_list> command to enable IPFIX on the interface.
Variable Definitions
Variable
Definition
port-list
Procedure
1. Enter Privileged Executive mode.
2. Use the ip ipfix flush port <port_list> [export-and-flush] command to
delete the collected IPFIX information for the port or ports.
Variable Definitions
Variable
Definition
port-list
export-and-flush
Procedure
1. Enter Privileged Executive mode.
June 2014
23
Variable Definitions
Variable
Definition
<unit_number>
The unit number of the collector. Currently up to two collectors are supported so
the values 1 or 2 are valid.
<sort_by>
<sort_order>
The order in which the data is sorted. Valid options are ascending and descending.
<num_entries>
24
June 2014
Comments? infodev@avaya.com
Viewing port-statistics
About this task
Use this procedure to view the statistics for the port on both received and transmitted traffic.
Procedure
1. Enter Global Configuration mode.
2. Enter the show port-statistics [port <portlist>] command.
WC8180#show port-statistics
Port: 1
-------Received
Packets:
Multicasts:
Broadcasts:
Total Octets:
FCS Errors:
Undersized Packets:
Oversized Packets:
Filtered Packets:
Pause Frames:
Transmitted
Packets:
Multicasts:
Broadcasts:
Total Octets:
Collisions:
Single Collisions:
Multiple Collisions:
Excessive Collisions:
Deferred Packets:
Late Collisions:
Pause Frames:
Packets
64 bytes:
65-127 bytes:
128-255 bytes:
256-511 bytes:
512-1023 bytes:
6338006
1428257
4812
464732046
0
0
0
0
0
12149510
272137
2225
1206701939
0
0
0
0
0
0
0
1700394
14013526
2640263
11186
10363
June 2014
25
Related Links
System diagnostics and statistics using CLI on page 25
Variable Definitions
Variable
Definition
port <portlist>
Procedure
1. Enter Privileged Executive mode.
2. Enter the show interfaces [port list] verbose command. If you issue the
command with no parameters the port status is shown for all ports.
3. Observe the CLI output.
26
Link
---Down
Down
Up
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
LinkTrap
-------Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Auto
Flow
Negotiation Speed
Duplex Control
----------- -------- ------ ------Enabled
Enabled
Enabled
100Mbps Full
Disable
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
June 2014
Comments? infodev@avaya.com
16
17
18
19
20
21
22
23
24
25
26
Enable
Enable
Enable
Enable
Enable
Enable
Enable
Enable
Enable
Enable
Enable
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Down
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Disabled
Disabled
10Gbps
10Gbps
Full
Full
Disable
Disable
You can also use the show interfaces command to validate port operational status after VLACP
or STP configuration.
Related Links
System diagnostics and statistics using CLI on page 25
Procedure
1. Enter Privileged Executive mode.
2. Enter the show interfaces <portlist> config command.
3. Observe the CLI output.
WC8180#show interfaces 1 config
Port: 1
Trunk:
Admin Status: Enable
Oper Status: Down
VLACP Oper Status: Down
STP Oper Status: Disabled
Link: Up
LinkTrap: Enabled
Autonegotiation: Enabled
Speed: 100Mbbps
Duplex: Full
Flow Control: Disable
Energy Saver: Disabled
Oper Energy Saver: No Power Saving
*****VLAN interfaces configuration*****
Filter
Filter
Untagged Unregistered
Port Frames
Frames
PVID PRI
Tagging
Name
---- -------- ------------ ---- --- ------------- -------------1
Yes
Yes
1
0
TagAll
Port 1
*****VLAN
Port VLAN
---- ---1
15
128
---- ----
VLAN
---30
130
----
VLAN Name
---------------system
guest
----------------
June 2014
27
Port Trunk
---- ----1
Participation
--------------Disabled
Priority
--------
Path Cost
---------
State
----------
Related Links
System diagnostics and statistics using CLI on page 25
Procedure
1. Enter the Privileged Executive mode of the Avaya CLI.
2. Enter the show cpu-utilization command.
3. Observe the displayed information.
Sample output:
WC8180#show cpu-utilization
---------------------------------------------------------------CPU Utilization
---------------------------------------------------------------Unit
10 Sec, 1 Min, 10 Min, 60 Min, 24 Hrs, System Boot-Up
---------------------------------------------------------------Host
9%
14%
15%
16%
NA
16%
WCP
3%
2%
2%
2%
NA
1%
WDP
1%
1%
1%
1%
NA
7%
28
June 2014
Comments? infodev@avaya.com
Procedure
1. Enter the Privileged Executive mode of the Avaya CLI.
2. Enter the show memory-utilization command.
3. Observe the displayed information.
OL-AMDC#show memory-utilization
--------------------------------------------------------Memory Utilization (in MB)
--------------------------------------------------------Unit
Total
Used
Free
Peak
--------------------------------------------------------Host
1024
265
759
265
WCP
1632
1061
571
1062
WDP
281
41
240
41
Procedure
1. Enter the command show logging system to view the contents of logging buffers.
Use the following command options to view the contents of logging buffers.
WC8180(config)#show logging system ?
config
Display configuration of event logging
critical
Critical event
informational Informational message
June 2014
29
serious
<cr>
Procedure
Enter the command no logging to disable the system log.
Procedure
1. Enter the command logging disable to disable the event log.
2. Enter the command logging enable to enable the event log.
30
June 2014
Comments? infodev@avaya.com
3. Use the following command options to configure the severity level of events to be logged in
DRAM:
WC8180(config)#logging level ?
critical
Critical event
informational Informational message
none
No events stored in volatile storage
serious
Serious event message
4. Use the following command options to configure the severity level of events to be saved in
the NV storage:
WC8180(config)#logging nv-level ?
critical Critical event
none
No events saved in NV storage
serious
Serious event message
6. Use the following command options to configure options for logging to DRAM:
WC8180(config)#logging volatile ?
latch
Latch DRAM log when it is full
overwrite Overwrite DRAM log when it is full
Procedure
1. Enter the command default logging to restore default system log configuration.
2. Enter the command default logging remote command to restore factory default
remote logging parameters.
CLI reference:
WC8180(config)#default logging ?
remote Restore factory default remote logging parameters
<cr>
Use the following command options to further configure default remote logging parameters:
WC8180(config)#default logging remote ?
address
Restore factory default remote syslog address
level
Restore factory default remote logging level
secondary-address Restore factory default second remote syslog address
June 2014
31
Procedure
1. Use the command clear logging system [non-volatile] [nv] [volatile] to
clear the system log.
CLI reference:
WC8180(config)#clear logging system ?
non-volatile Clear log messages from NVRAM
nv
Clear log messages from NVRAM and DRAM
volatile
Clear log messages from DRAM
<cr>
2. Use the following command options to clear log messages from NVRAM:
WC8180(config)#clear logging system non-volatile ?
critical Clear critical log messages
serious
Clear serious log messages
<cr>
3. Use the command clear logging system nv to clear log messages from NVRAM and
DRAM.
4. Use the following command options to clear log messages from DRAM:
WC8180(config)#clear logging system volatile ?
critical
Clear critical log messages
informational Clear informational log messages
serious
Clear serious log messages
<cr>
32
June 2014
Related Links
Network monitoring configuration using CLI on page 28
Procedure
1. On Windows, navigate to Start, All Programs, Administrative Tools, DHCP.
2. Select DHCP, <Scope Name>, Scope Options.
The scope options are displayed on the right-hand-side pane.
June 2014
33
a. In the Available Options pane, ensure that 043 Vendor Specific Info is selected.
b. In the Data entry pane, enter the following data.
08
01
09
10
11
08
04
04
02
01
Avaya AP
IP Address of the Controller(04 Length of the IP Address)
Syslog IP Address (04 length of the IP Address)
Syslog Server Port 514
Debug Log Level 7
Related Links
Network monitoring configuration using CLI on page 28
34
June 2014
Comments? infodev@avaya.com
Related Links
Network monitoring configuration using CLI on page 28
Disabling remote logging on page 35
Enabling remote logging on page 35
Setting the remote logging address on page 35
Clearing the remote server IP address on page 36
Setting the log severity on page 36
Resetting the severity level on page 36
Setting the default remote logging level on page 37
Procedure
1. Enter the Global Configuration mode of the Avaya CLI.
2. Use the command no logging remote enable to disable remote logging.
3. (Optional) Use the following additional command options to disable other remote logging
parameters.
WC8180(config)#no logging remote ?
address
Clear remote syslog address
enable
Disable remote logging
level
Clear remote logging level
secondary-address Clear second remote syslog address
Procedure
1. Enter Global Configuration mode of the Avaya CLI.
2. Enter the logging remote enable command to enable the use of a remote syslog server
for logging.
Procedure
1. Enter Global Configuration mode of the Avaya CLI.
2. Enter the logging remote address <A.B.C.D> command to set the address of the
remote server for the syslog.
CLI reference:
WC8180(config)#logging remote address ?
A.B.C.D IP address of remote syslog server
June 2014
35
Variable Definitions
Parameters and variables
Description
<A.B.C.D>
Procedure
1. Enter Global Configuration mode of the Avaya CLI.
2. Enter the command no logging remote address command to clear the IP address of
the remote syslog server.
Procedure
1. Enter Global Configuration mode.
2. Enter the logging remote level {critical | informational | serious |
none} command to set the severity level of the logs that will be sent to the server.
Variable Definitions
Parameters and variables
Description
Procedure
1. Enter Global Configuration mode.
2. Enter the no logging remote level command to remove the severity level of the logs
that will be sent to the server. The level is set to none.
36
June 2014
Comments? infodev@avaya.com
Procedure
1. Enter Global Configuration mode.
2. Enter the default logging remote level command to sets the severity level of the
logs sent to the remote server. The default level is none.
Procedure
1. Enter Privileged Executive mode.
2. Enter the show port-mirroring command to display the port-mirroring configuration.
Configure port-mirroring
About this task
Use this procedure to set the port-mirroring configuration
Procedure
1. Enter Global Configuration mode.
2. Enter the port-mirroring mode {disable | Xrx monitor-port <portlist>
mirror-ports <portlist> | Xtx monitor-port <portlist> mirror-ports
<portlist> | ManytoOneRx monitor-port <portlist> mirror-ports
<portlist> | ManytoOneTx monitor-port <portlist> mirror-port-X
<portlist> | ManytoOneRxTx monitor-port <portlist> mirror-port-X
<portlist> | XrxOrXtx monitor-port <portlist> mirror-port-X
<portlist> | XrxOrYtx monitor-port <portlist> mirror-port-X
June 2014
37
38
Parameter
Description
disable
Disables port-mirroring.
monitor-port
mirror-port-X
mirror-port-Y
mirror-MAC-A
mirror-MAC-B
portlist
ManytoOneRx
ManytoOneTx
ManytoOneRxTx
Xrx
Xtx
XrxOrXtx
XrxYtx
XrxYtxOrXtxYrx
XrxOrYtx
macaddr
Asrc
Adst
AsrcOrAdst
AsrcBdst
AsrcBdstOrBsrcAdst
June 2014
Comments? infodev@avaya.com
Disabling port-mirroring
About this task
Use this procedure to disable port-mirroring
Procedure
1. Enter Global Configuration mode
2. Enter the no port-mirroring command to disable port-mirroring.
Procedure
1. Enter Privileged Executive mode
2. Enter the show port-mirroring command.
3. Observe the displayed information.
Procedure
1. Enter Global Configuration mode
2. Enter the port-mirroring <1-4> allow-traffic mode {disable | Adst |
Asrc | AsrcBdst | AsrcBdstOrBsrcAdst | AsrcOrAdst | ManyToOneRx |
ManyToOneRxTx | ManyToOneTx | Xrx | XrxOrXtx | XrxOrYtx | XrxYtx |
XrxYtxOrYrxXtx | Xtx} command.
3. Enter the command from step 2 for up to four instances.
Variable Definitions
Variable
Value
disable
Disable mirroring.
Adst
Asrc
AsrcBdst
AsrcBdstOrBsrcAdst
AsrcOrAdst
June 2014
39
Variable
Value
ManyToOneRx
ManyToOneRxTx
ManyToOneTx
Xrx
XrxOrXtx
XrxYtx
XrxYtxOrYrxXtx
Xtx
Procedure
1. Enter Global Configuration mode
2. Enter the port-mirroring [<1-4>] mode disable or no port-mirroring
[<1-4>] command to disable a specific instance.
3. Enter the no port-mirroring command to disable all instances.
Variable Definitions
40
Variable
Definition
<1-4>
June 2014
Comments? infodev@avaya.com
The WLAN 8100 series device has diagnostic features available with the command line interface
(CLI), WLAN Management System (WMS) and the Enterprise Device Manager (EDM). You can use
these diagnostic tools to help you troubleshoot operational and configuration issues. You can
configure and view files (such as software image files and reports), view and monitor port statistics,
trace a route, run loopback and ping tests, test the switch fabric, and view the address resolution
table.
You can access the Avaya CLI using either a direct console connection to the switch or by using the
Telnet or SSH protocols to connect to the switch remotely.
You can use the WMS in cases where the troubleshooting steps require corroborating information to
ensure diagnosis. The WMS is now stabilized and vastly improved with respect to performance,
reliability of the data displayed and consistency, to create a better user experience. The WMS
provides enhanced:
monitoring capabilities, enhanced user experience with the provision to perform domain-wide
actions, and a consistent look-and feel
troubleshooting or diagnostics
reporting capabilities
Related Links
CLI command modes on page 41
Wireless Management System on page 42
Virtual link aggregation control protocol (VLACP) on page 42
June 2014
41
images, setting passwords, and booting the switch. Privileged EXEC mode is an unrestricted
mode that allows you to view all settings on the switch, and if you are logged in with write
access, it also allows you to access all configuration modes and commands that affect
operation of the switch (such as downloading images and rebooting).
Global configuration mode: The Global Configuration mode (also referred to as config mode)
enables you to perform general configuration for the switch such as IP address, SNMP
parameters, Telnet access, and VLANs.
Interface configuration mode: The Interface Configuration mode (also referred to as configif mode) enables you to configure parameters for each port or VLAN, such as speed, duplex
mode, and rate-limiting.
Related Links
General diagnostic tools on page 41
42
June 2014
Comments? infodev@avaya.com
Related Links
General diagnostic tools on page 41
June 2014
43
The types of problems that typically occur with networks involve connectivity and performance. It is
usually best to follow the OSI network architecture layers. Confirm that the physical environment,
such as the cables and module connections, is operating without any failures before moving up to
the network and application layers.
Gather information
Before contacting Technical Support, you must gather information that can help the Technical
Support personnel. This includes the following information:
Default configuration of the switch: Use the show running-config command.
System status: Use the command show tech. This command displays technical information
about the system status, as well as information about the hardware, software, and switch
operation. This command displays more information than the similar show sys-info
command.
Information about past events: For more information, review the log files.
The software version that is running on the device. Use the commands show sys-info or
show system verbose to display the software version that is running.
Sample output of the show sys-info command:
WC8180#show sys-info
Operation Mode:
MAC Address:
Reset Count:
Last Reset Type:
Power Status:
Autotopology:
Pluggable Port 13:
Pluggable Port 14:
Pluggable Port 15:
Pluggable Port 16:
Pluggable Port 17:
Pluggable Port 18:
Pluggable Port 19:
Pluggable Port 20:
Pluggable Port 21:
Pluggable Port 22:
Pluggable Port 23:
Pluggable Port 24:
Pluggable Port 25:
Pluggable Port 26:
Base Unit Selection:
44
Switch
00-24-B5-1F-A8-00
157
Software Download
Primary Power
Enabled
SX
SX
None
None
None
None
None
None
None
None
None
None
None
None
Base unit using rear-panel switch
June 2014
Comments? infodev@avaya.com
Gather information
sysDescr:
Serial #:
Operational license:
Installed license:
sysObjectID:
sysUpTime:
sysNtpTime:
sysRtcTime:
sysServices:
sysContact:
sysName:
sysLocation:
Stack sysAssetId:
Unit sysAssetId:
OL-AMDC#
Switch
00-24-B5-1F-A8-00
157
Software Download
Enabled
1.3.6.1.4.1.45.3.77.1
1 day, 02:01:20
SNTP not synchronized.
Tuesday 2013/07/30 14:48:00
6
OL-AMDC
Base software
Base software
WC8180
(13) SX
(14) SX
(15) None
(16) None
(17) None
(18) None
(19) None
(20) None
(21) None
(22) None
(23) None
(24) None
(25) None
(26) None
00
1.0.2.0
v3.0.0.058
LBNNTMJPWB0025
20100329
Primary Power
Normal
Normal
Normal
Normal
June 2014
45
Initial Troubleshooting
Network topology diagram: Get an accurate and detailed topology diagram of your network
that shows the nodes and connections. Your planning and engineering function should have
this diagram.
Information about recent system changes: Find out about recent changes or upgrades to
your system, your network, or custom applications (for example, has the configuration
changed ?). Get the date and time of the changes, and the names of the persons who made
them. Get a list of events that occurred prior to the trouble, such as an upgrade, a LAN change,
increased traffic, or installation of new hardware.
Connectivity information: When connectivity problems occur, get information on at least five
working source and destination IP pairs and five IP pairs with connectivity issues. To do this,
use these commands:
- show running-config
- show port-statistics <port>
46
June 2014
This chapter describes procedures to help you troubleshoot Wireless LAN (WLAN) operations and
issues regarding the WLAN management system.
Related Links
Troubleshooting Wireless LAN Management System issues on page 47
Troubleshooting Layer 2 and Layer 3 issues on page 49
Troubleshooting a failed configuration restore (from an ascii file) on a domain controller on
page 50
Troubleshooting AP related issues on page 50
Troubleshooting client-related issues on page 55
Troubleshooting wireless clients using Remote Packet Capture on page 67
Troubleshooting the E911 feature on page 71
What to check
If one of the two WMS browser issue arises, check whether the browser cache memory utilization is
disproportionately large when compared to the available disk memory. This disproportion can slow
June 2014
47
Troubleshooting WLAN
browser operation or cause the browser to stop processing requests. To check this setting in
Internet Explorer and Firefox, follow the appropriate steps provided.
For Internet Explorer
1. In Internet Explorer, from the Tools menu go to Internet Options, General.
2. In the Browsing History area of the General tab click Settings.
3. In the Temporary Internet Files and History Settings dialog, in the Check disk space to use
field verify that the amount of memory provided is available in the hard drive. It is
recommended that you use a value that is within the range suggested by the OS.
4. In the Temporary Internet Files and History Settings dialog, in the Days to keep pages in
history field, it is recommended that you keep a history of a couple of weeks of data. The
recommended value for this field is 14 days.
For Firefox
1. From the Firefox menu, go to Options, Privacy.
2. In the Privacy tab, in the History area choose Remember History from the drop-down list.
For issues with WMS Monitoring Screens or Dashboard timestamps
1. Check reachability [using PING/TRACEROUTE] from the WMS server to the Target devices
(WC/WCP/WSP).
2. Check the routing table on the WMS server for multiple default routes.
3. Check if HTTP port number on the WC/WCP has been changed.
4. Check if HTTPS is configured on the WC/WCP along with a static DNS address configured
on any one of the interfaces of WMS server.
Recommended action
Complete the procedure for your browser to clear the browser cache and resolve the WMS browser
issue.
For Internet Explorer
1. From the Tools menu go to Internet Options, General.
2. In the Browsing history area click Delete.
3. In the Delete Browsing History dialog, select the following options:
a. Temporary Internet Files
b. Cookies
c. History
4. Click Delete.
For Firefox
1. From the Firefox menu, go to Options, Privacy.
2. Click the Clear your recent history link.
48
June 2014
Note:
If the History memory is set to Remember nothing in the drop-down list, no action is
required.
3. In the Clear All History dialog, in the Time range to clear drop-down list, select Everything.
4. Click the Details button and select the following options to clear:
a. Browsing & Download History
b. Cookies
c. Cache
For issues with WMS Monitoring Screens or Dashboard timestamps
1. If reachability is broken, make the WMS server reachable to WC/WCP/WSP devices.
2. If multiple default routes are present, make sure it has only one default address.
3. If HTTP port number on the WC/WCP has changed, add or edit the device credentials of the
WC/WCP in WMS on the Administration, Device Credentials page. This ensures that the
HTTP port configured on the WMS is the same as that of the WC/WCP.
4. If you have a static DNS address configured, either change the static DNS to a dynamic
DNS IP address or change the HTTPS mode to HTTP on WC/WCP.
Related Links
Troubleshooting WLAN on page 47
Procedure
1. Log into the controller.
2. Press CTRL + Y on the keyboard to enter the console menu.
3. Select IP Configuration/Setup from the console menu to check the controller IP
configuration.
4. Press CTRL + R to return to the console menu.
5. Select SNMP Configuration from the console menu to check the controller SNMP
configuration.
6. Press CTRL + R to return to the console menu.
7. Select Switch Configuration from the console menu.
8. Use the options in this menu to track the various aspects of switch configuration.
9. Press CTRL + R to return to the console menu.
June 2014
49
Troubleshooting WLAN
Procedure
1. Log into the controller.
2. Press CTRL + Y on the keyboard to enter the console menu.
50
June 2014
Comments? infodev@avaya.com
WCP
Enabled
30.1.1.51
61000
58:16:26:FD:F9:00
6. Use the command show wireless domain ap database to view information about
access points configured for the wireless domain.
Sample output (Unified Access):
WCP8180#show wireless domain ap database
Total number of entries in AP database = 4
---------------------------------------------------------------Profile/ Radio 1 Radio 2 Preferred
Preferred
AP MAC
Country Channel Channel WCP
WSP
----------------- ------- ------- ------- ------------ -------00:10:20:20:30:10 10/US
Auto
Auto
30.1.1.51
1.1.1.1
00:10:20:20:30:50 10/US
60
1
30.1.1.51
0.0.0.0
00:10:20:20:30:90 10/US
Auto
Auto
30.1.1.51
0.0.0.0
----------------------------------------------------------------
7. Use the command show wireless domain ap discovered to view access points that
have been discovered. Access points listed here must eventually be added to the Domain
AP database to be managed by the controller of the domain.
Sample output:
WC8180#show wireless domain ap discovered
Total number of discovered APs = 2
---------------------------------------------------------------------AP MAC
AP IP
AP Model Country Reason
----------------- ------------ ------- ------ -------------------00:1B:4F:69:F5:20 172.16.3.35 AP8120
TW
Not present in AP DB
2C:F4:C5:98:75:C0 172.16.3.36 AP8120
DE
Not present in AP DB
----------------------------------------------------------------------
Observe the Reason column to understand why the AP is in the discovered state. The
following are valid reason codes:
Not present in AP DB
June 2014
51
Troubleshooting WLAN
8. Use the following commands to diagnose why an AP that is in the network is not discovered
by the AMDC.
a. On the AMDC check the TCP/UDP base port using the command show wireless.
The default port is 61000.
Sample output (Overlay):
WC8180#show wireless
Operation Mode
:
Status
:
Interface IP
:
TCP/UDP base port :
Base MAC Address :
Tunnel Path MTU
:
WC
Enabled
192.171.0.56
61000
00:24:B5:1F:A8:00
1424
WCP
Enabled
192.171.0.57
61000
58:16:26:FD:F9:00
52
June 2014
Comments? infodev@avaya.com
June 2014
53
Troubleshooting WLAN
Reset status
: Not Started
Code Download Status
: Not Started
Image Upgrade Needed
: No
Ap Techdump Status
: Not Started
--------------------------------------------------------
11. Use the command show wireless controller status to determine the current status
of the wireless controller. This command also indicates if the controller is the Active or
Backup Mobility Domain Controller (MDC).
Sample output:
WCP8180#show wireless controller status
MDC-Capable
Domain Role
MDC IP Address
Max. # Managed APs
Max. # Managed WSPs
Total APs
Total Managed APs
Total Managed Switches
Total Discovered APs
Total Connection Failed APs
Total Clients
Total Authenticated Clients
WLAN Utilization
Total # of TSPEC Voice Streams
Total # of TSPEC Video Streams
Total # of TSPEC Stream Clients
Total # of TSPEC Stream Roaming Clients
Stored Primary AP Image Version
Stored Secondary AP Image Version
# of APs Required Image Upgrade
All AP Image Update Status
Status of All AP Reset
Controller Base Mac Address
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
Enabled
Active MDC
192.171.0.57
512
16
1
1
1
0
0
0
0
19 %
0
0
0
0
2.0.0.078
2.0.0.028
1
None
None
58:16:26:FD:F9:00
12. Use the command show wireless ap radio tspec-status to display Available
Admission Capacity on a per User Priority or per Access Category basis
information in Beacon and Probe Response messages.
Sample output:
wc1#show wireless ap radio tspec-status
AP MAC Address:: 00:1B:4F:69:F0:80 Radio Interface::1 Traffic Type::Voice
Operation Status
:Disabled
Active Traffic Streams
:0
Traffic Stream Clients:
:0
Traffic Stream Roaming Clients
:0
Medium Time Admitted
:0
Medium Time Unallocated
:0
Medium Time Roaming Unallocated
:0
AP MAC Address::00:1B:4F:69:F0:80 Radio Interface::1 Traffic Type::Video
Operation Status
:Disabled
Active Traffic Streams
:0
Traffic Stream Clients:
:0
Traffic Stream Roaming Clients
:0
Medium Time Admitted
:0
Medium Time Unallocated
:0
Medium Time Roaming Unallocated
:0
54
June 2014
Comments? infodev@avaya.com
13. Use the command show wireless switch peer-device to view the status of the
access tunnel between the AP and the controller.
Sample output:
WC8180#show wireless switch peer-device
--------------------------------------------------------------------------Device
Peer MAC
Peer Address
Peer Port
Status
TunnelID
------------------------------ --------------------WC81xx
CC:F9:54:EB:0D:00
192.171.0.60
61012
Up
00006
AP81XX
00:1B:4F:6C:1B:A0
172.16.7.11
61012
Up
00002
AP81XX
58:16:26:AC:63:60
172.16.7.12
61012
Up
00001
AP81XX
70:38:EE:89:C7:E0
172.16.7.14
61012
Up
00003
---------------------------------------------------------------------------
14. Use the command show wireless client tspec-status to display the current
TSPEC inactivity level.
15. Use the following command to view any unmanaged APs in the domain:
WC8180#show wireless domain ap unmanaged
----------------------------------------------------AP MAC Address
AP IP Address
Status
----------------- --------------- ----------------00:1B:4F:6C:1B:00 0.0.0.0
Unmanaged
00:1B:4F:6C:1B:01 0.0.0.0
Unmanaged
00:1B:4F:6C:1B:02 0.0.0.0
Unmanaged
00:1B:4F:6C:1B:03 0.0.0.0
Unmanaged
00:1B:4F:6C:1B:04 0.0.0.0
Unmanaged
Procedure
1. Log onto the controller.
2. Press CTRL + Y on the keyboard to enter the console menu.
3. Select Command Line Interface from the menu.
4. Type the enable command to enter Privileged mode.
5. Use the command show wireless ap status to view the overall status of registered
access points.
June 2014
55
Troubleshooting WLAN
56
June 2014
7. Use the command show wireless ap-profile network to view information about the
correlation between network and AP profiles.
Note:
The AMDC does not show the ap-profile status as associated if the AP assigned to
that ap-profile is managed by a peer controller. Check the associated status from the
peer.
Sample output:
WCP8180#show wireless ap-profile network
-------------------------------------------------------------------AP Profile Id Radio Id VAP Id Network Profile Id Radio Operation
------------- -------- ------ ------------------ --------------1
1
1
1
On
1
2
1
1
On
June 2014
57
Troubleshooting WLAN
To view detailed information on a configured network profile, use the command show
wireless network-profile <profile_number> detail.
Sample output:
WC8180#sh wireless network-profile 2 detail
Network Profile ID: 2
Name
: network_profile2
SSID
: rpc2
Hide SSID
: No
Mobility Vlan Name
: mob-client
Probe Request
: Enabled
Captive Portal Mode
: Disabled
User Validation
: open
Captive Portal Profile Id
: 0
Local User Group
: Default
RADIUS Authentication Profile Name
:
RADIUS Accounting Profile Name
:
RADIUS Accounting Mode
: Disabled
Security Mode
: open
MAC Validation
: Disabled
Wireless ARP Suppression
: Disabled
Radius offload
: Disabled
9. Use the command show wireless switch vlan-map to view information about the
correlation between wired and wireless VLANs.
Note:
This command is applicable only in Overlay deployments.
Sample output:
WC8180# show wireless switch vlan-map
-------------------------------------------------------------------------Mobility VLAN Name
LVID
State
Role
WCP-V Admin Mapped
----------------------- ------------ -----------MV_EMP
0
Active
None
Yes
No
MV_VOICE
0
Active
None
Yes
No
MV_GUEST
70
Active
Server Yes
Yes
default-MVLAN
0
Active
None
Yes
No
-------------------------------------------------------------------------Total Number of Mobility VLANs = 4
58
June 2014
Comments? infodev@avaya.com
Sample output:
WCP8180#show wireless security mac-db blacklist
Total blacklisted users: 2
MAC Address
User Name
----------------- ----------00:01:02:03:1D:05 User_01
00:01:02:03:1D:45 User_02
WCP8180#show wireless security mac-db whitelist
Total whitelisted users: 2
MAC Address
----------------00:01:02:03:04:06
00:01:02:03:04:07
User Name
----------User_03
User_04
Sample output:
WCP8180#show wireless security radius
Radius server timeout: 2 (sec.)
Radius server retries: 3
Radius known client db ageout: 30 (min.)
---------------------------------------------
June 2014
59
Troubleshooting WLAN
Wireless intrusion detection (WIDS) supports detection of rogue clients and AP(s) in the
wireless network based on a configurable set of detection criterion. Wireless intrusion
prevention (WIPS) takes proactive action to mitigate the threat posed by rogue devices. The
WIDS/WIPS policy specifies the configuration elements for the WIDS/WIPS feature. This
includes the rogue classification criterion, known AP database and rogue AP database.
CLI Reference:
CP8180#show wireless security wids-wips ?
Display WIDS/WIPS information
adhoc-clients
Display Ad Hoc network information
ageout
Display WIDS ageout time configuration
ap-deauth-attacks
Display AP de-authentication attack status
detected-clients
Display detected clients information
global-status
Display WIDS/WIPS global status
known-ap
Display WIDS known AP information
mitigation
Display WIPS mitigation configuration
rf-scan
Display WS managed AP RF Scan data
rogue-ap-classification
Display AP rogue classification
rogue-ap-controls
Display WIDS AP configuration.
rogue-client-classification Display client rogue classification
rogue-client-controls
Display WIDS client configuration
triangulation-table
Display signal triangulation status
Sample outputs:
WCP8180#show wireless security wids-wips detected-clients
Domain Role
Total Rogue Clients
Total Detected Clients
Detected
Client MAC
----------------00:00:1A:2D:F3:99
00:00:4D:C1:91:FE
00:00:4D:C1:92:00
:Active MDC
:0
:3
Client
Status
------------detected
detected
detected
Det
--Y
Y
Y
Mit
--N
N
N
RSSI
(%)
---6
8
7
Ch
--157
157
157
Last
Update
-----------0d:01:08:53
0d:01:03:53
0d:01:04:23
Sig
----89
-87
-88
300
Rogue
---------------------------------------Client is not in known DB
Authenication request exceeded
Probe request exceeded
DeAuthenication request exceeded
Authenication failure exceeded
Client is authenicated with unknown AP
State
---------Disabled
Enabled
Enabled
Enabled
Enabled
Disabled
Threshold Threshold
Interval
Value
---------- ---------60
60
60
10
120
10
5
11. Use the command show wireless client info to display information about the current
status of wireless clients.
Sample output:
wc1#show wireless client info
Total number of client(s): 1
-------------------------------------------------------------------
60
June 2014
Comments? infodev@avaya.com
Client
AP IP
Controller Chnl SSID
Client
IP Address
Address
IP Address
Status
----------------- --------------- --------------- ----- -----------client: 00:41:DD:02:00:00
11.0.0.88
172.16.3.32 173.16.3.3 11
AP8120-E Authenticated
--------------------------------------------------------------------
12. Use the command show wireless radio tspec <radio_number> to display information
about overall system usage, the number of associated stations, the measured channel
utilization percentage, and the total available admission capacity in units of mediumTime.
Sample Output:
WCP8180#show wireless radio tspec 1
-----------------------------------------------------------------------Radio
ACM Mode
ACM Limit
Roam
Profile
TSPEC
----------------- ----------------- Shared Reserve
ID
Mode
voice
video
voice
video
Limit
Limit
------- -------- -------- -------- -------- -------- ------ ------1
Disabled Disabled Disabled
20
15
0
5
------------------------------------------------------------------------
Related Links
Troubleshooting WLAN on page 47
Troubleshooting client connectivity issues due to failed authentication on page 61
Troubleshooting client connectivity issues due to failed MAC validation on page 64
Troubleshooting DHCP-related client connectivity issues on page 65
Troubleshooting client traffic issues on page 66
Procedure
1. Ensure that client configuration for WPA2PEAP-AES is correct.
Perform the following steps.
These steps are based on the Windows 7 operating system.
a. On the Windows Control Panel, click Network and Sharing Center.
b. On the left hand side panel, click Manage wireless networks.
The system displays the wireless networks that are currently in use.
June 2014
61
Troubleshooting WLAN
Note:
If no wireless networks are displayed, you must first add a wireless network.
On the Manage wireless networks window, click Add to create a new network.
c. Double-click the icon for the wireless network that the client is connected to.
The system displays the <Network-Name>Wireless Network Properties dialog box.
d. Click the Security tab.
Ensure that WPA2Enterprise is selected in the Security type field.
Ensure that AES is selected in the Encryption type field.
Ensure that the network authentication method chosen is Protected EAP (PEAP).
62
June 2014
Comments? infodev@avaya.com
2. Ensure that the wireless client is not blacklisted with the WLAN controller.
Use the following CLI command:
WC8180#show wireless security mac-db blacklist <mac addr>
Sample output:
The following sample output indicates a wireless client with MAC address
00:00:0E:F1:2B:FB that is blacklisted with the WLAN controller.
WC8180#show wireless security mac-db blacklist 00:00:0E:F1:2B:FB
MAC Address
User Name
----------------- ---------------00:00:0E:F1:2B:FB
WC8180#
3. Ensure that the authentication credentials (user-name and password) obtained from the
wireless client for PEAP Authentication, is correct.
June 2014
63
Troubleshooting WLAN
4. Execute the following command to verify the reason for failure in the Authentication Failure
trap.
WC8180#show logging wireless-controller volatile
5. Check the logs on the RADIUS server to troubleshoot the authentication failure.
Note:
The path to the location of the logs can vary depending on your RADIUS server.
Related Links
Troubleshooting client-related issues on page 55
Procedure
1. Ensure that blacklist MAC filtering is not enabled on your network.
Use the following command:
WC8180#show wireless security mac-filter-blacklist
mac-filter-blacklist: Disable
WC8180#
2. Verify that the wireless client is not listed in the blacklist database.
Note:
This step is optional. Perform this step only if blacklist MAC filtering is enabled on your
network.
Use the following command:
WCP8180#show wireless security mac-db blacklist
3. If the configured MAC validation mode is RADIUS, ensure that the client MAC address (to be
validated in the RADIUS server) is configured on the RADIUS server.
Note:
If the client MAC address of a client is not added to the RADIUS server, the client is
blacklisted for a configured time period. Use the command show logging wirelesscontroller volatile to verify how long a wireless client must wait before it can
attempt to connect another time.
4. If the MAC validation mode is configured as local-whitelist, ensure that the MAC
address of the client is added to the local whitelist database.
64
June 2014
Comments? infodev@avaya.com
If the client is not already whitelisted, perform the following steps to add a client to the local
whitelist database:
a. Enter the wireless security configuration mode of the ACLI:
WC8180#conf t
Enter configuration commands, one per line. End with CNTL/Z.
WC8180(config)#wireless
WC8180(config-wireless)#security
WC8180(config-security)#
Related Links
Troubleshooting client-related issues on page 55
Procedure
1. Ensure the mobility VLAN associated to SSID of your wireless network is mapped to the
local VLAN.
Use the following CLI command:
WC8180#show wireless switch vlan-map <mobility-vlan-name>
Sample output:
In the following example, the mobility VLAN mob-vlan1 is mapped to a local VLAN with
VLAN ID 70.
WC8180#show wireless switch vlan-map mob-vlan1
--------------------------------------------------------------Mobility VLAN Name
LVID
State
Role
WCP-V Admin Mapped
----------------------- ------------ -----------mob-vlan1
70
Active
Server Yes
Yes
--------------------------------------------------------------WC8180#
2. If the switch VLAN map for a mobility VLAN is not configured, ensure that there is a VLAN
server available for the mobility VLAN in the domain. Verify using the following command:
WC8180#show wireless switch vlan-servers
--------------------------------------------------Mobility VLAN Name Current Server MAC Priority
------------------ ------------------ -------RADIUS
CC:F9:54:E0:A5:00
7
---------------------------------------------------Total Number of Entries = 1
WC8180#
June 2014
65
Troubleshooting WLAN
3. If the client is a RADIUS authenticated client and the mobility VLAN is pushed as an attribute
from RADIUS server, ensure that the mobility VLAN that is pushed has a local VLAN
mapping on the controller.
In Overlay deployments, execute the following CLI command on the controller. In Unified
Access deployments, execute the command on the wireless switching point (WSP).
WC8180#show wireless switch vlan-map <mobility-vlan-name>
4. Ensure that the DHCP server is able to receive the discover packets from clients and is able
to assign an IP address from a defined scope.
Related Links
Troubleshooting client-related issues on page 55
Procedure
1. Ensure that network connectivity between the source and destination is good.
For example, you can execute the ping or traceroute commands on the source and
destination to check for connectivity.
2. Ensure that client-QoS is not enabled on the network that the clients are connected to.
Use the following command:
WC8180#show wireless network-profile client-qos
------------------------------------------------------Network
Client
Diffserv Policy Name
Profile
OoS
----------------------------------Id
Mode
Down
Up
-------- -------- ------------------ --------------1
Disabled
2
Disabled
------------------------------------------------------WC8180#
3. If client-QoS is enabled, check whether the DiffServ policy is applied on to clients either
using the network-profile configuration or using RADIUS attributes.
In the following example, the client with MAC address 00:00:34:33:e0:ab is not
associated with a DiffServ policy.
WC8180#show wireless client qos status 00:00:34:33:e0:ab
Client Mac Address: 00:00:34:33:e0:ab
QoS Operational Status: Disabled
Client to AP(Ingress) AP to Client(Egress)
--------------------- -------------------QoS Bandwidth limit(bps):
0
0
Diffserv Policy Name:
None
None
66
June 2014
Comments? infodev@avaya.com
4. If a DiffServ policy is applied to a client, ensure that the policy is not configured to filter traffic
sent from the wireless client.
Use the following command:
WC8180#show wireless diffserv classifierblock <classifier-block-name> detail
Classifier block sample-classifier-block
-----------------------Element ID: 1
Protocol: 1
WC8180#
5. Ensure that the same Tunnel path MTU is configured across all controllers in the domain,
and the packet size of the data transmitted by the client is within this limit.
Use the following command to verify the Path MTU on a controller:
WC8180#show wireless
Operation Mode
:
Status
:
Interface IP
:
TCP/UDP base port :
Base MAC Address :
Tunnel Path MTU
:
WC8180#
WC
Enabled
192.168.36.4
61000
CC:F9:54:E0:BE:00
1900
Related Links
Troubleshooting client-related issues on page 55
June 2014
67
Troubleshooting WLAN
Procedure
1. Configure a capture profile.
Capture profiles are used for remote packet capture. Remote packet capture enables live
debugging to troubleshoot client related issues. It can also be used to monitor traffic in a
wireless network. After you configure a capture profile, you must apply these profiles to
specific access points (AP) within the mobility domain to start a packet capture. You can
configure up to 4 capture profiles.
In the following example, you configure a capture profile named sample-capture with
profile Id 2.
68
June 2014
Comments? infodev@avaya.com
Note:
A default capture profile with profile Id 1 is automatically created. You can choose to use
this profile or configure a suitable one using the following steps.
WCP8180 (config-wireless)#capture-profile 2
Entering capture-profile (id = 2) ...
WCP8180(config-capture-profile)#profile-name sample-capture
Verify configuration of the capture profile, using one of the following commands. In the
following example, 172.16.9.10 is the IP address of the Observer host PC and the
observer port is 37008.
WCP8180# show wireless capture-profile 2
----------------------------------------------------------Id Profile Name
Observer IP
Observer Port
--- ------------------------- --------------- ------------2 sample-capture
172.16.9.10
37008
-----------------------------------------------------------
Or
WCP8180# show wireless capture-profile 2 detail
Capture Profile ID: 2
Name
: sample-capture
Observer IP Address
: 172.16.9.10
Observer UDP Port
: 37008
Filter Promiscous mode
: Disabled
Filter Interfaces
: All Radios
Filter Flow direction
: Transmit and Receive
Filter SSID
:
Filter Client MAC
: 00:00:00:00:00:00
Filter 802.11
: data
Filter Duration
: 300
Filter SNAP Length
: 128
Important:
The default value of the snap length is 128 in the configured capture profile. This value
can be modified between 32 and 1024. In Wireshark, when the packet length exceeds
the configured snap length in the capture profile, the captured packets showed as
Malformed.
To verify configuration of all capture profiles, use the following command:
WCP8180# WCP8180 (config-wireless)#show wireless capture-profile detail
June 2014
69
Troubleshooting WLAN
3. Optionally configure filters for the capture profile sample-capture to customize your
packet capture. You can set one of the following packet capture filters:
client-mac: to filter capture by client MAC address
include-beacons: to Include 802.11 beacons in capture data
include-control: to include 802.11 control frames in capture data
include-data: to include 802.11 data in capture data
include-mgmt: to include 802.11 mgmt frames other than probes/beacons in the capture
data
include-probes: to include 802.11 probes in capture data
ssid: to filter capture by ssid
For example, if you want to troubleshoot a wireless client (with MAC address
00:13:46:EA:CC:12), configure the filter client-mac in the capture profile samplecapture as follows:
WCP8180 (config-wireless)#capture-profile 2
Entering capture-profile (id = 2) ...
WCP8180(config-capture-profile)#filters client-mac 00:13:46:EA:CC:12
4. Optionally, to monitor network activity, you can enable the promiscuous mode in the capture
profile sample-capture as follows.
The Promiscuous mode is a mode of operation in which every data packet transmitted can
be received and read by a network adapter thus allowing your computer to read frames
70
June 2014
Comments? infodev@avaya.com
intended for other machines or network devices. The promiscuous mode must be supported
by each network adapter as well as by the input/output driver in the host operating system.
To enable promiscuous mode, use the following command:
WCP8180 (config-wireless)#capture-profile 2
Entering capture-profile (id = 2) ...
WCP8180(config-capture-profile)#promisc-mode enable
Related Links
Troubleshooting WLAN on page 47
Procedure
1. On the Windows server where you install the Sentry 8100 Scout applications, navigate to the
8100Scout.exe.config file.
Important:
If you followed the default install options when you installed the Sentry 8100 Scout
application, you can find the configuration file in the following location:
C:\Program Files (x86)\Conveyant Systems\Sentry 8100 Scout\8100Scout.exe.config
2. In the logging section of the config file, change the level value from INFO to DEBUG. An
example of this portion of the configuration file is shown in the following code sample.
<log4net></log4net>
<!--Only one root logger element may only be defined and it must be a child of
<log4net>
element. The root logger is the root of the logger hierarchy. All loggers
June 2014
71
Troubleshooting WLAN
ultimatly
inherit from this logger.-->
<root>
<!--Root Element has no attributes-->
<level value="DEBUG" />
<!--Optional element, maximum of one allowed. Defines the logging
level for this logger.
This logger will only accept event that are at this level of
above.-->
<appender-ref ref="LogFileAppender"/>
<!--<appender-ref ref="LogFileAppender" />
<!--Zero or more elements allowed. Allows the logger to refere nce
appenders by name.-->
</root>
<!--Appenders may only be defined as child elements f the <log4net>
element. Each appender
must be uniquely named.
The implementing type for the appender must be specified.-->
<!--name = Required attribute. Value must be a strong name for this
appender.
The name must be unique must be unique among all the appenders defined
in this configuration file. This
name is used by the <appender-ref>
element of a Logger to reference an appender.->
<!--type = Required attribute. Value must be the type name for this
appender.
If the appender is not defined in the log4net assembly this type name
must be fully
assembly qualified.-->
<appender name="LogFileAppender"
type="log4net.Appender.RollingFileAppender">
<!--RolingFileAppender extends FileAppender to backup the log files
when they reach a
certain size.-->
<param name="File" value="8100Scout.log" />
<param name="AppendToFile" value="true" />
<rollingstyle value="Size" />
<maxSizeRollBackups value="10" />
<maximumFileSize value="1MB" />
<staticLogFileName value="true" />
<!-- layout = Optional element, maximum of one allowed. Defines the
layout used by this
appender.-->
<layout type="log4net.Layout.PatternLayout">
<param name="ConversionPattern" value="%-5p %d{yyyy-MM-dd HH:mm:ss} %m%n />
<!--%p - will show the level of message
%d - will show the date
%l - will show the class, method and line number where
error occurred and
%m - will show message to display
Layouts-and-Patterns.aspx
-->
</layout>
<appender>
<!-- <appender name="ConsoleAppender" type="log4net.Appender.ConsoleAppender">
<layout type="log4net.Layout.PatternLayout">
<conversionPattern value="%-5p %d{yyyy-MM-dd hh:mm:ss} - %m%n />
</layout>
</appender> -->
</log4net>
72
June 2014
Comments? infodev@avaya.com
Related Links
Troubleshooting WLAN on page 47
June 2014
73
Procedure
Enable MDC-capability on the controller using the new mobility domain secret.
Note:
When prompted, enter the new mobility domain password (secret).
WCP8180(config-wireless)#controller mdc-capable
% Domain secret should be between 10-15 characters long.
% Domain secret must contain a minimum of 2 upper, 2 lowercase letters
% 2 numbers and 2 special characters like !@#$%^&*()
Enter domain Secret: *****
Verify Domain secret: *****
74
June 2014
Comments? infodev@avaya.com