6 understanding aruba rf issues
Post on 17-Jul-2015
689 Views
Preview:
TRANSCRIPT
9 - 1
CONFIDENTIAL
© Copyright 2014. Aruba Networks, Inc.
All rights reserved
CONFIDENTIAL
© Copyright 2014. Aruba Networks, Inc. All rights
reserved
Handling RF issues
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Client Can not find AP
•Single Client :– Radio issues
– NIC driver issue
– Wifi disabled
•Multiple Client :– Hidden SSID
– Disabled Probe response
– AP turned into AM mode
– AP offline
– SNR
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Client Cannot associate
– Authentication issues
– Poor SNR
– Client black listed
– Due to DOS
– Min and Max support rate and Basic rate not matching with the Client
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
What to do ?
Is your Client associated ?
• Show user / show user-table
• Show station table
What is happening between AP and
Client ?
• show ap remote debug mgmt-frames ap-name
• show ap remote debug client-mgmt-counters ap-name
• show ap debug client-table ap-name
• show ap association client-mac
Is AP not allowing the client
to connect ?
• logging level debugging user-debug < mac address>
• show log user-debug all
• show log user all
Is client able to get the expected role and VLAN ?
• show user mac
• show auth-tracebuf count
• show log security
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
show ap remote debug client-mgmt-counters ap-name
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
show ap remote debug mgmt-frames ap-name
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
show ap debug client-table ap-name
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
show ap association client-mac
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Knowing Client Authentication details
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Show AP Debug radio-stats AP-Name < > radio < >
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Show AP ARM rf-summary AP-Name < >
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Show Commands for CM issues
• show ap virtual-beacon-report client-mac <client-mac>
• show ap arm client-match restriction-table ap-name <ap-name>
• show ap arm client-match probe-report ap-name <ap-name> phy-type
<80211a/80211g>
• show ap arm client-match summary
• show ap arm client-match history client-mac <client-mac>
• show ap arm client-match unsupported
• show ap arm client-match neighbors ap-name <ap-name>
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
show ap arm client-match summary
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
show ap arm client-match history
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Logs for CM Issues
logging level debugging arm subcat client-mgmt
show log arm all
User-based logging for Client-Match events
logging level debugging arm-user-debug <client-mac>
show log arm-user-debug all
Debug logging for ALL users for Client-Match events
logging level debugging user subcat client-match
show log user all
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Air capture ( Packet capture )
1. Select the AP you want to capture
It will capture complete wireless traffic of a particular radio ( g/a) of a specific AP
2. Select the radio
3. Select packet type, BSSID and Specify the target IP, where Wireshark is running.
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Air capture ( Packet capture ) continue ..
4. In the Wireshark, select the Editpreferences ProtocolsARUBA_ERM and enter port num as 5555 and select the pkt format.
5. Start the capture and enter ARUBA_ERM as the filter
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Pkt capture, WiFi Client
We can capture complete datapath traffic of a specific client
1. Specify the packet capture destination ( IP address/ local interface / local –file )
2. Use the following command to start the capture
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Packet sniffing by MAC book
sudo /usr/libexec/airportd en1 sniff 11
1. Open Terminal Window and use the following command ( Example using channel 11)
2. Press Ctrl+C to stop the capture and copy the file and open it through Wireshark
sudo tcpdump -i en1 -s 0 -B 524288 -w ~/Desktop/DumpFile01.pcap
For TCP dump use the following command ( PCAP file will be copied to the desktop )
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Best practices..
Enable as few SSIDs and BSSIDs as possible -
Enable Drop Broadcast and Multicast on all of your Virtual APs
Set the ARM Min and Max TX power to 12 and 18 respectively
Make sure your 802.11n/AC access points are on gigabit ethernet ports
Only consider enabling load balancing in high density areas
Make sure your wired uplinks are correctly subscribed
Make sure all of your access points and controllers negotiate properly on wired interfaces
top related