Thursday, May 11, 2017

Identifi - Wireless trouble shooting

IP Tools
The Ping and Trace Route tools are available on the Wireless Controller Utilities section.  This allows you to test the connection to a target IP address from the controller.
TCPdump management
The TCPdump management utility allows you to capture exception traffic that is sent to the management plane.  Exception traffic is defined as traffic that is sent to the management plane from the data/control plane for special handing (i.e. DHCP, OSPF and TFTP traffic).  The TCP dump utility allows you to determine if packets are being dropped in the data/control plane.
The captured traffic is stored in a binary tcpdump-format file on local hard-drive. The captured file can be exported to a local machine for packet analysis (Wireshark, etc.).
There are some limitations.  Only one traffic capture is allowed on the system at a single time and the controller does not permit the capture of any data plane traffic.   Lastly, WDS, Mesh and Bridge-at-AP captures are not supported.
Exporting TCPdump
After a capture has completed you have the ability to Export it to a file on your desktop that can be opened by a traffic analyzer.  

 TCPdump Capture: Wireshark Display
After captured file exported to the desktop, it can be displayed by wireshark.
Wireless controller shell commands
[ how to enter shell ]
To enter to the Wireless Controller Shell:
EWCGroup1.extremenetworks.com# shell
Password:
root@EWCGroup1.extremenetworks.com:~#
[ TCPdump on the shell ]
root@EWCGroup1.extremenetworks.com:~# tcpdump -i csi1 port 1812 -vv
[ Checking the log ]
-“Tail –f /var/log/messages” will print event as they occur (Linux)
-Tail –f /var/dhcp/dhcpd.leases
-tail -f /var/log/messages | grep XX:XX:XX:XX:XX:XX (device's mac address)
-cat /var/log/messages | grep XX:XX:XX:XX:XX:XX (device's mac address)
-tail -f /var/log/messages | grep AP-serial-number
-cat /var/log/messages | grep username
root@EWCGroup1.extremenetworks.com:/var/log# tail -f messages | grep zee_employee1
Nov 11 13:43:43 EWCGroup1.extremenetworks.com events: Radius Client Radius Response:  Accepted: UserID:zee_employee1, Client MAC:[E8:FC:AF:86:79:21] 3
root@EWCGroup1.extremenetworks.com:/var/log# tail -f messages | grep Radius
Nov 11 13:49:00 EWCGroup1.extremenetworks.com events: Radius Client Radius Response:  Accepted: UserID:zee_employee1, Client MAC:[E8:FC:AF:86:79:21] 3
Nov 11 13:49:01 EWCGroup1.extremenetworks.com events: Radius Accounting New session is created for client [E8:FC:AF:86:79:21]
(After deleting End-System from NAC):
Nov 11 13:47:12 EWCGroup1.extremenetworks.com events: Radius Accounting Client [E8:FC:AF:86:79:21] on VNS [ZEE_IT] is deregistered with termination code: 106 [Authorization Server Request]
EWCGroup1.extremenetworks.com# show log
Display logs and reports.
Usage: show log <log_name> [[first | last] <number>]
Log Names:
    ospf-neighbor
    ospf-linkstate
    dhcp
    ntp
    ac (critical|major|minor|info|all)
    ap <ap_serial> (critical|major|minor|info|all)
    mu_access.log
    upgradeLog.txt
    auditRecords.log
    upgrade.log
    configChanges.log
    login.log
    station
“show log <log_name> [[first | last] <number>]
EWCGroup1.extremenetworks.com# show log auditRecords.log
11/09/15 15:34:34   admin   VNS Cfg  Common  Changed Static Egress Untagged VLANs for Role 'ZEE_IT'
11/09/15 15:13:47   admin   APs  Radio 2  Channel changed from [13-(2472,2452 MHz)] to [13: (2472)] for AP serial 14385852085E0000, radio 2 802.11g/n
EWCGroup1.extremenetworks.com# show log ac (critical | major | minor | info | all)
EWCGroup1.extremenetworks.com# show ap
serial 12441637905C0000 18thFloor_AP4 AP3705i
serial 14385852085E0000 18thFloor_AP01 AP3825i
EWCGroup1.extremenetworks.com# show log ap 14385852085E0000 all
Msg: 11/11/15 10:14:40, Info, 11/10/15 23:14:40: SSH exit auth (admin): Idle timeout
Msg: 11/11/15 10:11:28, Info, 11/10/15 23:11:27: SSH connection from 10.254.8.123:57017
Msg: 11/11/15 10:05:21, Info, 11/10/15 23:05:20: SSH exit auth (admin): Idle timeout
Msg: 11/11/15 10:02:07, Info, 11/10/15 23:02:06: SSH connection from 10.254.8.123:56934
Msg: 11/11/15 09:58:24, Critical, 11/10/15 22:57:28: AccessPoint Rebooting due to: Received Standy Request from Wireless Controller
EWCGroup1.extremenetworks.com# show log auditRecords.log
11/09/15 15:34:34   admin   VNS Cfg  Common  Changed Static Egress Untagged VLANs for Role 'ZEE_IT'
11/09/15 15:13:47   admin   APs  Radio 2  Channel changed from [13-(2472,2452 MHz)] to [13: (2472)] for AP serial 14385852085E0000, radio 2 802.11g/n
EWCGroup1.extremenetworks.com# show log ac (critical | major | minor | info | all)
EWCGroup1.extremenetworks.com# show ap
serial 12441637905C0000 18thFloor_AP4 AP3705i
serial 14385852085E0000 18thFloor_AP01 AP3825i
EWCGroup1.extremenetworks.com# show log ap 14385852085E0000 all
Msg: 11/11/15 10:14:40, Info, 11/10/15 23:14:40: SSH exit auth (admin): Idle timeout
Msg: 11/11/15 10:11:28, Info, 11/10/15 23:11:27: SSH connection from 10.254.8.123:57017
Msg: 11/11/15 10:05:21, Info, 11/10/15 23:05:20: SSH exit auth (admin): Idle timeout
Msg: 11/11/15 10:02:07, Info, 11/10/15 23:02:06: SSH connection from 10.254.8.123:56934
Msg: 11/11/15 09:58:24, Critical, 11/10/15 22:57:28: AccessPoint Rebooting due to: Received Standy Request from Wireless Controller
EWCGroup1.extremenetworks.com# show log station
Msg: 11/11/15 13:40:18  EventType[State Change] MAC[E8:FC:AF:86:79:21]  BSSID[20:B3:99:F6:1B:40]  Details: VNS[ZEE_IT] Auth[valid]
Msg: 11/11/15 13:40:17  EventType[Area Change]  MAC[E8:FC:AF:86:79:21]  Details: Area[Unknown]
Msg: 11/11/15 13:40:17  EventType[Registration] MAC[E8:FC:AF:86:79:21]  AP[18thFloor_AP01] BSSID[20:B3:99:F6:1B:40]  SSID[ZEE]  Details: Radio[1]
# pwd
/tmp/log
# tail -f ap.log
Nov 11 04:59:03 kernel: ieee80211_node.c:449-gclist_timeout()-n_recovered=0
Nov 11 04:59:31 kernel: chantry_ext_stats_getip 202: error line 121
Nov 11 05:00:35 kernel: chantry_ext_stats_getip 202: error line 121
Nov 11 05:01:39 kernel: chantry_ext_stats_getip 202: error line 121
Nov 11 05:02:40 kernel: chantry_ext_stats_getip 202: error line 121
[ Check the process id and restart process ]
EWC.extremenetworks.com# show system_state process
      PID   Process Name           State % CPU    % Mem
       1807 Location Based Service S        0        0.2
       1781 VN Manager              S        0     0.7
       1635 NSM Server              S        0     0.4
       1247 Config Manager          S        0     1.8
       3314 CLI                     S        0     1.3
       1750 OSPF Server            S        0     0.4
       1670 PortInfo Manager      S        0     0.2
       1607 Remote INS              S        0     0.4
       27710 DHCP                    S        0     0.0
EWC.extremenetworks.com# restart 27710
    DHCP process being restarted.
[ Gathering MU info ]
# cget muInfo wifi0
Total MUs: 1
MU E8:FC:AF:86:79:21, vap ath0
IP 10.32.100.253 (0xa2064fd)
policyName ZEE_IT topology T, topology_id 0
rcUlCIR 0, rcUlCBS 0, rcDlCIR 0, rcDlCBS 0
rcUlDP 0, rcUlDB 0, rcDlDP 0, rcDlDB 0
portClosed 0 li_flags 21 ni_attr_flags 0 AcAssocRx 1
# cget muInfo wifi1
Total MUs: 0

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)