Re: WCS 4.1.83.0 alarm dashboard not flagging security issues - Page 2

jpeterson6 · ‎06-27-2007

Hello,

Not sure if the topic title made much sense but basically what is happening is this:

I just finished getting 4.1.83.0 installed on a fresh server with no backup restorations. My 4404 WLC's (x2) are on version 4.1.171.0.

I have been receiving an influx of WPA MIC errors on both controllers, that were previously showing up on the alarm dashboard of WCS (on an older version), but ever since the upgrade, they are not appearing on the dashboard at all.

I have just added the controllers, some alarms are updating (rogue APs for one), and I have also tried refreshing the config through WCS.

I can't seem to find anything on the 4.1 WCS config guide, so if anyone could point me in the right direction it would be appreciated.

As a note: The controllers have both reported these WPA MIC errors since I added the controllers to WCS, but no info was updated on the alarm dashboard.

Thanks,

Jeff

jpeterson6 · ‎07-05-2007

Good to know that proto 17 is udp - yes we do have an ACL that isn't allowing port 32771 (rather, it's just not explicitly permitted).

I just wanted to know if he was getting the same message that could be related to the client count issue - but after looking closer it seems pretty obvious that it's coming from the fact that I have the controllers pointing the syslog to the WCS, which I hear isn't necessary anyway, so i'll probably just shut that off.

ericgarnel · ‎07-05-2007

Lwapp uses the following ports:

Port: 12222 (UDP) data; 12223 (UDP) control.

Are you running the controllers in L2 or L3 mode?

jpeterson6 · ‎07-05-2007

L3 mode, but LWAPP isn't being blocked. WCS server is on the same subnet as the management interface on both controllers.

ericgarnel · ‎07-05-2007

But what about iptables? are you blocking snmp/snmp-trap via iptables?