Cisco Systems OL-8376-01 manual Floodcount, Framecount,Intervalwind, Owsize

Page 91

Chapter 2 Fault Descriptions

IDS (Intrusion Detection System) Faults

Table 2-3

IDS Faults (continued)

 

 

 

 

 

 

 

 

 

 

 

Fault Description

Explanation

Related Setting

Recommended Action

 

 

 

 

 

 

Client authentication error

The fault threshold set for the

IDS >

Verify that the fault threshold is set

 

rate is Degraded number

degraded state has been exceeded.

Manage IDS Settings

correctly.

 

per minute

 

When this fault is cleared, the

> IDS-802.11x >

If the threshold is set correctly,

 

 

 

Authentication Error

 

 

 

following message displays:

review your network to determine the

 

 

 

Rate

 

 

 

Client association error rate is

action necessary to clear the fault

 

 

 

 

 

 

 

OK.

 

condition.

 

 

 

 

 

 

 

 

 

Client authentication error

The fault threshold set for the

 

 

 

 

 

 

rate is Overloaded number

overloaded state has been

 

 

 

 

 

 

per minute

 

exceeded.

 

 

 

 

 

 

 

 

When this fault is cleared, the

 

 

 

 

 

 

 

 

following message displays:

 

 

 

 

 

 

 

 

Client association error rate is

 

 

 

 

 

 

 

 

OK.

 

 

 

 

 

 

 

 

 

 

 

 

Client TKIP

 

A wireless client has detected a

IDS >

Occasionally MIC failures can occur

 

RemoteMICFailure is

MIC failure. The MIB value that

Manage IDS Settings

during key rotation. To diagnose the

 

detected

 

is polled is

> General IDS

problem, you should:

 

 

 

cDot11WidsTkipRemoteMicFail

Settings >

Check the IOS version.

 

 

 

ures.

TkipRemoteMicFailu

 

 

 

Enable 802.1x logs on the AP.

 

 

 

When this fault is cleared, the

reClient

 

 

 

 

Perform an SNMP walk of

 

 

 

following message displays:

 

 

 

 

There is no TKIP

 

cDot11WidsProtectFailClientTa

 

 

 

RemoteMICFailure detected.

 

ble to determine which clients

 

 

 

 

 

are reporting the TKIP MIC

 

 

 

 

 

failure. If just one client is

 

 

 

 

 

reporting the failure, it could be

 

 

 

 

 

a client issue

 

 

 

 

 

 

EAPOL FLOOD is

The fault threshold has been

IDS >

Verify that the fault threshold is set

 

detected (Flood count:

exceeded.

Manage IDS Settings

correctly.

 

floodcount)

 

When this fault is cleared, the

> General IDS

If the threshold is set correctly,

 

 

 

Settings > EAPOL

 

 

 

following message displays:

review your network to determine the

 

 

 

Detection

 

 

 

There is no EAPOL Flood

action necessary to clear the fault

 

 

 

 

 

 

 

detected.

 

condition

 

 

 

 

 

 

Excessive Action Frames

The fault thresholds been

IDS > Manage IDS

Verify that the fault threshold is set

 

in Channel: channel

exceeded.

Settings > General

correctly.

 

[Frames:

 

When this fault is cleared, the

IDS Settings >

If the threshold is set correctly,

 

framecount,Interval:wind

Excessive

 

following message displays:

review your network to determine the

 

owsize]

 

Management Frame

 

 

Excessive Action Frames not

action necessary to clear the fault

 

 

 

Detection

 

 

 

present in Channel.

condition.

 

 

 

 

 

 

 

 

 

 

Excessive Action Frames

The fault thresholds been

IDS > Manage IDS

Verify that the fault threshold is set

 

from STA: station

exceeded.

Settings > General

correctly.

 

[Frames:

 

When this fault is cleared, the

IDS Settings >

If the threshold is set correctly,

 

framecount,Interval:wind

Excessive

 

following message displays:

review your network to determine the

 

owsize]

 

Management Frame

 

 

Excessive Action Frames from

action necessary to clear the fault

 

 

 

Detection

 

 

 

STA: station not present

condition.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine

 

 

 

 

 

 

 

OL-8376-01

 

 

 

 

 

2-17

 

 

 

 

 

 

 

 

Page 90 Page 92
Image 91
Page 90 Page 92
Contents Customer Order Number OL-8376-01 Corporate HeadquartersCopyright 2006 Cisco Systems, Inc. All rights reserved N T E N T S Fault Descriptions Italic font AudienceConventions ConventionAvailable Formats Product Documentation105/wlse/213/index.htm Obtaining DocumentationProduct Documentation DVD Cisco.comOrdering Documentation Documentation Feedback Reporting Security Problems in Cisco ProductsCisco Product Security Overview Cisco Technical Support & Documentation Website Obtaining Technical AssistanceDefinitions of Service Request Severity Submitting a Service RequestObtaining Additional Publications and Information Xii General FAQs General FAQs and TroubleshootingFAQs and Troubleshooting General FAQs and Troubleshooting MIB Name Description General Troubleshooting If no, see Symptom Cannot log in as a system administrator., Possible Cause Restart the system services by entering the following Symptom The system time or date is incorrect # ip name-server ip-address Deployment Wizard Troubleshooting Faults FAQs Faults FAQs and TroubleshootingFAQs and Troubleshooting Faults FAQs and Troubleshooting Faults Troubleshooting Recommended Action Not applicable Devices FAQs Devices FAQs and TroubleshootingFAQs and Troubleshooting Devices FAQs and Troubleshooting Discovery/Device Management Troubleshooting Devices TroubleshootingMessage Possible Cause Recommended Action Discovered but could not be FAQs and Troubleshooting Devices FAQs and Troubleshooting Configuration FAQs Configuration FAQs and TroubleshootingOL-8376-01 Page OL-8376-01 Configuration Troubleshooting Auto-Managed Configuration Assign Templates Firmware FAQs Firmware FAQs and TroubleshootingFirmware Troubleshooting Recommended Action FAQs and Troubleshooting Firmware FAQs and Troubleshooting Reports FAQs Reports FAQs and TroubleshootingTelnet Credential Fields Required Reports Troubleshooting Recommended Action None Click jobvm.log Radio Monitoring Radio Manager FAQs and TroubleshootingRadio Manager FAQs ConfigurationMiscellaneous Auto Re-Site SurveyWDS AP? When Wlse is used for initial setup OL-8376-01 Auto Re-Site Survey Select Devices Discover Managed/Unmanaged Radio Manager TroubleshootingAssisted Site survey Wizard Sites FAQs and TroubleshootingSites FAQs Location ManagerRadio Parameter Generation AP Radio ScanAssisted Site Survey Wizard FAQs and Troubleshooting Sites FAQs and Troubleshooting AP Radio Scan Sites Troubleshooting FAQs and Troubleshooting Sites FAQs and Troubleshooting FAQs and Troubleshooting Sites FAQs and Troubleshooting Detecting Rogue APs Intrusion Detection System FAQs and TroubleshootingIntrusion Detection System FAQs APs in Scanning-Only ModeDetecting Rogue APs Page OL-8376-01 Intrusion Detection System Troubleshooting Admin FAQs Admin FAQs and TroubleshootingFAQs and Troubleshooting Admin FAQs and Troubleshooting Redundancy State Description Admin Troubleshooting Recommended Action FAQs and Troubleshooting Admin FAQs and Troubleshooting Select Faults Manage Fault Settings Generating Diagnostics for Technical Assistance Troubleshooting Tools for the Wlse ApplianceInternal AAA Server Wlse Express FAQs Fault Descriptions To rule Access Point /Bridge FaultsUtilization % Engine, Release CiscoWorks Wireless LAN SolutionSsid Version number See IDS Intrusion Detection System Faults,Table-name. OID-name Problem-detailsNewChannel Vlan numberVlan Channel origChannelRadio Interface Faults Broadcast is disabled for Radio-x Radio Interface Faults Rate % Reason, IgnoredFault. See Q.What are the results Verify RM Capability IDS Intrusion Detection System Faults IDS Faults IDS CcmpFramecount,Intervalwind FloodcountOwsize Channel Frames Sntp Enabled That is observed generating ViolationNumber of Ccmp Replay Fault threshold set for Number of Tkip Local Fault threshold set for Cd11IfStationRole from Unregistered Clients One or more unregistered clients Wlse Faults Voice FaultsThreshold% Wlse LAN Solution Engine, 2.13. or in the onlinePEAP/RADIUS AAA Server FaultsEAP-FAST EAP-MD5, Leap EAP-MD5 /LEAPEAP-MD5 EAP-FAST5EAP LeapPeap Radius Degraded utilization % Switch FaultsUtilization % Wlsm Faults Router FaultOL-8376-01 D E IN-2 IN-3 IN-4 HttpNAT Detection, frequencyIN-6 IN-7 SSHIN-8 WDSWlsm IN-10
Top Page Image Contents