Cisco Systems OL-8376-01 manual Cd11IfStationRole from

Page 96

Chapter 2 Fault Descriptions

IDS (Intrusion Detection System) Faults

Table 2-3

IDS Faults (continued)

 

 

 

 

 

 

Fault Description

Explanation

Related Setting

Recommended Action

 

 

 

 

Radio Role must be

This fault is raised when a radio is

Radio Mgr > Frame

Review your network to determine

“roleScanner” to support

initially configured for Frame

Monitoring

the action necessary to clear the fault

Frame Monitoring (was

Monitoring (where x is the integer

 

condition.

x).

 

value of the SNMP OID

 

Although this situation might simply

 

 

cd11IfStationRole from the

 

 

 

 

be that an administrator no longer

 

 

CISCO-DOT11-IF-MIB), but

 

 

 

 

needs to monitor or scan a portion of

 

 

then someone configures the

 

 

 

 

their site any longer, it could also be

 

 

radio out of scanning-only mode.

 

 

 

 

an intruder who has somehow gained

 

 

As a side effect, this also disables

 

 

 

 

console access to a Scanning AP and

 

 

Frame Monitoring.

 

 

 

 

is attempting to “blind” IDS services

 

 

 

 

 

 

When this fault is cleared, the

 

for a portion of a site.

 

 

following message displays:

 

 

 

 

Radio Role is “roleScanner” and

 

 

 

 

supports Frame Monitoring.

 

 

 

 

 

 

TKIP Replay is detected

The fault threshold set has been

IDS >

Verify that the fault threshold is set

 

 

exceeded.

Manage IDS Settings

correctly.

 

 

When this fault is cleared, the

> General IDS

If the threshold is set correctly,

 

 

Settings >

 

 

following message displays:

review your network to determine the

 

 

TkipReplayClient

 

 

There is no TKIP Replay

action necessary to clear the fault

 

 

 

 

 

detected.

 

condition.

 

 

 

 

TKIP LocalMICFailure is

The fault threshold set has been

IDS >

Verify that the fault threshold is set

detected

 

exceeded.

Manage IDS Settings

correctly.

 

 

When this fault is cleared, the

> General IDS

If the threshold is set correctly,

 

 

Settings >

 

 

following message displays:

review your network to determine the

 

 

TkipLocalMicFailure

 

 

There is no TKIP

action necessary to clear the fault

 

 

LocalMICFailure detected.

Client

condition.

 

 

 

 

 

 

 

Unexpected MIC while

This fault is raised against the AP

Not applicable.

See Bad MIC while MFP enabled,

MFP Disabled

 

that is observed generating the

 

page 2-16).

 

 

violation.

 

 

 

 

 

 

 

FAQ and Troubleshooting Guide for the CiscoWorks Wireless LAN Solution Engine

2-22

OL-8376-01

 

 

Image 96
Contents Corporate Headquarters Customer Order Number OL-8376-01Copyright 2006 Cisco Systems, Inc. All rights reserved N T E N T S Fault Descriptions Audience ConventionsConvention Italic fontProduct Documentation Available FormatsObtaining Documentation 105/wlse/213/index.htmCisco.com Product Documentation DVDOrdering Documentation Reporting Security Problems in Cisco Products Documentation FeedbackCisco Product Security Overview Obtaining Technical Assistance Cisco Technical Support & Documentation WebsiteSubmitting a Service Request Definitions of Service Request SeverityObtaining Additional Publications and Information Xii General FAQs and Troubleshooting General FAQsFAQs and Troubleshooting General FAQs and Troubleshooting MIB Name Description General Troubleshooting If no, see Symptom Cannot log in as a system administrator., Possible Cause Restart the system services by entering the following Symptom The system time or date is incorrect # ip name-server ip-address Deployment Wizard Troubleshooting Faults FAQs and Troubleshooting Faults FAQsFAQs and Troubleshooting Faults FAQs and Troubleshooting Faults Troubleshooting Recommended Action Not applicable Devices FAQs and Troubleshooting Devices FAQsFAQs and Troubleshooting Devices FAQs and Troubleshooting Devices Troubleshooting Discovery/Device Management TroubleshootingMessage Possible Cause Recommended Action Discovered but could not be FAQs and Troubleshooting Devices FAQs and Troubleshooting Configuration FAQs and Troubleshooting Configuration FAQsOL-8376-01 Page OL-8376-01 Configuration Troubleshooting Auto-Managed Configuration Assign Templates Firmware FAQs and Troubleshooting Firmware FAQsFirmware Troubleshooting Recommended Action FAQs and Troubleshooting Firmware FAQs and Troubleshooting Reports FAQs and Troubleshooting Reports FAQsTelnet Credential Fields Required Reports Troubleshooting Recommended Action None Click jobvm.log Radio Manager FAQs and Troubleshooting Radio Manager FAQsConfiguration Radio MonitoringAuto Re-Site Survey MiscellaneousWDS AP? When Wlse is used for initial setup OL-8376-01 Auto Re-Site Survey Radio Manager Troubleshooting Select Devices Discover Managed/UnmanagedSites FAQs and Troubleshooting Sites FAQsLocation Manager Assisted Site survey WizardAP Radio Scan Radio Parameter GenerationAssisted Site Survey Wizard FAQs and Troubleshooting Sites FAQs and Troubleshooting AP Radio Scan Sites Troubleshooting FAQs and Troubleshooting Sites FAQs and Troubleshooting FAQs and Troubleshooting Sites FAQs and Troubleshooting Intrusion Detection System FAQs and Troubleshooting Intrusion Detection System FAQsAPs in Scanning-Only Mode Detecting Rogue APsDetecting Rogue APs Page OL-8376-01 Intrusion Detection System Troubleshooting Admin FAQs and Troubleshooting Admin FAQsFAQs and Troubleshooting Admin FAQs and Troubleshooting Redundancy State Description Admin Troubleshooting Recommended Action FAQs and Troubleshooting Admin FAQs and Troubleshooting Select Faults Manage Fault Settings Troubleshooting Tools for the Wlse Appliance Generating Diagnostics for Technical AssistanceInternal AAA Server Wlse Express FAQs Fault Descriptions Access Point /Bridge Faults To ruleUtilization % CiscoWorks Wireless LAN Solution Engine, ReleaseSsid See IDS Intrusion Detection System Faults, Version numberProblem-details Table-name. OID-nameVlan number VlanChannel origChannel NewChannelRadio Interface Faults Broadcast is disabled for Radio-x Radio Interface Faults Reason, Ignored Rate %Fault. See Q.What are the results Verify RM Capability IDS Intrusion Detection System Faults IDS Faults Ccmp IDSFloodcount Framecount,IntervalwindOwsize Channel Frames Enabled That is observed generating Violation SntpNumber of Ccmp Replay Fault threshold set for Number of Tkip Local Fault threshold set for Cd11IfStationRole from Unregistered Clients One or more unregistered clients Voice Faults Wlse FaultsThreshold% LAN Solution Engine, 2.13. or in the online WlseAAA Server Faults EAP-FASTEAP-MD5, Leap EAP-MD5 /LEAP PEAP/RADIUSEAP-FAST5 EAP-MD5Leap EAPPeap Radius Switch Faults Degraded utilization %Utilization % Router Fault Wlsm FaultsOL-8376-01 D E IN-2 IN-3 Http IN-4Detection, frequency NATIN-6 SSH IN-7WDS IN-8Wlsm IN-10