BRKNMS 2847 PDF

© 2016 Cisco and/or its affiliates. All rights reserved.
Cisco Public
Wireless Troubleshooting with Cisco
Prime Infrastructure
Ian Procyk - Consulting Systems Engineer
Paul Lysander - Technical Marketing Engineer
BRKNMS-2847
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
• Introduction
• Understanding Prime and its role in troubleshooting
• Troubleshooting Wireless Infrastructure Issues

• Channel utilization
• RRM / coverage gaps / clean Air Interferers
• Capacity planning / reporting
• Troubleshooting Typical Wireless Client Issues

• Slow performance
• Wireless client “drop-outs”
• Authentication issues
• Weak Signals
• Additional tools for your consideration

• Conclusion / Q&A
BRKNMS-2847
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Introduction
Understanding Prime and its role in troubleshooting
BRKNMS-2847 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Introduction
Troubleshooting – the science that is an art…
Working issues over the years with the UBC wireless team
Introduction
Troubleshooting – the science that is an art…
• Nothing replaces experience!
• Your approach should fit the circumstance
• Consider all the tools at your disposal
• Consider a multi prospective approach: client, infrastructure, and environment
Introduction
Understanding Where Prime Fits In The Network
Cisco Identity
Services Engine Cisco Prime
(ISE)
Infrastructure
API
Cisco
Cisco Wireless LAN NMSP over SSL Mobility Services
Controller (WLC) Engine (MSE)
Access
Points
Active Wireless
RFID Tag Client
Introduction
System Jobs – or what used to be called “background tasks”
BRKNMS-2847
Introduction
BRKNMS-2847
Introduction
BRKNMS-2847
Introduction
• Changes were made starting in release 3.1 to

improve data collection processes
• Prior
to 3.1 background task polling was a serial
process subject to thread locks. If something was
misbehaving in your environment, it was possible for
Prime to become delayed or wedged in a
background task. The result depending on the fault,
could be very stale data…
Introduction
Keeping Prime Current – legacy client traps on WLC
• Client
traps are disable by default
on WLCs
• Ata minimum it would be
beneficial to turn on client traps
for association, dissociation and
deauthentication
Introduction
Keeping Prime Current – enhanced client traps on WLC

Providing a increased level of detail and counters for consumption by Prime Infrastructure
(Cisco Controller) >config trapflags client ?
enhanced-802.11-associate
Enable Sending Dot11 Enhanced Association Trap for Clients
enhanced-802.11-deauthenticate
Enable Sending Dot11 Enhanced Deauthentication Trap for Clients
enhanced-802.11-stats Enable
Sending Enhanced Stats Trap for Clients
enhanced-authentication Enable
Sending Enhanced Authentication Success Trap for Clients
*enhanced client traps will have an impact on your WLC control plane
Introduction
Enhanced client traps – enabling in Prime
Introduction
Enhanced client traps – enabling in Prime
When this box is checked, Prime Infrastructure

discovers/updates client and session information
from enhanced traps received from compatible
WLCs. This avoids polling the device. This setting
is the preferred option when the WLC version
supports enhanced client traps.
Commonly Used
Components of Prime
(from a wireless prospective)

Components of Prime
BRKNMS-2847
Components of Prime
BRKNMS-2847
Components of Prime
Tools at your disposal

A configurable dashboard…
• Tune the default dashlets

to your liking
• If you are focused on WLAN,

perhaps consider looking at:
• client count
• associated vs. authenticated
• Syslog summary
Components of Prime
Dashlet Customization
Looking for a problem in a

specific area of your network?
Consider a custom dashlet
Isolate chart to show

only a specific:
Floor
SSID
Components of Prime
Customized Dashlet – Associated vs Authenticated
Components of Prime
Customized Dashlet – Associated vs Authenticated
Components of Prime
Tools at your disposal – Client Monitoring
Components of Prime
Tools at your disposal – Client Monitoring
Useful metrics
added as
columns:
SSID
Traffic
RSSI
SNR
Components of Prime
Tools at your disposal – Report Launch Pad
• Great for looking back in recent history
• What are my busiest APs?
• Channel utilization reports
• Client sessions
• Authenticated vs associated users
• PDF exportable and or CSV…
Components of Prime
Tools at your disposal – Report Launch Pad
Components of Prime
Tools at your disposal – Floor Maps
• AP issues & stats
• Coverage gaps
• Client balance
• Channel / TX Power
• Living form of documentation
• CRITICAL for report generation hierarchy
Components of Prime
Floor Maps - Heatmaps
Looking @ The Infrastructure
HOW HEALTHY IS MY WI-FI?
BRKNMS-2847
Infrastructure Health
Site Health View
BRKNMS-2847
Site Health View
BRKNMS-2847
AP Performance
BRKNMS-2847
AP Performance
BRKNMS-2847
AP Performance
BRKNMS-2847
Monitor – Access Point Radios
BRKNMS-2847
BRKNMS-2847
BRKNMS-2847
BRKNMS-2847
RRM Dashboard
RRM Dashboard
Floor Maps – 2.4GHz vs 5GHz client balance
Band Select
effectiveness
5GHz adoption
Floor Maps – 2.4GHz channel utilization %
Floor Maps – 5GHz channel utilization %
Reports – channel utilization in an area…

Slot | Protocol | CH % | RX % | TX % | Time
Floor Maps – 2.4GHz channel & TX Power
Troubleshooting Common
Complaints
BRKNMS-2847
Client Troubleshooting
“The Network Is Down…”
• Probably PEBCAK… but you never know J
• Check Prime, search for user – where are they? What is their connection
status? Link status? Do I have a down AP in that area?
• You see that they have multiple devices – WLC http profiling allows you to see
the type of other devices
• You can confirm via the heatmaps and currently connected clients list that
there are other users on the same AP the boss is having trouble with…
Checking to see if there are any other events taking place on the AP recently
BRKNMS-2847
Apple TV – Airplay Is “Skipping”…

Hmm…
Device is
dual band
capable, but
why is it on
2.4GHz?
What’s the
RSSI?
Looking at the
Apple TV over
a few week
window.
Its RSSI/SNR
look to be mostly
in the normal
range.
What about the

channel?
The Apple TV
box is currently
Connected to
Channel #1
Signal is strong
But there is
Interference
from a piconet
network with
high duty cycle…
BRKNMS-2847
“The Scanners Aren’t Working”
• Is it just the scanners?
• What does the signal strength look like at the scanner?
• What is the channel mix? Do the scanners support DFS, CH# 165?
• Depending on floor plan RRM might have turned AP power levels down too far

• Viewing RX neighbors by band,
either 2.4GHz or 5GHz
• Ability to see in table view who’s

nearby
• Very handy is the neighbors shown

on the floor map

Warehouse
floor…
Notice the
level of
Signal
propagation
between
racks…

Compare
various
areas of the
warehouse.
In this area
there is high
isolation
between
AP’s

RRM
settings for
Transmit
Power
Control
(TPC) may
not be
optimal for
high ceiling
warehouse
On site performance
validation with 7925
A continuous voice call

with music on hold to test
roaming & jitter
Additional Tools
For your consideration
InterMapper Core Network Analysis
• Graph and chart any
variable you can…
• Controller CPU
• ICMP response time
• Interface utilization
• DHCP scope utilization
• AP count per WLC
• FW drop counters
InterMapper – DHCP Scope Utilization
• Large number of guest
or transient / mobile
users?
• Importantto keep an
eye out for DHCP
scope exhaustion
• Ensurethat DHCP
pools have roughly
equal balance
InterMapper – RADIUS Request Rate
• Depending on your config,

every time a client roams a
full 802.1x authentication may
happen
• Is
your RADIUS server up to
the task?
• Keepan eye on:
request rate, reject rate and
response time
InterMapper – RADIUS Auth vs. Reject
• Keeping an eye on
RADIUS server
reject/accept rate
can provide insight
into new
supplicant issues
• Spot a accidental
misconfiguration
or problem with
directory store or
auth policy
Elastic Search + Logstash + Kibana
Elastic Search + Logstash + Kibana
• Graphical
representation of
authentication and
accounting logs
• Filter
per anything:
username
MAC addr
WLC
SSID
RADIUS instance
Hand Held Wi-Fi Analyzers
• An example would be Fluke’s Air Check
• Yes, it’s another device to carry
• Yes, it’s expensive
• It’s
the fastest way to listen to CCX advertisements from Cisco APs, showing
you client load status and other important information a lot of other tools miss
out. Great for validating antenna and coax connections are working as
expected.
• It’s a calibrated device
• Use external directional antenna for faster direction finding
Wi-Fi Signal Checks – OSX
OSX: Wi-Fi Signal app – Sits in your menu bar
<-Wi-Fi Signal
option+click->
Wi-Fi Signal Checks – OSX
• OSX: Wi-Fi Explorer App
• There is a tab to show

you AP load information
and other details sent by
the Aironet Information
Element
Wi-Fi Signal Checks – PC
• PC with Intel Pro/Wireless chip: Intel’s advanced statistics tool that’s bundled
with pro/wireless drivers. PS: Always get latest software & driver package
directly from Intel’s website)
Wi-Fi Signal Checks – PC
• Another tool to consider is Metageek’s inSSIDer.
Wi-Fi Signal Checks – Android
• Wi-Fi Analyzer
• As always your device and
its antenna, and the
position of your hand
will impact signal strength
readings.
Wi-Fi Packet Capture
• Sometimes you need to run over the air packet captures to sniff out problems and or provide
data to TAC. When you find yourself in this situation you have two choices…
Option 1:
Convert a deployed AP into Sniffer mode. This will put the AP into RX only mode, with it sending
what it hears back to the WLC and then over to Omnipeek using Omnipeek’s Cisco remote
adapter. This is not a cheap solution, and requires that you buy Omnipeek. Unless you install a
dedicated sniffer AP you also have a compromise in coverage while the existing AP is in sniffer
mode.
However, it is the best way to capture and record the RF domain for days/weeks on end. Very
useful if you have a significant long term problem. Also one of the best ways to capture roaming
in a multi-channel environment (several sniffers running at once)
https://supportforums.cisco.com/document/75236/collecting-wireless-sniffer-trace-using-cisco-lightweight-ap-sniffer-mode
Option 2:
You go into the field with a portable packet capture alternative.
For 802.11ac you might be best served with MacBook running its wireless NIC in sniffer mode
(available via wireless diagnostics).
If you are using a PC, then I typically resort to AirPcap with Wireshark. As of July 2015 there
doesn’t appear to be an 802.11ac compliant AirPcap card out yet.
Note that Microsoft’s Network Monitor software gives hit/miss access to your Wireless NIC. You
may have limited success trying to do a wireless packet capture using this software and your
internal laptop NIC.
Spectrum Analysis
• If you suspect interference then the only way to look for it is to use a spectrum analyzer
• Cisco APs with clean air have a high resolution spectrum analyzer built in and can be used for
free with Cisco’s Spectrum Expert remote software (shown to the right). If you want a more
modern user interface Metageek’s Channalyzer software (shown below) can receive spectrum
analyzer data streams from Cisco APs.
• A more portable USB based spectrum analysis
option is the WiSpy DBX, also by Metageek
Offline Channel Analysis
• Tools
like Omnipeek and Wireshark are incredibly
powerful analysis tools
• However, visualization of a over-the-air packet
capture is really cool with Metageek’s Eye PA
software
• Withthis software its very easy to identify top
talkers, or stations with very slow data rates that are
monopolizing a cell
Poor Mans Faraday Cage…
• Looking for a way to test a client
in isolation in a busy RF area?
• Wantto test roaming without
moving?
• Solution:
A broken (non functional)
microwave…
Drill a hole in the back for three

Ethernet cables:
1) PC RDP/ VNC
2) AP Ethernet
3) AP console
Good for 80+ dB of isolation
ANY QUESTIONS?
Complete Your Online Session Evaluation
• Give us your feedback to be
entered into a Daily Survey
Drawing. A daily winner will
receive a $750 Amazon gift card.
• Complete your session surveys
through the Cisco Live mobile
app or from the Session Catalog
on CiscoLive.com/us.
Don’t forget: Cisco Live sessions will be available

for viewing on-demand after the event at
CiscoLive.com/Online
Presentation ID © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
Thank you
Presentation ID
9

BRKNMS 2847 PDF

Uploaded by

Copyright:

Available Formats

BRKNMS 2847 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BRKNMS 2847 PDF

Uploaded by

Copyright:

Available Formats

© 2016 Cisco and/or its affiliates. All rights reserved.

• Troubleshooting Wireless Infrastructure Issues

• RRM / coverage gaps / clean Air Interferers

• Capacity planning / reporting

• Troubleshooting Typical Wireless Client Issues

• Additional tools for your consideration

Troubleshooting – the science that is an art…

Troubleshooting – the science that is an art…

• Nothing replaces experience!

• Your approach should fit the circumstance

• Consider all the tools at your disposal

• Consider a multi prospective approach: client, infrastructure, and environment

System Jobs – or what used to be called “background tasks”

System Jobs – or what used to be called “background tasks”

System Jobs – or what used to be called “background tasks”

System Jobs – or what used to be called “background tasks”

• Changes were made starting in release 3.1 to

Keeping Prime Current – legacy client traps on WLC

Keeping Prime Current – enhanced client traps on WLC

(Cisco Controller) >config trapflags client ?

Enhanced client traps – enabling in Prime

Enhanced client traps – enabling in Prime

When this box is checked, Prime Infrastructure

(from a wireless prospective)

Tools at your disposal

• Tune the default dashlets

• If you are focused on WLAN,

Looking for a problem in a

Consider a custom dashlet

Isolate chart to show

Customized Dashlet – Associated vs Authenticated

Customized Dashlet – Associated vs Authenticated

Tools at your disposal – Client Monitoring

Tools at your disposal – Client Monitoring

Tools at your disposal – Report Launch Pad

• Great for looking back in recent history

• What are my busiest APs?

• Channel utilization reports

• Authenticated vs associated users

• PDF exportable and or CSV…

Tools at your disposal – Report Launch Pad

Tools at your disposal – Floor Maps

• AP issues & stats

• Living form of documentation

• CRITICAL for report generation hierarchy

Floor Maps - Heatmaps

Site Health View

Site Health View

Monitor – Access Point Radios

Monitor – Access Point Radios

Monitor – Access Point Radios

Monitor – Access Point Radios

Floor Maps – 2.4GHz vs 5GHz client balance

Floor Maps – 2.4GHz channel utilization %

Floor Maps – 5GHz channel utilization %

Reports – channel utilization in an area…

Floor Maps – 2.4GHz channel & TX Power

“The Network Is Down…”

• Probably PEBCAK… but you never know J