ers « back to results for ""
Below is a cache of http://www.cisco.com/en/US/docs/wireless/wlse/2.13/user/guide/monitor.pdf. It's a snapshot of the page taken as our search engine crawled the Web.
The web site itself may have changed. You can check the current page or check for previous versions at the Internet Archive. Yahoo! is not affiliated with the authors of this page or responsible for its content.
Fault Monitoring C H A P T E R

3-1
User Guide for the CiscoWorks Wireless LAN Solution Engine
OL-8374-01
3
Fault Monitoring
The Faults tab displays information to help you monitor your devices. All the device information shown
under this tab is polled from the devices in your network.
Following are the subtabs under Faults:
Note
Some of the subtabs may not be visible to some users. Display FaultsSee
Displaying Fault Information, page 3-1 Manage Fault SettingsSee
Managing Fault Settings, page 3-10 Voice SummarySee
Viewing the Status of the VoWLAN, page 3-53 Voice QoS SettingsSee
Assigning Voice QoS Fault Settings, page 3-54 Notification SettingsSee
Notification Settings, page 3-56
Note
In this release, the Rogue, Ad-Hoc, and Interference network-wide settings have been moved from Faults
> Manage Network-Wide Settings to IDS > Manage Network-Wide IDS Settings (see
Using the Manage
IDS Settings Subtab, page 14-6
).
Displaying Fault Information
Note
For an explanation of the faults, in the online help click Troubleshooting, or on Cisco.com see the Fault
Description Table in the FAQ and Troubleshooting Guide for the Wireless LAN Solution Engine, Release
2.13.
The topics covered in this section are: Understanding Fault and Security Policy Monitoring, page 3-2 Displaying Faults, page 3-4 Clearing Summary Table Faults, page 3-6 Acknowledging Faults, page 3-7 Viewing Fault Details, page 3-7
3-2
User Guide for the CiscoWorks Wireless LAN Solution Engine
OL-8374-01
Chapter 3 Fault Monitoring
Displaying Fault Information
Related Topics Setting Policies and Thresholds, page 3-14
Understanding Fault and Security Policy Monitoring
The fault monitoring feature interrogates managed devices for specific data, compares these data against
thresholds, and declares faults when the thresholds have been crossed.
You can configure the WLSE to generate a notification as an SNMP trap and/or a syslog message after
a fault has been declared. The data interrogated by the fault monitoring feature includes security
configuration parameters (security policy monitoring) and SNMP parameters used for performance
related faults.
The following topics are included in this section: Understanding How Faults Are Generated, page 3-2 Understanding Fault States, page 3-2 Understanding Security Policy Monitoring Faults, page 3-3 Understanding Threshold-Related Faults, page 3-3
Understanding How Faults Are Generated
The WLSE declares a fault condition for a managed device when an abnormal condition is detected. An
abnormal condition for a managed device occurs when a system component is not configured or
functioning properly, or when processed data related to system components exceed performance
thresholds.
Related Topics Understanding Fault States, page 3-2
Understanding Fault States
Faults can be in any of the following states: ActiveThis is a state in which at least one of the conditions contributing to the fault is broken.
For example, the CPU utilization threshold has three states: OK, Degraded and Overloaded. In this
case, OK is the best state and Overloaded and Degraded are broken states. Similarly, a port
threshold might have an Up and a Down state, where Up is the best state and Down is the broken
state. AcknowledgedThis is a state in which you have selected an Active fault from the Fault Summary,
and acknowledged it. The fault is removed from the Active list, but the conditions contributing to
the fault still exist.
Faults can be acknowledged from the Summary Page. See
Acknowledging Faults, page 3-7 ClearedThis is a state in which all the conditions contributing to the fault no longer exist or when
the administrator selects a fault and clears it.
Faults generated by polling are automatically cleared based on polled data. When the fault has not
been generated by polling, or when polling has been disabled, the fault can be manually cleared from
the following places: Summary PageSee
Clearing Summary Table Faults, page 3-6
.
3-3
User Guide for the CiscoWorks Wireless LAN Solution Engine
OL-8374-01
Chapter 3 Fault Monitoring
Displaying Fault Information Fault Details WindowSee
Viewing Fault Details, page 3-7
. Thresholds and PoliciesSee
Viewing Current Faults, page 3-51
.
Related Topics Managing Fault Settings, page 3-10 Understanding Fault and Security Policy Monitoring, page 3-2
Understanding Security Policy Monitoring Faults
Many WLAN security vulnerabilities can be mitigated by correctly configuring the WLAN. You can use
the WLSE to validate a critical set of configuration parameters and generate faults if improper
configurations are detected.
The WLSE uses SNMP to periodically interrogate the configuration parameters of managed devices. If
the configuration parameter is not correctly configured, a fault is generated. For example, you can use
the WLSE to periodically verify that Publicly Secure Packet Forwarding (PSPF) is configured and
enforced on wireless devices. If the WLSE determines that PSPF has been turned off on a wireless
device, it will generate a fault for the security misconfiguration.
After you have established security policies in your network, you can use this feature to validate that the
security policies are enforced on managed access points.
Related Topics Setting Policies and Thresholds, page 3-14 Understanding Fault and Security Policy Monitoring, page 3-2
Understanding Threshold-Related Faults
The WLSE compares data retrieved from managed devices against thresholds and can generate faults
when the thresholds are exceeded. You can configure the priority of the fault condition and the threshold
conditions for the fault (see
Setting Policies and Thresholds, page 3-14
).
Each WLSE fault is described by a finite state machine (FSM). A WLSE fault is described by either a
two-state FSM or a three-state FSM. In each fault FSM, state transitions occur when polled and
processed data exceed a configured threshold. These thresholds are defined by two parametersa
configured state transition condition and a number of polling intervals.
Two-State Finite State Machines
The RF Port Status for managed wireless bridges and/or access points is an example of a two-state fault
FSM: The clear state for the RF port status FSM corresponds to when the RF port status is administratively
and operationally up. The fault state for the RF port status FSM corresponds to when the RF port status is administratively
up but operationally down.
Therefore, when the WLSE polls a managed wireless bridge or access point and determines that its RF
port is administratively up but operationally down
,
and this condition has existed for the configured
number of polling intervals, the WLSE will generate a fault for the device, indicating that RF port status
is down. If during subsequent polling, the WLSE determines the RF port status is both administratively
and operationally up for the required number of polling intervals, the WLSE will clear the RF port status
down fault for the device.
3-4
User Guide for the CiscoWorks Wireless LAN Solution Engine
OL-8374-01
Chapter 3 Fault Monitoring
Displaying Fault Information
Three-State Finite State Machines
The RF port utilization for managed wireless bridges and access points is an example of the three-state
fault FSM. RF port utilization is measured as a percent of available bandwidth on the wireless devices
RF port. For this example, we will make the following assumptions: The threshold for the degraded state for RF port utilization is fifty percent utilization for three
polling cycles. The threshold for the overloaded state is eighty percent utilization for three polling cycles. The RF port utilization for each managed device is considered in the OK state when the utilization
is below fifty percent for any two consecutive polling cycles.
Using these threshold values, the WLSE will generate faults for: The degraded state if the RF port utilization is between fifty and eighty percent for three consecutive
polling intervals. The overloaded state if the RF port utilization moves above 80% for three consecutive polling
intervals.
In both cases, if subsequent polling indicates the RF port utilization has moved below fifty percent for
two consecutive polling cycles, the fault condition will clear.
Related Topics Setting Policies and Thresholds, page 3-14
. Understanding Fault and Security Policy Monitoring, page 3-2
.
Displaying Faults
Note
For an explanation of the faults, in the online help click Troubleshooting, or on Cisco.com see the Fault