This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Wireless
- ExtremeWireless (Identifi)
- Purview Integration Wireless Controller 9.21
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Purview Integration Wireless Controller 9.21
Purview Integration Wireless Controller 9.21
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-08-2015 03:56 PM
Hi community,
has anyone integrated the wireless solution V 9.21 into Purview? I get the TopN Mirror up and running but I don't get netflow packets.
Netflow is configured in the section "VNS->Global->NetflowMirrorN"
There I configured the Mgmt IP of my Purview instance and choose esa1 as my L2 Mirror Port.
Any idea?
Best Regards
Michael
has anyone integrated the wireless solution V 9.21 into Purview? I get the TopN Mirror up and running but I don't get netflow packets.
Netflow is configured in the section "VNS->Global->NetflowMirrorN"
There I configured the Mgmt IP of my Purview instance and choose esa1 as my L2 Mirror Port.
Any idea?
Best Regards
Michael
47 REPLIES 47
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-21-2015 10:39 AM
Hi Ron,
It depends on the direction of the traffic:
1) Traffic to the MU (NET to MU) if carrying a VLAN tag when received at the Appliance/AP will be mirrored as is (With VLAN tag)
Traffic from the MU (MU to NET) will always be mirrored as received from the wireless (post 802.3) which does not include the VLAN tag.
2) It depends on the topology configuration. For Bridged@Controller topologies all traffic is relayed back to the controller for N-Mirroring filtering and NetFlow metrics. Note: if mirroring applicable (Rule, Role or Service) the AP will still mirror back all traffic that is 'denied' by a Filtering@AP (controller will discard from the VLAN any such traffic, but will still mirror on Purview)
For Bridged@AP topologies, the AP will mirror only up to the first N-frames of a flow. Note2: AP will mirror up to N-Frames of any flow even if "Denied' by filtering at AP (so that Purview has complete view of all traffic intended to/by the user)
Paulo
It depends on the direction of the traffic:
1) Traffic to the MU (NET to MU) if carrying a VLAN tag when received at the Appliance/AP will be mirrored as is (With VLAN tag)
Traffic from the MU (MU to NET) will always be mirrored as received from the wireless (post 802.3) which does not include the VLAN tag.
2) It depends on the topology configuration. For Bridged@Controller topologies all traffic is relayed back to the controller for N-Mirroring filtering and NetFlow metrics. Note: if mirroring applicable (Rule, Role or Service) the AP will still mirror back all traffic that is 'denied' by a Filtering@AP (controller will discard from the VLAN any such traffic, but will still mirror on Purview)
For Bridged@AP topologies, the AP will mirror only up to the first N-frames of a flow. Note2: AP will mirror up to N-Frames of any flow even if "Denied' by filtering at AP (so that Purview has complete view of all traffic intended to/by the user)
Paulo
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-20-2015 07:43 PM
Hi Ron,
The definition in the WLAN Service will work as the catch-all policy. Policy has precedence.
So in your example, if you want to capture all the traffic on the service except specific roles, simply set the service to 'Enable' - both directions recommended to get by-directional view of the traffic.
For any Roles you want to exclude, simply set their default action Traffic Mirror to 'Prohibited'.
If you have both Role and Service set to Enable, then there's no discrepancy and any traffic from that role on that service is N-Mirrored.
Paulo
The definition in the WLAN Service will work as the catch-all policy. Policy has precedence.
So in your example, if you want to capture all the traffic on the service except specific roles, simply set the service to 'Enable' - both directions recommended to get by-directional view of the traffic.
For any Roles you want to exclude, simply set their default action Traffic Mirror to 'Prohibited'.
If you have both Role and Service set to Enable, then there's no discrepancy and any traffic from that role on that service is N-Mirrored.
Paulo
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-20-2015 06:11 PM
Hey guys, I also prepare my WLAN infrastructure for Purview and I'd need your input.
I've a single SSID/BYOD/NAC deployment with most of my APs in the office but also some in remote/home offices.
I'm not sure what the correct way is to enable Purview data collection....
Should/could I globaly enable it on the SSID but disable it for the role home office (bridge@AP).
It would make no sense to mirror all traffic back via the slow WAN link to the Purview engine.
Or should I leave WLAN service mirror disabled and enable it only on the role level (the bridge@EWC & routed roles).
What is the difference... on the WLAN service the selection is "enable both directions" but in the role the option is only "enabled".
Does it give the same information back to Purview ?
Thanks,
Ron
I've a single SSID/BYOD/NAC deployment with most of my APs in the office but also some in remote/home offices.
I'm not sure what the correct way is to enable Purview data collection....
Should/could I globaly enable it on the SSID but disable it for the role home office (bridge@AP).
It would make no sense to mirror all traffic back via the slow WAN link to the Purview engine.
Or should I leave WLAN service mirror disabled and enable it only on the role level (the bridge@EWC & routed roles).
What is the difference... on the WLAN service the selection is "enable both directions" but in the role the option is only "enabled".
Does it give the same information back to Purview ?
Thanks,
Ron
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-20-2015 12:34 PM
Reference: https://gtacknowledge.extremenetworks.com/articles/Q_A/What-port-does-Netflow-use-on-the-Indentifi-W...
Doug Hyde
Director, Technical Support / Extreme Networks
Director, Technical Support / Extreme Networks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-08-2015 06:08 PM
Hi Michael,
The 9.21 Wireless controller is sending out Netflow packets... However, it is sending it on Port 2095. NS/Purview6.2 does not listen on that port and therefore does not display any Netflow data. You need Purview6.3 in order to receive and analyze the records.
Therefore you need a minimum base of NetSight/Purview 6.3 in order for the integration to work correctly.
The 9.21 Wireless controller is sending out Netflow packets... However, it is sending it on Port 2095. NS/Purview6.2 does not listen on that port and therefore does not display any Netflow data. You need Purview6.3 in order to receive and analyze the records.
Therefore you need a minimum base of NetSight/Purview 6.3 in order for the integration to work correctly.
