Extreme Networks

systemscsn · ‎08-20-2021

This started way before summer, and I thought it was fixed.

I made a minor change to the power on wifi1 interface (but basically any change i make), select the device, click on Update Device. Leave the default Update Network Policy and Configuration » Delta Configuration Update checked. I see the progress bar area show Queued for a few seconds, and then Device Update Failed is displayed next to the AP.

Hovering my pointer on the Device Failed to Update, i see this “Could not generate CLI configuration. Execute Method failed, with class”…………………….

Here are all the steps I tried, all of which failed:

I rebooted the AP, once it came back up, i tried a Delta Configuration Update. It failed.

I tried a Complete Configuration Update on the AP. It failed.

Rebooted the AP again, once it came back up I tried a Complete Configuration Update. It failed.

Went into the Aruba 2920 switch, disabled the port that the AP is plugged into (its like unplugging the AP), waited 10 minutes and then re-enabled the port. Once the AP came back up I tried a Delta Configuration Update. It failed.

Went back into the Aruba 2920 switch, disabled the same port again, waited 10 minutes and then re-enabled the port. Once the AP came back up I tried a Complete Configuration Update. It failed.

This is insane. This issue is going on with any of my 160 AP’s, doesn't matter what change I've made to the AP, whether its changing the channel its on, or the power on one of the interfaces. I remember when this first reared its ugly head, we just had the banner show up at the top of the web interface, stating it had been upgraded (IQ Engine?). We have not changed our network infrastructure in any way, so I'm absolutely positive its nothing we have done.

I need to make small changes to most the AP’s on campus. I need to fine tune all of our AP’s because of Cross Channel Interference, and so need to make changes with power and channels on the AP’s. This issue is holding me back.

How can this be resolved? We have 160 AP’s most of them are attached to the ceilings, so whatever the fix, it better not involve grabbing a paperclip, ladder and interrupting classes.

Whats going on? this is an AP650(AH), and all I did this time, was change the power from Auto to 5db.

I didnt realize my issue was still going on. But it never happened until an ExtremeIQ update (i remember seeing a banner ages ago, and thats when this started). The AP is running 10.0.r5.

Any help to get this resolved that does require a paperclip and ladder is appreciated.

Thanks,

J.

systemscsn · ‎09-27-2021

UPDATE and Possible Solution.

Let me start by saying the “fix” I was told to do, was to basically set the AP back to factory. After that, of course, id have to go back into it and give it a name, its original IP (no im not doing reservations), apply its network policy, and do a complete update. For 140+ AP’s that is not a very good fix, and quite honestly if other AP’s on the same firmware, plus the same model of AP were not failing, then of course this would work.

The reason I was given for the error, and something i’m very… VERY… upset about, was that when the backend was updated - im thinking multiple times - from Hive to ExtremeIQ, it messed something up on our end because of the version of firmware we are running. While i do believe it was something done on the backend (we had not made any changes on anything, network, AP, server related on our end) that for reasons i dont know, messed up most of our AP’s so they wouldn't do any kind of update, i dont think im convinced it was our firmware version. Because if that were true then all of our AP’s on that version would fail, and they are not. However im mad because if they went into updating the backend knowing it could mess up a customers AP’s, then an email to their customers telling them to upgrade to whatever version would have been appropriate, and i know I never received an email of a possible issue with their backend messing my AP’s up! To me, there was a basic lack of any kind of Quality Assurance when the backend was updated/migrated from Hive to XIQ and for that someone should take a spanking.

While they have escalated my support ticket, i have found a workaround. For any AP thats failing to Update, and has those errors about Bonjour. You MUST go into the AP, click on Configure and then select Bonjour Gateway Settings. Make sure you have the default value of 250 in the Priority Field (some of mine were either blank or had 10 as the value), Check the box for “Override the default realm name”, then Save the Bonjour Settings, Click on Update, Delta and then Update.

That seems to fix the issue. Of course, you can never uncheck that box, or the error will come back (and it doesn't matter what version of firmware running).

basically its getting that realm name from your Network 360 Plan, if you have created one, and placed the AP on its map. You wont see the update failed message if you have a value in Priority and dont have the AP within the Network 360 Plan.

This whole thing has been a pain, and will continue to be a pain until ive gone through every AP we have and make that change.

Once I've gone though that nightmare, i plan on upgrading the firmware to the latest version, even though i can only update them after hours - which is going to take an age to do -. To think this all came about from wanting to reduce the Transmission Power. Speaking of which, i did that on an AP that I made the above change to, and while it took the update, wifi0 is still showing auto instead of 5db, which i set it to. So, who knows, maybe checking the box gets rid of the error message, but doesn't update… really….. personally i think it just takes an age for the XIQ interface to reflect the changes on the AP, so i’m leaving it alone, and carrying on clicking!

Hope this helps the next poor bugger that may get this issue.

Ill post again if the person who got my escalated support ticket gets back to me with a better, less manual way to fix this problem.

Best,

Jason.

View solution in original post

Ash_Finch · ‎08-25-2021

Yes, in theory you could! Slight tangent to the topic, but instead of creating separate policies, if you wanted to have different APs broadcasting different SSIDs you’d just use the “assign ssids using classification rules” box in the wireless networks section. Creating a separate policy for every SSID would take a lot longer and a lot messier 🙂
Yeah, for the purposes of this we don’t need to connect to the SSID, the key thing is working out whether the new policy can be pushed to the AP, then adding bonjour to check it’s definitely that causing it to break.
Do you have a screenshot of your bonjour settings? Wondering if I can try and replicate it somehow...

systemscsn · ‎08-25-2021

Hmmmm.. Creating the Policy and im in the Device Template “tab”. The Spare AP is a AP650(AH) that im going to use.

Its asking me for a template name, which i filled in, but just below that field it shows “AP650 Template - please select at least one port…..”, here:

689320d5480e4dba9fe17655d3e9ffaf_dda3124b-9df1-4100-9b1e-d7de92803a7d.png

Its going to create a new template right? and not overwrite the existing AP650 template i use on all the other AP650(AH)’s, do you know?

Thanks,

J

systemscsn · ‎08-25-2021

Thanks Ash.

That is very interesting. So you could literally have each AP have its own SSID. You could do SSID’s by location, by room….. Got to be a limit on the number of SSID’s you can create…. I suppose its nice in the sense you can make very granular changes that dont affect the entire “wifi network”. It would mean a heck of a lot of SSID’s though and maybe a lot of policies… and im having enough trouble with a tiny update… LOL.

You know, i think i will have it hidden. We basically broadcast three SSID’s, and each one of those SSID’s are on a different VLAN. This new policy im doing, im going to leave that on default, which is the default VLAN (VLAN1). I know that devices wouldnt be able to connect, but why even present that to them.

When i go into Additional Settings »>> Option Settings i guess its okay to stick with all the defaults it pops up for things like, “rates, filters, user profiles, voice WWM”, etc. and only check “Hide SSID (stealth mode).

Ill keep you posted, and thanks again,

Jason.

Ash_Finch · ‎08-25-2021

Hiding the SSID can be done via the optional setting at the bottom of the SSID page > tick Hide SSID (Stealth mode)
Correct. APs can only have one policy assigned. Therefore the test AP will just have that one policy and the test SSID. All other APs will be on the original policy and therefore won’t broadcast the test ssid. Thus, only when you’re near the test AP that you’ll see that SSID.

systemscsn · ‎08-25-2021

Thanks Ash, appreciated.

While i did make it into work very early this morning, i had quite a few things to take care of, so I didnt get a chance to try it. Id left the window open on creating a new network policy and it must have auto-saved, as I have the second one showing, which contains the basic policy.

I know there is a way to hide the SSID inside the policy, and have been debating if i want to do that. Obviously no one is going to connect to the spare AP (after i push the config) as they wont know the password.

Sorry to keep bombarding you with question, thanks for being patient. I was wondering something; i create that policy and name the SSID in that test policy as “Testing_Push”, i then push it to that AP. Im I correct that the “Testing_Push” SSID will only be seen by a device thats close to that AP and not across all the AP’s?

Im hopeful that ill be able to finish off this test, and post back what happens. I am curious what it will do after I apply the new policy, then put the original policy back. My guess is the test policy will apply just fine, but will fail when i change it back to the original policy.

Thanks,

J

Extreme Networks

Delta and Complete config update fails

Delta and Complete config update fails