Troubleshooting Utilities

Use troubleshooting utilities. Read descriptions of each Utility.

Overview

Select Utilities to see a list of helpful troubleshooting tools. The following sections describe these utilities and provide instructions for how to use them.

Locked Clients

The Locked Clients list shows the MAC addresses of clients that have been locked temporarily. When ExtremeCloud IQ authenticates a PPSK user, it must check a large list to see which PPSK password matches what the user submitted. Users that repeatedly submit incorrect passwords, or passwords for deleted or expired PPSK users, can trigger a DoS (denial of service) attack.

To prevent such attacks, ExtremeCloud IQ temporarily puts failed client MAC addresses into a sandbox. By default, a user can fail authentication 10 times in 7 minutes. When these limits are exceeded, ExtremeCloud IQ puts the client MAC address into the sandbox and blocks future authentication attempts for 30 minutes, after which the MAC address is released from the sandbox. Each ExtremeCloud IQ account maintains one sandbox per SSID.

For all authentication attempts, ExtremeCloud IQ first checks the client MAC address against the list of locked clients in the sandbox.

However, if you want to unlock a client before the timeout period expires, use the Locked Clients list to release clients and give them access to the network. To do this, select the check box for clients you want to release and then select UNLOCK.

RADIUS Test

This tool tests network connectivity between a device acting as a RADIUS authenticator (RADIUS client) and RADIUS authentication server, which can be an Extreme Networks RADIUS server, an external RADIUS authentication server, or an external RADIUS accounting server.

To perform a RADIUS test, configure the following settings:

RADIUS Server: To test connectivity to an Extreme Networks RADIUS server, Select the button for Select a Server (local RADIUS) and then choose an existing RADIUS server from the drop-down list. To test connectivity to an external RADIUS authentication or accounting server, select the button for Enter a Server (external RADIUS) and enter the IP address of the server in the field.

Extreme RADIUS Client: Select an Extreme Networks device that is acting as a RADIUS authenticator (RADIUS client) from the drop-down list. This is the AP from which the RADIUS Access-Request or Accounting-Request message is sent.

Network Connectivity Test: Select either RADIUS Authentication Server or RADIUS Accounting Server. If you select an authentication server, you must also enter supplicant credentials (user name or barcode, and a password or PIN) for a valid user account on the RADIUS authentication server.

Select Test. The results appear under Test Result. An example of test results is shown here:

RADIUS server is reachable. Get attributes from RADIUS server: User-Group-ID:0=13; VLAN-ID:1=1; Session-Timeout=1800

If you entered a user name and password that do not match an account on the RADIUS server, and if the RADIUS client can reach the RADIUS authentication server, the following message is displayed:

The RADIUS server rejected the Access Request message. Check the submitted user name and password.

If the network connectivity test is not successful, the following message is displayed:

The connection attempt to the server timed out.

SSH Availability

Enter the hostname, MAC address, or serial # of a device in the field, and then select Run. In the SSH Availability dialog box, enter the following settings to enable SSH on the device:

Timeout after: Select the length of time during which the selected device will be available for SSH access.

Enable SSH: Select to enable.

Make a note of the IP address and port number to use when forming an SSH session with the selected device. You, or another administrator with remote network access to the device, can now make an SSH connection to the device and log in to the CLI with root or read-only administrator credentials.

Device Information

The Device Information table displays information about Extreme Networks and Dell devices.

Not all table columns are shown by default. To configure the table display, select Image of the Column Picker icon , select the check boxes for the columns you want to display and clear those that you want to hide.

To rearrange the order of the columns, select on a column heading and drag it to the new position.

Select Image of the Refresh icon to refresh the data in this table.

The following columns are available for the Device Information table.

Status: The connection status and configuration audit status of a device, indicated by the following icons:

indicates that the device is currently connected to ExtremeCloud IQ

indicates that the device is not currently connected to ExtremeCloud IQ

indicates that the device is collecting data for Presence Analytics

Image of a RADIUS proxy server icon indicates that the device is functioning as a RadSec proxy server

Image of the Configuration Audit Match icon indicates that the configuration for a device on ExtremeCloud IQ matches the configuration running on the device

Image of the Configuration Audit Mismatch iconindicates that there is a difference between the configuration for a device on ExtremeCloud IQ and the configuration running on the device

  • Select Configuration Audit to see configuration details.

Host Name: The host name of the device

Uptime: The length of time since the device last powered up

IPv4: The IPv4 address of the mgt0 interface

Clients: The number of clients associated with the device

MAC: The MAC address of the mgt0 interface

Location: The map to which the device is assigned

Serial #: The serial number of the Extreme Networks device

Branch ID: The ID of the network branch where the device is deployed

Service Tag: The service tag of the Dell device

Model: The device model name

Stack Unit: The unit number of the device in a switch stack

Stack Status: The status of the device as master or standby in a switch stack

VPN Service: The name of the VPN service in which the device participates

IQ Engine Version: The IQ Engine firmware version

Updated On: The last time the configuration on the device was updated

WiFi0 Channel: The channel currently used by the WiFi0 radio

WiFi0 Power: The power level of the WiFi0 radio in dBm

Wifi1 Channel: The channel currently used by the WiFi1 radio

WiFi1 Power: The power level of the WiFi1 radio in dBm

Network Policy: The network policy to which the device belongs

MGT VLAN: The management VLAN to which the mgt0 interface belongs

Make: The device manufacturer—Extreme Networks or Dell EMC

SSH Status: Enabled or disabled. If SSH access is temporarily enabled for remote access, this column also shows the remaining time for the SSH session

Onboarded: The date when this device was onboarded to ExtremeCloud IQ

Device Mode: Whether the device is a portal or mesh point

Managed: Indicates whether the device is managed or unmanaged

External IP Address: The external IP address to which a NAT device translates the IP address of the mgt0 interface (If there is no address translation, the same IP address as that assigned to the mgt0 interface appears here.)

Country Code: The country code where the device is deployed

WiFi0 Radio Profile: The name of the radio profile applied to the WiFi0 interface

WiFi1 Radio Profile: The name of the radio profile applied to the WiFi1 interface

Application Signature File: The version number of the application signature file used by the Application Visibility and Control feature

Alarms: Icons that indicate the alarm status (Select an Alarm icon to view alarm log entries for the device.)

RADIUS Server: Whether a local RADIUS server is configured on the device

IPv6: The IPv6 address of the mgt0 interface

Eth0 LLDP Port #: The port number of the switch connecting to the Eth0 interface as learned through LLDP (Link Layer Discovery Protocol)

Eth0 LLDP Sys-ID: The system ID of the switch connecting to the Eth0 interface as learned through LLDP

Eth0 LLDP Sys-Name: The system name of the switch connecting to the Eth0 interface as learned through LLDP

Eth1 LLDP Port #: The port number of the switch connecting to the Eth1 interface as learned through LLDP

Eth1 LLDP Sys-ID: The system ID of the switch connecting to the Eth1 interface as learned through LLDP

Eth1 LLDP Sys-Name: The system name of the switch connecting to the Eth1 interface as learned through LLDP

Get Device Information

To see more details about a particular device, select the check box for the device in the table, or enter the hostname, MAC address, or serial # of a device in the field, and select GET DEVICE INFORMATION. ExtremeCloud IQ shows details for the selected device, including connection status, running code version, CPU and memory usage, radio settings, location, number of connected clients, network usage by OS type, SSID, user profile, and radio usage (2.4 GHz or 5 GHz) for a specified time period from an hour to the past 30 days. If one or more SSIDs support the submission of user names (for example, WPA2-Enterprise/802.1X), a list of the top five users by usage is displayed. If AVC (Application Visibility and Control) is enabled in the network policy to which the device belongs, you can see the top five applications by usage.

Layer 2 Neighbor Information

To see more details about a particular device, select its check box in the table, or enter the hostname, MAC address, or serial # of a device in the field, and then select Get Layer 2 Neighbor Information. In the Layer 2 Neighbor Information dialog box, you can view the following information about the backhaul link between an Extreme Networks device and its neighboring hive members:

Neighbor Information: The host name of the neighbor device

MAC Address: The MAC address of the neighboring hive member to which there is an Ethernet or wireless backhaul link. Some neighbors might appear twice in the table, once to report information about an Ethernet link and again to report information about a wireless link.

Connection Time: The total time that the backhaul link has been up, measured in days, hours, minutes, and seconds

Link Cost: The routing cost for the Ethernet or wireless link. The lower the cost, the more preferred the link.

RSSI: The RSSI (received signal strength indication) indicates the RF signal strength of the wireless link between the two neighboring hive members. The RSSI range is 0 ~ 90. To convert the RSSI value to dBm, use the following calculation: RSSI value n – 95 dBm (background noise) = received signal strength in dBm. For example, if the RSSI value is 40, then the received power level is -55 dBm (40 – 95 = -55).

Link Type: How the device links to its neighbor: Ethernet or Wireless

Locate Device

Use Locate Device to alter the status LED on an AP so that you or an assistant at a remote site can locate the physical device more easily. You can also use this utility to turn off the LED, which can be useful when an AP is mounted near a projection screen or is in a location where its light can be distracting.

Select the check box for a device in the table, of enter the hostname, MAC address, or serial # of a device in the field, and then select Locate Device. In the Locate Device dialog box, choose the color and blink mode for the status LED of the selected AP and then select Submit.

To return the LED back to normal operation, select Return to normal mode.

Get Tech Data

Use Get Tech Data to retrieve information about a device, which is helpful during troubleshooting.

Select the check box for a device in the table, of enter the hostname, MAC address, or serial # of a device in the field, and then select Get Tech Data.

In the Get Tech Data dialog box, confirm the number of devices you selected. Once ExtremeCloud IQ retrieves the data, you can save the log file and the accompanying read me file (which identifies the device from which the data was collected) to a local directory in a .tar.gz format.

  • To view the logs in a text editor, you must first expand the file with a file compression/decompression program.

VLAN Probe

In a complex network environment with multiple VLANs, the VLANs available for an AP might be difficult to locate. The VLAN probe tool helps locate these VLANs more easily.

Select the check box for a device in the table, of enter the hostname, MAC address, or serial # of a device in the field, and then select VLAN Probe. In the VLAN Probe dialog box, enter the following information:

VLAN Range: Enter the start and end of a range of VLAN IDs to probe. You can enter up to five VLAN ranges. Range numbers must not overlap.

Probe Retries: Define how many probes to send (up to 10) on each specified VLAN. The default is 1.

Timeout: Specify how long to wait for a reply from each probe. You can set a timeout from 1 to 60 seconds. The default is 3 seconds.

Select START when you are finished.

When the AP has completed a probe, it displays whether the probed VLANs are available for use and, if so, their subnet. To end a probe before it is complete, select STOP. To clear entries for a probe, select CLEAR.

Device Diagnostics

To perform basic network connectivity diagnostics, use the ping tool and view the output of CLI show commands to check the status of several functions and diagnose problems.

Select the check box for a device in the table, of enter the hostname, MAC address, or serial # of a device in the field, and then select DIAGNOSTICS. Select one of the following CLI commands to run:

Ping: By default, the selected device pings the IP address of its own mgt0 interface. You can also have the device ping any IP address, such as its default gateway, or another address beyond the gateway such as that of a DNS server.

Show Log: View the event log on the selected device.

Show Version: Check the version of IQ Engine running on the selected device.

Show Running Config: View the configuration running on the selected device (displayed as a series of CLI commands).

Show Startup Config: View the configuration used by the selected device on reboot (displayed as a series of CLI commands).

Show IP Routes: View the IP routing table on the selected device.

Show MAC Routes: View the MAC forwarding table on the selected device.

Show ARP Cache: View the ARP cache on the selected device.

Show Roaming Cache: View the roaming cache, which contains MAC addresses and PMKs (pairwise master keys) for wireless clients (supplicants) and the MAC addresses of sub-interfaces of the APs (authenticators) with which the supplicants first formed an association and were authenticated. The roaming cache table also includes the user profile ID number assigned to the supplicant, and details about the PMK, such as its ID number, lifetime, age, and time in the cache.

Show DNXP Neighbors: View neighboring hive members in the same or different subnets. This is the equivalent of entering the show amrp dnxp neighbor command. AMRP (Advanced Mobility Routing Protocol) is the protocol that hive members use to coordinate data among themselves to support roaming clients. DNXP (Dynamic Network Extension Protocol), is a component of AMRP that defines AP support for Layer 3 roaming. Hive members in different subnets use DNXP to create tunnels on an as-needed basis between themselves, giving clients the ability to seamlessly roam between subnets, while preserving their IP address settings, authentication state, encryption keys, firewall sessions, and QoS enforcement settings. Tunnels are not required for clients roaming among hive members in the same subnet.

Show DNXP Cache: View all entries in the DNXP (Dynamic Network Extension Protocol) cache. Each entry provides information that the AP uses to form an association with a client that is already associated with a DNXP neighbor and that could possibly roam to the AP. This is the equivalent of entering the "show amrp dnxp cache" command.

Show AMRP Tunnel: View information about all DNXP, INXP (Identity Network Extension Protocol), and VPN tunnels including the tunnel type, its peer IP address, and how long it has been up.

Show GRE Tunnel: View packet statistics for client traffic that hive members send through GRE (Generic Routing Encapsulation) tunnels between themselves.

This option provides statistics about GRE-tunneled traffic and is the equivalent of the "show gre-tunnel" command. The statistics that you can see include whether the tunnel is for access or backhaul communications, how many seconds have elapsed since the last packet was received through the tunnel (-1 means that no packet was received), the source and destination IP addresses of the tunnel, the number of transmitted and received packets, and the number of transmit and receive errors.

Extreme Networks devices use GRE tunnels for three features:

  • DNXP (Dynamic Network Extension Protocol): To maintain sessions when clients roam across a Layer 3 boundary, hive members in the second subnet use GRE tunnels to send traffic from the roaming clients back to other hive members in the first subnet and to receive traffic in reply.
  • INXP (Identity Network Extension Protocol): A device serving a wireless client sends its traffic through a GRE tunnel to another device in another part of the network. For example, a device on the corporate network can tunnel the traffic of a guest client through the corporate network to another device in the DMZ, completely bypassing the internal network.
  • Wireless VPN: A VPN client encapsulates client traffic within a GRE tunnel, and then encapsulates that within an IPsec tunnel so it can traverse multiple Layer 3 boundaries on its way to a VPN server.

Show IKE Event: View the most recent events that took place during IKE phase 1 and phase 2 negotiations between a VPN client device and VPN server device. If the VPN peers cannot establish a tunnel, you can view the IKE events to help identify any problems. You can see up to a maximum of 12 events.

Show IKE SA: View the cookies and creation times of SAs (security associations) established during IKE phase 1 negotiations between a VPN client device and VPN server device. If there is no SA, then the negotiations were either incomplete or unsuccessful. Use the Show IKE Event option to investigate and check the log messages for more details. Other VPN tunnel troubleshooting steps that you can take are to ping the VPN client from the VPN server (and vice versa), and check that any intervening firewall permits the default ISAKMP (IKE) and the NAT-Traversal ports: UDP 500 and UDP 4500.

Show IPsec SA: View the SA established during IKE phase 2 negotiations between a VPN client device and VPN server device. You can see the encryption algorithms, hash algorithms, and creation times of the IPsec SAs established between a VPN client and server.

Show IPsec Tunnel: View details about the IPsec tunnel as well as the amount of traffic between the VPN client and server devices. Details include the tunnel creation time, how long it has been up, the number of packets and bytes sent through the tunnel and when the next IPsec tunnel rekey is scheduled to occur. This is the same as entering the "show vpn ipsec-tunnel" command.

Show CPU: View total, per user, and per system CPU utilization for the selected device.

Show Memory: See the total amount of memory, and the amounts of free, used, buffered, and cached memory for the selected device.

Device Client Information

The Device Client list displays information about Extreme Networks and Dell device clients. Not all table columns are shown by default. To configure the table display, select Image of the Column Picker icon , select the check boxes for the columns you want to display and clear those that you want to hide.

To rearrange the order of the columns, select on a column heading and drag it to the new position.

Select Image of the Refresh icon to refresh the data in this table.

The following columns are available for the Device Client Information list:

Device Status: The connection status and configuration audit status of a device, indicated by the following icons:

indicates that the device is currently connected to ExtremeCloud IQ

indicates that the device is not currently connected to ExtremeCloud IQ

Image of the Configuration Audit Match icon indicates that the configuration for a device on ExtremeCloud IQ matches the configuration running on the device

Image of the Configuration Audit Mismatch icon indicates that there is a difference between the configuration for a device on ExtremeCloud IQ and the configuration running on the device

  • Select the Configuration Audit icon to see configuration details.

Host Name: The host name of the device

Uptime: The length of time since the device last powered up

IPv4: The IPv4 address of the mgt0 interface

Clients: The number of clients associated with the device

MAC: The MAC address of the mgt0 interface

Location: The map to which the device is assigned

Serial #: The serial number of the Extreme Networks device

Branch ID: The ID of the network branch where the device is deployed

Service Tag: The service tag of the Dell device

Model: The device model name

Stack Unit: The unit number of the device in a switch stack

Stack Status: The status of the device as master or standby in a switch stack

VPN Service: The name of the VPN service in which the device participates

IQ Engine Version: The IQ Engine firmware version

Updated On: The last time the configuration on the device was updated

WiFi0 Channel: The channel currently used by the WiFi0 radio

WiFi0 Power: The power level of the WiFi0 radio in dBm

Wifi1 Channel: The channel currently used by the WiFi1 radio

WiFi1 Power: The power level of the WiFi1 radio in dBm

Network Policy: The network policy to which the device belongs

MGT VLAN: The management VLAN to which the mgt0 interface belongs

Make: The device manufacturer—Extreme Networks or Dell EMC

SSH Status: Enabled or disabled. If SSH access is temporarily enabled for remote access, this column also shows the remaining time for the SSH session

Onboarded: The date when this device was onboarded to ExtremeCloud IQ

Device Mode: Whether the device is a portal or mesh point

Managed: Indicates whether the device is managed or unmanaged

External IP Address: The external IP address to which a NAT device translates the IP address of the mgt0 interface (If there is no address translation, the same IP address as that assigned to the mgt0 interface appears here.)

Country Code: The country code where the device is deployed

WiFi0 Radio Profile: The name of the radio profile applied to the WiFi0 interface

WiFi1 Radio Profile: The name of the radio profile applied to the WiFi1 interface

Application Signature File: The version number of the application signature file used by the Application Visibility and Control feature

Alarms: Icons that indicate the alarm status (Select an Alarm icon to view alarm log entries for the device.)

RADIUS Server: Whether a local RADIUS server is configured on the device

IPv6: The IPv6 address of the mgt0 interface

Eth0 LLDP Port #: The port number of the switch connecting to the Eth0 interface as learned through LLDP (Link Layer Discovery Protocol)

Eth0 LLDP Sys-ID: The system ID of the switch connecting to the Eth0 interface as learned through LLDP

Eth0 LLDP Sys-Name: The system name of the switch connecting to the Eth0 interface as learned through LLDP

Eth1 LLDP Port #: The port number of the switch connecting to the Eth1 interface as learned through LLDP

Eth1 LLDP Sys-ID: The system ID of the switch connecting to the Eth1 interface as learned through LLDP

Eth1 LLDP Sys-Name: The system name of the switch connecting to the Eth1 interface as learned through LLDP

Get Client Information

To see more details about the clients of a particular device, select the check box for a device, or enter the and then select GET CLIENT INFORMATION. The Client Information dialog box displays the following information about wireless client sessions that are currently associated with the selected AP:

MAC Address: The MAC address of the network adapter for the wireless client. Because MAC addresses are unique and remain fixed—unlike IP addresses that often dynamically assigned—you might find it useful to track wireless clients by their MAC addresses.

IP Address: The IP address assigned to the wireless client interface In addition to clients' MAC addresses, you can also use clients' IP addresses for tracking purposes. Although wireless clients typically receive their IP addresses dynamically through DHCP, if you already have an IPAM (IP address management) system in place, then this approach might be a viable alternative or complement to client tracking by MAC address.

Host Name: The host name of the device running the wireless client (not all devices display their host name, so this field might appear empty in some cases). Unlike MAC and IP addresses, host names can be more descriptive and provide better insight into which users are generating wireless network activity.

Device Name: The name of the device with which the client is associated.

Connection Time: The total length of time (in minutes and seconds) that the client has been associated with the Extreme Networks device.

RSSI: The latest RSSI (received signal strength indicator) for the signal that the device received from the wireless client. The RSSI indicates the RF signal strength of the link between the device and the wireless client. The RSSI range is 0 ~ 90. To convert the RSSI value to dBm, use the following calculation: RSSI value n – 95 dBm (background noise) = received signal strength in dBm. For example, if the RSSI value is 40, then the received power level is -55 dBm (40 – 95 = -55).

Authentication Method: The method that the Extreme Networks device used to authenticate the client—EAP(802.1X) or open authentication.

Encryption Method: The encryption method that the client and Extreme Networks device use to provide data confidentiality—TKIP, CCMP (AES), WEP40, and WEP140 encryption.

Client Captive Web Portal Used: Indicates whether the wireless client used a captive web portal when accessing the network.

Radio Mode: The radio mode that the Extreme Networks device and wireless client are using. The possibilities are 802.11ac, 802.11n, 802.11g, 802.11a, and 802.11b. Radios following the IEEE 802.11n, g, and b standards operate in the 2.4 GHz frequency range. Radios that follow the IEEE 802.11ac, n, and a standards broadcast in the 5.0 GHz range.

SSID: The name of the SSID through which the wireless client associated with the Extreme Networks device.

VLAN: The ID number of the VLAN to which the Extreme Networks device assigned the client.

User Profile: The user profile that the Extreme Networks device assigned to the user and that it applies to traffic to and from that user's client.

Channel: The radio channel on which the wireless client associated with the Extreme Networks device.

Last Transmission Rate (Kbps): The most recent transmission rate (Kbps) from the wireless client.

Client Information

The Client Information table shows an aggregated view of unique historical client connections within the last 30 days. Not all table columns are shown by default. To configure the table display, select Image of the Column Picker icon , select the check boxes for the columns you want to display and clear those that you want to hide.

To rearrange the order of the columns, select on a column heading and drag it to the new position.

Select Image of the Refresh icon to refresh the data in this table.

You can also search for specific entries by entering the MAC address, host name, and user name in the field at the top of this window.

The Client Information table displays the following information:

Status Health: The connection status as either wired or wireless indicated by icons.

Connection Type: The type of network connection the client had: wired or wireless.

Host Name: The host name of the device. Not all devices display their host name, so this field might appear empty in some cases.

Connection Status: The current connection status of the client: connected or disconnected.

IPv4: The IPv4 address of the client device.

MAC: The MAC address of the client device. Select the MAC address to view details about the client.

User Name: The name of the user associated with the client device.

OS Type: The operating system of the client device.

Usage: The amount of network data the client transmitted and received.

VLAN: The VLAN to which traffic from the client device was assigned.

SSID: The SSID with which a wireless client device associated.

Organization: The organization to which the user belonged.

User Profile: The user profile that the Extreme Networks device assigned to the user and that it applied to traffic to and from that user's client.

Location: The location of the client device on a topology map. Selecting the map name opens that Maps section of the GUI.

RSSI: The quality of the received signal strength indicator for the signal that the Extreme Networks AP received from the wireless client.

SNR: The quality of the signal-to-noise ratio for the wireless client.

Last Session Start Time: A timestamp when the client device started its latest network session.

Device: The model of Extreme Networks device with which the client connected to the network.

Vendor OUI: The name of the vendor of the client device as identified by its OUI (organizationally unique identifier); that is, the first six hexadecimal digits of its MAC address.

Channel: The channel on which a wireless client associated with an AP.

Authentication Method: The method that the Extreme Networks device used to authenticate the client—WPA2-PSK or open authentication.

Encryption: The encryption method that the client and Extreme Networks device use to provide data confidentiality—AES or NON (none).

IPv6: The IPv6 address of the client device.

Unbind MAC/PPSK Bindings

Use this utility to unbind a cloud-based PPSK that was previously bound to a client device. You can base the unbinding on the client MAC address, PPSK, or both client MAC address and PPSK. Make your choice from the drop-down list, enter the MAC address or PPSK or both in the fields provided, and then select Unbind.

Spectrum Intelligence

Spectrum intelligence provides a live view of the RF (radio frequency) environment on both the 2.4 GHz and 5 GHz band so that you can plan for further WLAN deployment or troubleshoot WLAN issues such as high retransmission rates caused by device interference, or slow connections due to overuse. There are two main spectrum intelligence functions: providing a graphical rendering of the RF environment in an FFT (fast Fourier Transform) trace and swept spectrogram, and identifying interfering devices such as cordless phones and microwave ovens. The number of devices that can perform a spectral scan concurrently varies depending which ExtremeCloud IQ platform you use. IQ Virtual Appliance limits the number of concurrent scans to two (that is, only two APs can perform spectrum analysis functions at the same time), the physical appliance allows for 10 concurrent scans, while ExtremeCloud IQ permits up to 20 concurrent scans.

  • To use the spectrum intelligence feature, you must have at least one SSID configured on your WLAN on at least one AP running ExtremeCloud IQ 11.28 and IQ Engine 8.0 or later.

To start spectrum intelligence analysis:

  1. Navigate to Tools.
  2. From the Utilities list on the left side of the window and select Spectrum Intelligence.
  3. In the network hierarchy window, select a floor and a device.
  4. Select Start Analysis.

A message warns you that performing this function can affect performance. To continue, select Yes to see the analysis panel, which contains three sections: a status bar, the graphical analysis feedback section, and the interference report. This analysis panel is described in the following sections.

  • During the brief intervals of time that the spectrum analyzer is sampling, no data transfer occurs. However, if the AP is very busy processing wireless traffic (that is, it has a high duty cycle), then the sampling and analysis can subtly impact the performance. In addition, any analysis that monitors multiple channels must accommodate the added time needed for the scanning interface to switch channels.

Status Bar

The status bar contains a brief overview of the current analysis parameters, including which AP is employed, the frequency band and channels, and the time remaining in the analysis. In addition to the parametric information, four navigation buttons are also displayed.

Settings: Select to open a dialog box in which you can change the parameters of the spectrum analysis. Modify the following settings, and then select Update:

Interface: Choose which interface you want to use to collect data by the band with which it is associated. If you choose 2.4 GHz (11n/b/g/), then the AP uses the wifi0 interface to monitor the 2.4 GHz band. If you choose 5 GHz (11n/a), then the AP uses the wifi1 interface to monitor the 5 GHz band.

2.4 GHz Channels: This field only appears if you choose 2.4 GHz (11n/b/g) from the Interface drop-down list. In this field you can enter any combination of channels that occur in the 2.4 GHz band. If you are entering noncontiguous channels, then separate the channel numbers by commas. If you are entering a range of channels, use the hyphen ( - ) to indicate the range. For example, to monitor channel 1, 5, and the range 7 through 11, then enter 1, 5, 7-11 in this field. To monitor the entire band, enter 1-11, or 1-13, or 1-14, depending on the channels allowed for your region.

5.0 GHz Channels: This field only appears if you choose 5 GHz (11n/a) from the Interface drop-down list. In this field you can enter any combination of channels that occur in the 5 GHz band. If you are entering noncontiguous channels, then separate the channel numbers by commas. If you are entering a range of channels, use a hyphen ( - ) to indicate the range. For example, to monitor channel 36, 48, and the range 149 through 165, then enter 36, 48, 149-165 in this field. To monitor the entire band, enter 36-165.

Data Collect Interval: The data collection interval refers to the time interval between scans of the spectrum. Each time the AP scans the spectrum, it updates the display. If the data collection interval is five seconds, then the AP scans every five seconds and updates the display. You can change the interval from 1 to 30 seconds. The default is a one-second interval.

Run Time: The run time determines how long the scanning process lasts. The default run time is five minutes, which is generally long enough to get a rough idea of the RF environment. More intense scrutiny of the RF environment requires longer run times. The maximum run time is ten hours.

Return: The return button returns you to the Manage > Access Points > APs window, an icon appears to the right of the AP name indicating that the spectrum analysis feature is enabled and that an analysis is running. To return to the spectrum analysis window, select this icon or perform the steps described above to start an analysis. Attempting to start an analysis while one is already running does not start a new instance. Instead it returns you to the display of the current analysis in progress.

Stop: Select Stop to end the current analysis and return to the Device List.

Maximize (Status Bar): Select on the status bar to expand the panel to fit the browser frame. To return to the normal view, select the four inward-pointing arrows in the upper right corner of the browser.

Graphical Analysis Feedback

This area displays graphs of the received signals, arranged by default in a two-by-two array. Use the buttons in the upper right corner of each graph to enlarge the graph for greater visibility, or o delete the graph to simplify the display.

Pause/Resume: Select Pause to suspend a trace. Pause then changes to Resume (right-pointing triangle), which you can select to resume the trace. Pausing a graph does not affect the display of data on the other graphs, and does not stop the collection of data. When you select Resume, the graph continues to display data as if there were no interruption.

Maximize a graph: Select in the upper right corner of a graph to expand it to fill the entire window. To return to the smaller (default) view, select Restore (four inward-pointing arrows).

Close: When you select Close [ x ], the selected graph disappears and the neighboring graph expands to fill the vacated area. To recover a closed display, leave the spectrum intelligence window and then return to it. When you return, the graphs are displayed in the default arrangement.

The graphical representations of the RF environment are described in detail below.

Real-time FFT: The real-time FFT trace indicates the power of a signal (vertical axis) along a domain of frequencies (horizontal axis). The term FFT refers to the mathematical algorithm used to break down received signals into their component frequencies. There are two traces in this display: the red trace indicates the real-time power levels, and the gray trace indicates the maximum power level reached during the current session. Maximize this graph to see the following additional display parameters:

Band: You can choose which band you want to monitor in this display: 2.400-2.500 GHz, 5.150-5.350 GHz, 5.470-5.725 GHz, or 5.725-5.850 GHz.

Channels: Choose one of the channel combinations in the drop-down list to display channel boundaries within the graph.

Center: Use this control to scroll the graph right or left. You can use the Center control in combination with the Span control to zoom in on a specific area of the frequency domain.

Span: This control establishes the width of the viewable area, effectively zooming in on the center frequency. Use this control in concert with the Center control to zoom in on a specific area of the frequency domain.

Reference Level: By default, the reference level of the graph (the top line) is 0 dBm. When used in conjunction with the Vertical Scale control, you can zoom in on a specific portion of the actual trace. By changing the reference level using this control, you can also view very low power levels near the noise floor. In a very quiet environment, the noise floor is generally between -130 dBm and -90 dBm; in very noisy or busy environments it is much higher.

Vertical Scale: The vertical scale of a graph indicates how much vertical distance on the graph corresponds to power. By default, the vertical scale is set to 10 dB, which means that a power change of 10 dB corresponds to a specific, physical vertical distance on the graphic display. Changing that setting to 5 dB doubles the vertical resolution of the graph. Because there are many different sizes of monitors, the actual scale that you see in your browser is relative.

Max Hold: By default, this check box is selected and displays the gray trace that indicates the maximum power level reached during the current data collection session. To turn off the gray trace, clear the check box.

FFT Duty Cycle: The FFT duty cycle is the amount of time as a percent of total time that the AP receives a signal above 20 dB above the noise floor. The FFT duty cycle is often referred to as channel utilization because it indicates to what extent a channel is actually in use in terms of the relative amount of time the signal is present (vertical axis). Within this display, there are two traces: the red trace indicates the real time duty cycle, whereas the gray trace indicates the maximum duty cycle reached during this data collection session. Maximize this display to see the following additional parameters:

Band: You can choose which band you want to monitor in this display: 2.400-2.500 GHz, 5.150-5.350 GHz, 5.470-5.725 GHz, or 5.725-5.850 GHz.

Channels: Choose one of the channel combinations in the drop-down list to display channel boundaries within the graph.

Center: Use this control to scroll the graph right or left. You can use this control in combination with the Span control to zoom in on a specific area of the frequency domain.

Span: This control establishes the width of the viewable area, effectively zooming in on the center frequency. Use this control in concert with the Center control to zoom in on a specific area of the frequency domain.

Maximum: By default, the maximum is set to 100%. This means that when the trace reaches the top of the graph, it has a duty cycle of 100%. You can use this control to set a lower maximum to gain resolution. When used with the Minimum control, you can zoom in on a specific portion of the trace.

Minimum: By default, the minimum is set to 0%. This means that when the trace reaches the bottom of the graph, it has a duty cycle of 0%. Use this control to set a higher minimum for better resolution. When used with the Maximum control, you can zoom in on a specific portion of the trace.

Max Hold: By default, this check box is selected and ExtremeCloud IQ displays the gray trace that indicates the maximum duty cycle reached during this data collection session. To turn off the gray trace, clear the check box.

Swept Spectrogram: A swept spectrogram tracks the signal power over time. It produces a color-coded sweep of spectral information that shows the real time FFT in terms of its historical values. The swept spectrogram—also called a heat map—reports the frequency on the horizontal axis, the history (in sweeps) on the vertical axis, and the power encoded as a set of colors. Blue indicates low power levels, red indicates high power levels, and the gradients from light blue through green, yellow, and orange, indicate intermediate power levels.

Maximize this display to see the following additional parameters:

BandSelect the band that you want to monitor in this display: 2.400-2.500 GHz, 5.150-5.350 GHz, 5.470-5.725 GHz, or 5.725-5.850 GHz.

Channels: Choose one of the channel combinations in the drop-down list to display channel boundaries within the graph.

Swept Spectrogram-FFT Duty Cycle: A swept spectrogram of the FFT duty cycle tracks the duty cycle over time. This spectrogram produces a color-coded sweep of duty cycle information with frequency on the horizontal axis, history (in sweeps) on the vertical axis, and the duty cycle encoded as a set of colors. Blue colors indicate low duty cycle (the darkest blue is 0%), whereas red colors indicate high duty cycles (the darkest red is 100%); the gradient of colors from light blue, through green, yellow, and orange, indicates intermediate duty cycle values.

On maximizing this display, you gain access to the following additional display parameters:

Band: You can choose which band you want to monitor in this display: 2.400-2.500 GHz, 5.150-5.350 GHz, 5.470-5.725 GHz, or 5.725-5.850 GHz.

Channels: Choose one of the channel combinations in the drop-down list to display channel boundaries within the graph.

Both swept spectrograms together provide a useful view of how the RF environment behaves over time, which in turn provides clues to uncovering problems, such as identifying intermittent interference sources.

Interference Reporting

The interference reporting area at the bottom of the pane displays any sources of RF interference that the spectrum analyzer can identify. This area provides a summary of all interference sources for quick review. This area contains six columns to help identify the affected channels and the approximate position of the interference.

AP Name: The name of the AP that is reporting the interference. If an interference source is reported by a few APs, but not others, you can use this to approximate the physical location of the interference.

Device Type: Maps the signature of the interference to a specific device type such as a cordless phone, microwave oven, or Bluetooth, which it then reports in the Device Type column. The device type listing can help determine whether the interference source might be a security concern.

Discovered: This column shows the date and time that the AP discovered the source of the interference. You can track regular, periodic, and intermittent interference sources using this information.

Channel Affected: When ExtremeCloud IQ identifies an interference source, the channel in which it occurs appears here.

Center Frequency: The center frequency of the affected channel appears in this column.

Occupied Bandwidth: This column displays the bandwidth of the affected range of frequencies.

The last three columns contain redundant information and provide the same information from different perspectives so that you can gain a more a complete understanding of the affected frequencies and channels.