Cisco Prime Infrastructure 3.0 User Guide

Installing Device and wIPS License Files

You can install device and wIPS licenses from Prime Infrastructure.

Step 1 Choose Administration > Licenses and Software Updates > Licenses .

Step 2 Choose Files > MSE Files .

Step 3 Click Add . The Add a License File dialog appears.

Step 4 Choose the appropriate MSE name from the MSE Name drop-down list.

Step 5 Verify that the UDI of the selected MSE matches the one you entered when registering the PAK.

Step 6 Click Choose File to browse and to select the license file.

Step 7 Click Upload . The newly added license appears in the MSE license file list.

Viewing MSE License Information

The license center allows you to manage Prime Infrastructure, Wireless LAN Controllers, and MSE licenses. To view the license information, follow these steps

Step 1 Choose Administration > Licenses and Software Updates > Licenses .

Step 2 Choose Summary > MSE from the left sidebar menu, to view the summary page.

The MSE Summary page displays the following information. See Table 42-2 .

Deleting MSE License Files

To delete an MSE license file, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Service Engine .

The Mobility Services page appears.

Step 2 Click Device Name to delete a license file for a particular service.

Step 3 From the Select a command drop-down list, choose Edit Configuration.

Step 4 Click Next in the Edit Mobility Services Engine dialog box.

The MSE License Summary page appears.

Step 5 Choose the MSE license file that you want to delete in the MSE License Summary page.

Step 6 Click Remove License .

Step 7 Click OK to confirm the deletion or Cancel to close this page without deleting the license.

Step 8 Click Next to enable services on the MSE.

Related Topics

• Viewing MSEs
• Adding MSEs to Prime Infrastructure
• Deleting MSE License Files
• Deleting MSEs from Prime Infrastructure
• Synchronizing Prime Infrastructure and MSE

Deleting MSEs from Prime Infrastructure

To delete an MSE from the Prime Infrastructure database, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines.

The Mobility Services page appears.

Step 2 Select the MSE(s) to be deleted by selecting the corresponding Device Name check box(es).

Step 3 From the Select a command drop-down list, choose Delete Service(s) .

Step 4 Click Go .

Step 5 Click OK to confirm that you want to delete the selected MSE from the Prime Infrastructure database.

Step 6 Click Cancel to stop the deletion.

Related Topics

• Viewing MSEs
• Adding MSEs to Prime Infrastructure
• Deleting MSEs from Prime Infrastructure

Synchronizing Prime Infrastructure Network Designs, Controllers, Wires Switches, or Event Groups

To synchronize Prime Infrastructure network designs, controllers, wired switches, or event groups with the MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Synchronize Services .

Step 2 Choose the appropriate menu option (Network Designs, Controllers, Event Groups, Wired Switches, Third Party Elements, or Service Advertisements) from the left sidebar menu.

Step 3 To assign a network design to an MSE, from the left sidebar menu, choose
Network Designs .

Step 4 Select all the maps to be synchronized with the MSE by selecting the corresponding Name check box.

Through 6.0, you can assign only up to a campus level to an MSE. Beginning with 7.0 this option is granular to a floor level. For example, you can choose to assign floor1 to MSE 1, floor2 to MSE 2, and floor3 to MSE 3.

Step 5 Click Change MSE Assignment .

Step 6 Select the MSE to which the maps are to be synchronized.

A network design might include a floor in a campus or a large campus with several buildings, each monitored by a different MSE. Because of this, you might need to assign a single network design to multiple MSEs.

Step 7 Click either of the following in the MSE Assignment dialog box:

• Save—Saves the MSE assignment. The following message appears in the Messages column of the Network Designs page with a yellow arrow icon:

“To be assigned - Please synchronize”.

• Cancel—Discards the changes to the MSE assignment and return to the Network Designs page.

You can also click Reset to undo the MSE assignments.

A network design may include a floor in a campus or a large campus with several buildings, each monitored by a different MSE. Because of this, you may need to assign a single network design to multiple MSEs.

Network design assignments also automatically picks up the corresponding controller for synchronization.

Step 8 Click Synchronize to update the MSE(s) database(s).

When items are synchronized, a green two-arrow icon appears in the Sync.

You can use the same procedure to assign wired switches or event groups to an MSE.

Related Topics

• Synchronizing Prime Infrastructure and MSE
• Viewing Synchronization History
• Synchronizing Controllers with MSEs
• Configuring Smart Mobility Services Engine Database Synchronization
• Out-of-Sync Alarms

Synchronizing Controllers with MSEs

You can assign an MSE to any wireless controller on a per-service (CAS or wIPS) basis.

To assign an MSE service to wireless controllers, follow these steps:

Step 1 In the synchronization page, choose Controllers .

Step 2 Choose the controllers to be assigned to the MSE.

Step 3 Click Change MSE Assignment .

Step 4 Choose the MSE to which the controllers must be synchronized.

Step 5 Click either of the following in the dialog box:

• Save —Saves the MSE assignment. The following message appears in the Messages column of the Controllers page:

To be assigned - Please synchronize .

• Cancel — Discards the changes to the MSE assignment and returns to the Controllers page.

You can also click Reset to undo the yellow button assignments.

Step 6 Click Synchronize to complete the synchronization process.

Step 7 Verify that the MSE is communicating with each of the controllers for only the chosen service. This can be done by clicking the NMSP status link in the status page.

After Synchronizing a controller, verify that the timezone is set on the associated controller. Controller names must be unique for synchronizing with an MSE. If you have two controllers with the same name, only one is synchronized.

To unassign a network design, controller, wired switch, or event group from an MSE, follow these steps:

Step 1 On the respective tabs, click one or more elements, and click Change MSE Assignment . The Choose MSE dialog box appears.

Step 2 Unselect the Mobility Services Engine check box if you do not want the elements to be associated with that MSE.

Step 3 Click Save to save the changes to the assignments.

Step 4 Click Synchronize . A two-arrow icon appears in the Sync Status column.

Related Topics

• Viewing MSEs
• Synchronizing Prime Infrastructure and MSE
• Viewing Synchronization History
• Synchronizing Prime Infrastructure and MSE
• Configuring Smart Mobility Services Engine Database Synchronization

Managing Third-Party Elements on MSEs

When you synchronize elements with MSE, there might be event groups on the MSE that have been created by third-party applications. You can either delete the unused elements or mark them as third-party elements.

To delete the elements or mark them as third-party elements, follow these steps:

Step 1 Choose Services > Mobility Services > Synchronize Services.

The Network Design page appears.

In the Network Design page, choose Third Party Elements from the left sidebar menu.

The Third Party Elements page appears.

Step 2 Select one or more elements.

Step 3 Click one of the following buttons:

• Delete Event Groups —Deletes the selected event groups.
• Mark as 3rd Party Event Group(s) —Marks the selected event groups as third-party event groups.

Related Topics

• Viewing MSEs
• Synchronizing Prime Infrastructure and MSE
• Viewing Synchronization History
• Synchronizing Prime Infrastructure and MSE
• Configuring Smart Mobility Services Engine Database Synchronization
• Synchronizing Controllers with MSEs
• Out-of-Sync Alarms

Setting and Verifying the Controller Time Zones

For controller Releases 4.2 and later, if an MSE (Release 5.1 or greater) is installed in your network, it is mandatory that the time zone be set on the controller to ensure proper synchronization between the two systems.

Greenwich Mean Time (GMT) is used as the standard for setting the time zone system time of the controller.

You can automatically set the time zone during initial system setup of the controller or manually set it on a controller already installed in your network.

To manually set the time and time zone on an existing controller in your network using the CLI, follow these steps:

Step 1 Configure the current local time in GMT on the controller by entering the following commands:

When setting the time, the current local time is entered in terms of GMT and as a value between 00:00 and 24:00. For example, if it is 8 AM Pacific Standard Time (PST) in the US, you enter 16:00 (4 PM PST) as the PST time zone is 8 hours behind GMT.

Step 2 Verify that the current local time is set in terms of GMT by entering the following command:

Step 3 Set the local time zone for the system by entering the following commands:

When setting the time zone, you enter the time difference of the local current time zone with respect to GMT (+/-). For example, Pacific Standard Time (PST) in the United States (US) is 8 hours behind GMT (UTC) time. Therefore, it is entered as -8.

Step 4 Verify that the controller shows the current local time with respect to the local time zone rather than in GMT by entering the following command:

The time zone delta parameter in the show time command shows the difference in time between the local time zone and GMT (8 hours). Before configuration, the parameter setting is 0.0.

Related Topics

• Viewing MSEs
• Synchronizing Prime Infrastructure and MSE
• Viewing Synchronization History
• Synchronizing Prime Infrastructure and MSE
• Synchronizing Controllers with MSEs
• Configuring Smart Mobility Services Engine Database Synchronization
• Managing Third-Party Elements on MSEs

Configuring Smart Mobility Services Engine Database Synchronization

Manual synchronization of Prime Infrastructure and MSE databases provides immediate synchronization. However, future deployment changes (such as making changes to maps and access point positions), can yield incorrect location calculations and asset tracking until resynchronization reoccurs.

To prevent out-of-sync conditions, use Prime Infrastructure to carry out synchronization. This policy ensures that synchronization between Prime Infrastructure and MSE databases is triggered periodically and any related alarms are cleared.

Any change to one or more of any synchronized components is automatically synchronized with the MSE. For example, if a floor with access points is synchronized with a particular MSE and then one access point is moved to a new location on the same floor or another floor which is also synchronized with the MSE, then the changed location of the access point is automatically communicated.

To further ensure that Prime Infrastructure and MSE are in sync, smart synchronization happens in the background.

To configure smart synchronization, follow these steps:

Step 1 Choose Administration > Settings > Background Tasks .

The Background Tasks summary page appears.

Step 2 Select the Mobility Service Synchronization check box.

Step 3 The Mobility Services Synchronization page appears.

Step 4 To set the MSE to send out-of-sync alerts, select the Enabled check box in the Out of Sync Alerts group box.

Step 5 To enable smart synchronization, select the Smart Synchronization Enabled check box.

Smart synchronization does not apply to elements (network designs, controllers, or event groups) that have not yet been assigned to an MSE. However, out-of-sync alarms are still generated for these unassigned elements. For smart synchronization to apply to these elements, you need to manually assign them to an MSE.

When an MSE is added to Prime Infrastructure, the data in Prime Infrastructure is always treated as the primary copy that is synchronized with the MSE. All synchronized network designs, controllers, event groups and wired switches that are present in the MSE and not in Prime Infrastructure are removed automatically from MSE.

Step 6 Enter the time interval, in minutes, that the smart synchronization is to be performed.

By default, smart-sync is disabled.

Step 7 Click Submit .

Smart Controller Assignment and Selection Scenarios

Scenario 1

If a floor having at least one access point from a controller is chosen to be synchronized with the MSE from the Network Designs section of the Synchronization page, then the controller to which that access point is connected is automatically selected to be assigned to the MSE for CAS service.

Scenario 2

When at least one access point from a controller is placed on a floor that is synchronized with MSE, the controller to which the access point is connected is automatically assigned to the same MSE for CAS service.

Scenario 3

An access point is added to a floor and is assigned to an MSE. If that access point is moved from controller A to controller B, then controller B is automatically synchronized to the MSE.

Scenario 4

If all access points placed on a floor which is synchronized to the MSE are deleted then that controller is automatically removed from MSE assignment or unsynchronized.

Related Topics

• Synchronizing Prime Infrastructure and MSE
• Viewing Synchronization History
• Synchronizing Prime Infrastructure and MSE
• Synchronizing Controllers with MSEs
• Managing Third-Party Elements on MSEs
• Out-of-Sync Alarms

Viewing MSE Synchronization Status

You can use the Synchronize Servers command in Prime Infrastructure to view the status of network design, controller, and event group synchronization with an MSE.

To view synchronization status, follow these steps:

Step 1 Choose Services > Mobility Services > Synchronize Services .

Step 2 From the left sidebar menu, choose Network Designs, Controllers, Event Groups, Wired Switches Third Party Elements, or Service Advertisements.

For each of the elements, the Sync. Status column shows the synchronization status. A green two-arrow icon indicates that its corresponding element is synchronized with the specified server such as an MSE. A gray two-arrow icon with a red circle indicates that its corresponding item is not synchronized with a provided server.

A green two-arrow icon does not indicate the NMSP connection status for a controller.

You can also view the synchronization status at Monitor > Maps > System Campus > Building > Floor

where Building is the building within the campus and Floor is a specific floor in that campus building.

The MSE Assignment option on the left sidebar menu shows which MSE the floor is currently assigned to. You can also change MSE assignment from this page.

Related Topics

• Viewing MSEs
• Adding MSEs to Prime Infrastructure
• Synchronizing Prime Infrastructure and MSE
• Synchronizing Controllers with MSEs
• Viewing Synchronization History
• Out-of-Sync Alarms

Viewing Synchronization History

You can view the synchronization history for the last 30 days for an MSE. This is especially useful when automatic synchronization is enabled as alarms are automatically cleared. Synchronization History provides a summary of those cleared alarms.

The Synchronization History page on the Services tab is available only in the root virtual domain in Release 7.3.

To view synchronization history, choose Services > Synchronization History and click the column headers to sort the entries.

Related Topics

• Viewing MSEs
• Synchronizing Prime Infrastructure and MSE
• Synchronizing Controllers with MSEs
• Managing Third-Party Elements on MSEs
• Setting and Verifying the Controller Time Zones
• Configuring Smart Mobility Services Engine Database Synchronization
• Out-of-Sync Alarms
• Viewing MSE Synchronization Status

Editing NMSP Parameters for MSE

Network Mobility Services Protocol (NMSP) manages communication between the mobility service and the controller. Transport of telemetry, emergency, and RSSI values between the mobility service and the controller is managed by this protocol.

Note • The NMSP parameter is supported in mobility services installed with Release 3.0 through 7.0.105.0. It is not supported on releases later than 7.0.105.0.

• NMSP replaces the LOCP term introduced in Release 3.0.
• Telemetry and emergency information is only seen on controllers and Prime Infrastructure installed with Release 4.1 software or greater and on mobility service engine running release 3.0 or later software.
• The TCP port (16113) that the controller and mobility service communicate over must be open (not blocked) on any firewall that exists between the controller and mobility service for NMSP to function.

The NMSP Parameters dialog box in Prime Infrastructure enables you to modify NMSP parameters such as echo and neighbor dead intervals as well as response and retransmit periods.

To configure NMSP parameters, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the MSE whose properties you want to edit.

Step 3 From the left sidebar menu, choose Status > NMSP Parameters .

Step 4 Modify the NMSP parameters as appropriate.

Note We do not recommend you change the default parameter values unless the network is experiencing slow response or excessive latency.

NMSP parameters include the following:

• Echo Interval—Defines how frequently an echo request is sent from a mobility service to a controller. The default value is 15 seconds. Allowed values range from 1 to 120 seconds.

If a network is experiencing slow response, you can increase the values of the echo interval, neighbor dead interval and the response timeout values to limit the number of failed echo acknowledgements.

• Neighbor Dead Interval—The number of seconds that the mobility service waits for a successful echo response from the controller before declaring the neighbor dead. This timer begins when the echo request is sent.

The default values is 30 seconds. Allowed values range from 1 to 240 seconds. This value must be at least two times the echo interval value.

• Response Timeout—Indicates how long the mobility service waits before considering the pending request as timed out. The default value is one second. Minimum value is one (1). There is no maximum value.
• Retransmit Interval—Interval of time that the mobility service waits between notification of a response time out and initiation of a request retransmission. The default setting is 3 seconds. Allowed values range from 1 to 120 seconds.
• Maximum Retransmits—Defines the maximum number of retransmits that are done in the absence of a response to any request. The default setting is 5. Allowed minimum value is zero (0). There is no maximum value.

Step 5 Click Save to update Prime Infrastructure and mobility service databases.

Viewing Active Session Details for MSE

The Active Sessions dialog box in Prime Infrastructure enables you to view active user sessions on the MSE.

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the MSE.

Step 3 From the left sidebar menu, choose System > Active Sessions .

Prime Infrastructure shows a list of active mobility service sessions. For every session, Prime Infrastructure shows the following information:

• Session identifier
• IP address from which the mobility service is accessed
• Username of the connected user
• Date and time when the session started
• Date and time when the mobility service was last accessed
• How long the session was idle since the last access

Viewing Trap Destinations for MSE

The Trap Destinations dialog box of Prime Infrastructure enables you to specify which Prime Infrastructure or Cisco Security Monitoring, Analysis, and Response System (CS-MARS) network management platform is the recipient of SNMP traps generated by the MSE.

To view a trap destination for an MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the MSE.

Step 3 From the left sidebar menu, choose System > Trap Destinations .

Prime Infrastructure shows a list of current trap destinations including the following information:

• IP address
• Port No.
• Community
• Destination type
• SNMP Version

Use the Select a command drop-down list to add or delete a trap destination.

Adding Trap Destinations for MSE

To add a trap destination, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the mobility service.

Step 3 From the left sidebar menu, choose System > Trap Destinations .

Step 4 Choose Add Trap Destination from the command drop-down list and click Go.

The New Trap Destination page appears.

Step 5 Enter the following details (see Table 42-4 ).

Step 6 Click Save to save the changes or Cancel to discard the changes.

Editing Advanced Parameters for MSE

The Advanced Parameters dialog box in Prime Infrastructure enables you to set the number of days events are kept, set session time out values, set an absent data interval cleanup interval, and enable or disable Advanced Debug. You can use Prime Infrastructure to modify troubleshooting parameters for an MSE.

To edit advanced parameters for an MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the mobility service whose properties you want to edit.

Step 3 From the left sidebar menu, choose System > Advanced Parameters .

Step 4 View or modify the advanced parameters as necessary.

• General Information
• Advanced Parameters

– Number of Days to keep Events—Enter the number of days to keep logs. Change this value as required for monitoring and troubleshooting.

– Session Timeout—Enter the number of minutes before a session times out. Change this value as required for monitoring and troubleshooting. Currently this option appears dimmed.

• Cisco UDI

– Product Identifier (PID)—The Product ID of the MSE.

– Version Identifier (VID)—The version number of the MSE.

– Serial Number (SN)—Serial number of the MSE.

• Advanced Commands

– Reboot Hardware—Click to reboot the mobility service hardware. See the “Rebooting the MSE Hardware” section for more information.

– Shutdown Hardware—Click to turn off the mobility service hardware. See the “Shutting Down the MSE Hardware” section for more information.

– Clear Database—Click to clear the mobility services database. Unselect the Retain current service assignments in the Prime Infrastructure check box to remove all existing service assignments from Prime Infrastructure and MSE. The resources have to be reassigned from Services > Synchronize Services page. This option is selected by default.

Step 5 Click Save to update Prime Infrastructure and mobility service databases.

Rebooting the MSE Hardware

If you need to restart an MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines.

Step 2 Click the name of the MSE that you want to reboot.

Step 3 Click System .

Step 4 Click Advanced Parameters .

Step 5 In the Advanced Commands dialog box, click Reboot Hardware .

Step 6 Click OK to confirm that you want to reboot the MSE hardware.

The rebooting process takes a few minutes to complete.

Shutting Down the MSE Hardware

If you need to shut down an MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the MSE that you want to shut down.

Step 3 Click System .

Step 4 Click Advanced Parameters .

Step 5 In the Advanced Commands dialog box, click Shutdown Hardware .

Step 6 Click OK to confirm that you want to shut down the MSE.

Clearing the MSE Database

To clear an MSE configuration and restore its factory defaults, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines.

Step 2 Click the name of the MSE you want to configure.

Step 3 Click System .

Step 4 Click Advanced Parameters .

Step 5 In the Advanced Commands dialog box, unselect the Retain current service assignments in the Prime Infrastructure check box to remove all existing service assignments from Prime Infrastructure and MSE.

The resources have to be reassigned in the Services > Synchronize Services page. By default, this option is selected.

Step 6 In the Advanced Commands dialog box, click Clear Database.

Step 7 Click OK to clear the MSE database.

Configuring MSE Logging Options

You can use Prime Infrastructure to specify the logging level and types of messages to log.

To configure logging options, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the MSE that you want to configure.

Step 3 Choose System > Logs . The advanced parameters for the selected MSE appear.

Step 4 Choose the appropriate options from the Logging Level drop-down list.

There are four logging options: Off, Error , Information , and Trace .

All log records with a log level of Error or preceding are logged to a new error log file locserver-error-%u-%g.log. This is an additional log file maintained along with the location server locserver-%u-%g.log log file. The error log file consists of logs of Error level along with their context information. The contextual information consists of 25 log records prior to the error. You can maintain up to 10 error log files. The maximum size allowed for each log file is 10 MB.

Step 5 Select the Enabled check box next to each element listed in that section to begin logging its events.

Step 6 Select the Enable check box in the Advanced Parameters dialog box to enable advanced debugging. By default, this option is disabled.

Step 7 To download log files from the server, click Download Logs . See the Downloading MSE Log Files for more information.

Step 8 In the Log File group box, enter the following:

• The number of log files to be maintained in the MSE. You can maintain a minimum of 5 log files and a maximum of 20 log files in the MSE.
• The maximum log file size in MB. The minimum log file size is 10 MB and the maximum is 50 MB.

Step 9 In the MAC Address Based Logging group box, do the following:

• Select the Enable check box to enable MAC address logging. By default, this option is disabled.
• Add one or more MAC addresses for which you want to enable logging. You can also remove MAC addresses that you have already added by selecting the MAC address from the list and clicking Remove .

See the MAC Address-based Logging for more information on MAC Address-based logging.

Step 10 Click Save to apply your changes.

MAC Address-based Logging

This feature allows you to create log files that are specific to an entity whose MAC address is specified. The log files are created in the locserver directory under the following path:

/opt/mse/logs/locserver

A maximum of 5 MAC addresses can be logged at a time. The Log file format for MAC address aa:bb:cc:dd:ee:ff is macaddress-debug-aa-bb-cc-dd-ee-ff.log

You can create a maximum of two log files for a MAC Address. The two log files might consist of one main and one backup or rollover log file.

The minimum size of a MAC log file is 10 MB. The maximum size allowed is 20 MB per MAC Address. The MAC log files that are not updated for more than 24 hours are pruned.

Downloading MSE Log Files

If you need to analyze MSE log files, you can use Prime Infrastructure to download them to your system. Prime Infrastructure downloads a zip file containing the log files.

To download a .zip file containing the log files, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the MSE to view its status.

Step 3 From the left sidebar menu, choose Logs .

Step 4 Click Download Logs .

Step 5 Follow the instructions in the File Download dialog box to open the file or save the zip file to your system.

Deleting MSE Users

To delete a user from an MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the device name of the MSE that you want to edit.

Step 3 From the left sidebar menu, choose Systems > Accounts > Users .

Step 4 Select the check box(es) of the user(s) that you want to delete.

Step 5 From the Select a command drop-down list, choose Delete User .

Step 6 Click Go .

Step 7 Click OK to confirm that you want to delete the selected users.

Editing User Properties

To change user properties, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the device name of the MSE that you want to edit.

Step 3 From the left sidebar menu, choose Systems > Accounts > Users .

Step 4 Click the username of the user that you want to edit.

Step 5 Make the required changes to the Password, Group Name, and Permission text boxes.

Step 6 Click Save to apply your change.

Deleting User Groups

To delete user groups from an MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the device name of the MSE that you want to edit.

Step 3 From the left sidebar menu, choose Systems > Accounts > Groups .

Step 4 Select the check box(es) of the group(s) that you want to delete.

Step 5 From the Select a command drop-down list, choose Delete Group .

Step 6 Click Go .

Step 7 Click OK to confirm that you want to delete the selected users.

Editing Group User Permissions

To change user group permissions, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the device name of the MSE that you want to edit.

Step 3 From the left sidebar menu, choose Systems > Accounts > Groups .

Step 4 Click the group name of the group that you want to edit.

Step 5 Choose a permission level from the Permission drop-down list.

Step 6 Click Save to apply your change.

Viewing MSE Server Events

To view a list of server events, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the applicable MSE.

Step 3 From the left sidebar menu, choose System > Status > Server Events .

The Status > Server Events page provides the following information:

• Timestamp—Time of the server event.
• Severity—Severity of the server event.
• Event—Detailed description of the event.
• Facility—The facility in which the event took place.

Viewing MSE Audit Logs

You can view the audit logs for User-triggered operations using the Audit Logs option available in an MSE. To view the audit logs, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the applicable MSE.

Step 3 From the left sidebar menu, choose System > Status > Audit Logs .

The Status > Audit Logs page provides the following information:

• Username—The Username which has triggered the audit log.
• Operation—The operation that has been performed by the User.
• Operation Status—The status of the operation and it can be SUCCESSFUL or FAILED.
• Invocation Time—The date and time at which the audit log was recorded for the specified operation.

Viewing MSE Alarms

To view a list of Prime Infrastructure alarms, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the applicable mobility service.

Step 3 From the left sidebar menu, choose System > Status > Prime Infrastructure Alarms .

Out-of-Sync Alarms

Out-of-sync alarms are of Minor severity (yellow) and are raised in response to the following conditions:

• Elements have been modified in Prime Infrastructure (the auto-sync policy pushes these elements).
• Elements have been modified in the MSE.
• Elements except controllers exist in the MSE database but not in Prime Infrastructure.
• Elements have not been assigned to any MSE (the auto-sync policy does not apply).

Out-of-sync alarms are cleared when the following occurs:

• The MSE is deleted

When you delete an MSE, the out-of-sync alarms for that system is also deleted. In addition, if you delete the last available MSE, the alarms for “elements not assigned to any server” are also deleted.

• Elements are synchronized manually or automatically
• User manually clears the alarms (although the alarms might reappear the future when the scheduled task is next executed)

By default, out-of-sync alarms are enabled. You can disable them in Prime Infrastructure by choosing Administration > System Settings > Alarms and Events > Scheduled Tasks , clicking Mobility Service Synchronization , unselecting the Auto Synchronization check box, and clicking Submit .

Viewing MSE Events

To view a list of Prime Infrastructure events, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the applicable mobility service.

Step 3 From the left sidebar menu, choose System > Status > Prime Infrastructure Events .

Viewing MSE NMSP Connection Status

The NMSP Connection Status page allows you to verify the NMSP connection between the MSE and the Cisco controller to which the MSE is assigned.

Network Mobility Services Protocol (NMSP) is the protocol that manages communication between the mobility service and the controller.

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the applicable mobility service.

Step 3 From the left sidebar menu, choose System > Status > NMSP Connection Status .

The NMSP Connection Status page shows the following information:

• Summary—The Summary section shows each device type, the total number of connections, and the number of inactive connections.
• NMSP Connection Status—This group box shows the following:

– IP address—Click the device IP address to view NMSP connection status details for this device. See the Viewing NMSP Connection Status Details for additional information.

– Target Type—Indicates the device to which the NMSP connection is intended.

– Version—Indicates the current software version for the device.

– NMSP Status—Indicates whether the connection is active or inactive.

– Echo Request Count—Indicates the number of echo requests that were sent.

– Echo Response Count—Indicates the number of echo responses that were received.

– Last Message Received—Indicates the date and time of the most recent message received.

Step 4 Verify that the NMSP Status is ACTIVE.

• If active, you can view details on wired switches, controllers, and wired clients.
• If not active, resynchronize Prime Infrastructure device and the MSE.

You can launch an NMSP troubleshooting tool for an inactive connection.

Viewing NMSP Connection Status Details

To view NMSP Connection Status details, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the applicable mobility service.

Step 3 From the left sidebar menu, choose System > Status > NMSP Connection Status .

Step 4 Click the device IP address to open the NMSP Connection Status Details page. The Details page shows the following information:

• Summary

– IP Address

– Version—The current software version for the device.

– Target Type—The device to which the NMSP connection is intended.

– NMSP Status—Indicates whether the connection is active or inactive.

– Echo Request Count—The number of echo requests that were sent.

– Echo Response Count—The number of echo responses that were received.

– Last Activity Time—The date and time of the most recent message activity between the device and the MSE.

– Last Echo Request Message Received At—The date and time the last echo request was received.

– Last Echo Response Message Received At—The date and time the last echo response was received.

– Model—The device model.

– MAC Address—The MAC address of the device, if applicable.

– Capable NMSP Services—Indicates the NMSP-capable services for this device such as ATTACHMENT or LOCATION.

• Subscribed Services—Indicates subservices for each subscribed NMSP service. For example, MOBILE_STATION_ATTACHMENT is a subservice of ATTACHMENT.
• Messages

– Message Type—Message types might include: ATTACHMENT_NOTIFICATION, ATTACHMENT_REQUEST, ATTACHMENT_RESPONSE, CAPABILITY_NOTIFICATION, ECHO_REQUEST, ECHO_RESPONSE, LOCATION_NOTIFICATION, LOCATION_REQUEST, SERVICE_SUBSCRIBE_REQUEST, SERVICE_SUBSCRIBE_RESPONSE.

– In/Out—Indicates whether the message was an incoming or outgoing message.

– Count—Indicates the number of incoming or outgoing messages.

– Last Activity Time—The date and time of the most recent activity or message.

– Bytes—Size of the message in Bytes.

Editing MSE Backup Parameters

To view or edit mobility service backup parameters, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the mobility service whose properties you want to edit.

Step 3 From the left sidebar menu, choose Maintenance > Backup .

• Backups located at—Indicates the location of the backup file.
• Enter a name for the Backup—Enter or edit the name of the backup file.
• Timeout (in secs)—Indicates the length of time (in seconds) before attempts to back up files times out.

Backing Up MSE Historical Data

Prime Infrastructure contains functionality for backing up MSE data.

Step 1 Choose Services > Mobility Services > Mobility Services Engines.

Step 2 Click the name of the MSE that you want to back up.

Step 3 From the left sidebar menu, choose Maintenance > Backup .

Step 4 Enter the name of the backup.

Step 5 Enter the time in seconds after which the backup times out.

Step 6 Click Submit to back up the historical data to the hard drive of the server running Prime Infrastructure.

Status of the backup can be seen on the page while the backup is in process. Three items are displayed on the page during the backup process: (1) Last Status field provides messages noting the status of the backup; (2) Progress field shows what percentage of the backup is complete; and (3) Started at field shows when the backup began noting date and time.

You can run the backup process in the background while working on other MSE operations in another Prime Infrastructure page.

Backups are stored in the FTP directory that you specify during the Prime Infrastructure installation. However, in the Prime Infrastructure installation, the FTP directory is not specified. It might be necessary to provide the full path of the FTP root.

Restoring MSE Historical Data

To restore a file back into the mobility service, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the mobility service whose properties you want to edit.

Step 3 From the left sidebar menu, choose Maintenance > Restore .

Step 4 Choose the file to restore from the drop-down list.

Step 5 Select the Delete synchronized service assignments check box if you want to permanently remove all service assignments from the MSE.

This option is applicable for network designs, wired switches, controllers and event definitions. The existing location history data is retained, however you must use manual service assignments to perform any future location calculations.

Step 6 Click Submit to start the restoration process.

Step 7 Click OK to confirm that you want to restore the data from the Prime Infrastructure server hard drive.

When the restoration is complete, Prime Infrastructure shows a message to that effect.

You can run the restore process in the background while working on other MSE operations in another Prime Infrastructure page.

Downloading Software to MSEs

To download software to an MSE using Prime Infrastructure, follow these steps:

Step 1 Verify that you can ping the location appliance from Prime Infrastructure or an external FTP server, whichever you are going to use for the application code download.

Step 2 Choose Services > Mobility Services > Mobility Services Engines .

Step 3 Click the name of the MSE to which you want to download software.

Step 4 On the left sidebar menu, choose Maintenance .

Step 5 Click Download Software and do one of the following:

• To download software listed in Prime Infrastructure directory, select the Select from uploaded images to transfer into the Server check box. Then, choose a binary image from the drop-down list.

Prime Infrastructure downloads the binary images listed in the drop-down list into the FTP server directory you specified during the Prime Infrastructure installation.

In the Prime Infrastructure installation, FTP directory is not specified. It might be necessary to give the full path of the FTP root.

• To use downloaded software available locally or over the network, select the Browse a new software image to transfer into the Server check box and click Browse . Locate the file and click Open .

Step 6 Enter the time, in seconds (between 1 and 1800), after which the software download times out.

Step 7 Click Download to send the software to the /opt/installers directory on the MSE.

Configuring Partner Systems for MSEs

The System > Partner Systems page enables you to do MSE-Qualcomm PDS configuration. This configuration is aimed at providing better navigation capability for the mobile devices. The Partner Discovery Server (PDS) generates encrypted assistance data using the floor plan and AP data which is provided by the MSE. The PDS converts this information into an optimized format that will be used by Qualcomm smart phones.

Configuring Qualcomm PDS for MSE

To configure Qualcomm PDS for MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the mobility services.

Step 3 From the left sidebar menu, choose System > Partner Systems .

The Qualcomm PDS Configuration for MSE page appears.

Step 4 If you want o enable MSE-Qualcomm communication, then select the Enable Qualcomm check box.

Step 5 In the Qualcomm PDS Endpoint text box, enter the Qualcomm PDS server URL. This is the URL of the PDS from where you can fetch data assistance. The default URL is http://207.114.133.174:8000/AssistanceDataMgr/AssistanceDataMgrSOAP?wsdl .

Step 6 In the MSE URL to request assistance data text box, enter the MSE URL. This is the URL at which the MSE is accessible by the devices at the venue.

Step 7 In the Cisco Mobile Concierge SSID text box, enter the Mobile Concierge SSID information of the venue to which mobile clients should connect. The Qualcomm smart phones will associate this SSID and communicate with MSE.

Step 8 Enter the venue description in the Venue Description text box.

Step 9 Enter refresh time period for assistance data for MSE in the Refresh time period for assistance data on MSE text box.

Step 10 Enter refresh time period for assistance data for mobile clients in the Refresh time period for assistance data on mobile clients text box.

Step 11 Select the Include Copyright Information check box if the messages/assistance data sent to Qualcomm PDS server and mobile clients should be copyrighted.

Step 12 In the Copyright Owner text box, enter the copyright owner information that has to be included.

Step 13 Enter the copyright year to be included in the Copyright Year text box.

Step 14 Click Save to save the configuration and Cancel to go back.

MSE-Qualcomm Configuration

The MSE-Qualcomm configuration involves the following steps:

• Generate Map Extraction Tool (MET) output from CAD file.
• Input MET Output into Prime Infrastructure
• Addition of GPS Markers
• Synchronize the Floor to MSE
• Provide Qualcomm QUIPS/PDS and Copyright Information
• On MSE, perform F2 Interface request to Qualcomm PDS server

Qualcomm’s MET is an application that allows you to customize and select various layers from a map file (DXF file) and generates a zip file containing:

• Image file (.PNG format) to be used as floor map on Prime Infrastructure.
• Span.xml file that contains the dimensions of the floor (horizontal and vertical) in meters.
• Qualcomm specific map XML file containing geometric feature information related to walls, doors, points of interest, and so on.

Note MET application is independent of Prime Infrastructure and MSE and can reside an any host machine. Only the output of MET is used as MAP related input information on Prime Infrastructure.

Step 1 Start Qualcomm MET tool by following the steps in ReadMe.txt within the MET Tool folder.

Step 2 Input the DXF File in the Map Extraction Tool.

Step 3 Select necessary layers from the left sidebar menu.

Step 4 Save the output of Map Extraction Tool to desired location on the Map Extraction Tool user interface.

Managing Cisco Adaptive wIPS Service Parameters

The wIPS Service page allows you to view or manage wIPS service administrative settings.

Note Cisco Adaptive wIPS functionality is not supported for non-root partition users.

To view or manage wIPS service administration settings, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Choose the device name of the applicable MSE.

Step 3 From the left sidebar menu, choose wIPS Service .

Step 4 View or edit the following parameters:

• Log level—Choose the applicable log level from the drop-down list. Log levels include Debug, Error, Important Event, Major Debug, None, and Warning.
• Forensic size limit (GB)—Enter the maximum allowable size of forensic files.
• Alarm ageout (hours)—Enter the age limit, in hours, for each alarm.
• Device ageout (days)—Enter the age limit, in days, for the device to send alarms.

Step 5 Click Save to confirm the changes or Cancel to close the page with no changes applied.

Viewing Contextual Information

Before you can use Prime Infrastructure to view contextual information, initial configuration for the MSE is required using a command-line interface (CLI) console session. See the Cisco 3355 Mobility Services Engine Getting Started Guide and the Cisco 3100 MSE Getting Started Guide at the following URL: http://www.cisco.com/en/US/products/ps9742/tsd_products_support_series_home.html .

After its installation and initial configuration are complete, the MSE can communicate with multiple Cisco wireless LAN controllers to collect operator-defined contextual information. You can then use the associated Prime Infrastructure to communicate with each MSE to transfer and display selected data.

You can configure the MSE to collect data for clients, rogue access points, rogue clients, mobile stations, interferers, and active RFID asset tags.

Licensing for Clients and Tags

You must purchase licenses from Cisco to retrieve contextual information on tags and clients from access points.

• Licenses for tags and clients are offered separately.
• The clients license also contains tracking of rogue clients and rogue access points, and interferers (if enabled).
• Licenses for tags and clients are offered in a variety of quantities, ranging from 1,000 to 12,000 units.

The AeroScout Context-Aware Engine for Tags support 100 permanent tag licenses; Context-Aware Services consists of permanent tag licenses.

Note See the Release Notes for Cisco 3300 Series Mobility Services Engine for Software Release 6.0 at the following URL:
http://www.cisco.com/en/US/products/ps9742/tsd_products_support_series_home.html for more information on tags and client licenses.

Context-Aware Service General Parameters

To access the Context Aware Service > General page, choose Services > Mobility Services > Mobility Services Engines> General from the left sidebar menu. This page provides the following information:

• Version
• Operational Status
• Number of Tracked Wireless Clients
• Number of Traced Tags
• Number of Tracked Rogue APs
• Number of Tracked Rogue Clients
• Number of Tracked Interferers
• Number of Tracked Wired Clients
• Total Elements Tracked
• Tracked Elements (Wireless Clients, Rogue APs, Rogue Clients, Interferers, and Wired Clients) Limit
• Tracked Tags Limit

Clients represent a snapshot of client count every 15 minutes. Peak Clients is the peak count during that15-minute time period. For example, in a 15-minute time period, the client count varies from 100 to 300. When Prime Infrastructure polls MSE, MSE returns the client count as the count at that exact time, which could be any number between 100 to 300, and the Peak Client Count as 300.

Modifying Tracking Parameters for Mobility Services

The MSE can track up to 25,000 clients or up to 25,000 tags (with the proper license purchase). Updates on the locations of elements being tracked are provided to the MSE from the Cisco wireless LAN controller.

Only those elements designated for tracking by the controller are viewable in Prime Infrastructure maps, queries, and reports. No events and alarms are collected for non-tracked elements and none are used in calculating the 25,000 element limit for clients or tags.

You can modify the following tracking parameters using Prime Infrastructure:

• Enable and disable element locations (client stations, active asset tags, interferers, wired clients, rogue clients, and rogue access points) you actively track.

– Wired client location tracking enables servers in a data center to more easily find wired clients in the network. Servers are associated with wired switch ports in the network.

• Set limits on how many of specific elements you want to track.

For example, given a client license of 12,000 trackable units, you can set a limit to track only 8,000 client stations (leaving 4,000 units available to track rogue clients and rogue access points). Once the tracking limit is met for a given element, the number of elements not being tracked is summarized in the Tracking Parameters page.

• Disable tracking and reporting of ad hoc rogue clients and access points.

To configure tracking parameters for an MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines to open the Mobility Services page.

Step 2 Click the name of the MSE whose properties you want to edit. The General Properties page appears.

Step 3 Choose Context-Aware Software > Tracking Parameters from the Administration subheading to display the configuration options.

Step 4 Modify the following tracking parameters as appropriate (see Table 42-5 ).

Table 42-5 Tracking Parameters

Field	Configuration Options
Tracking Parameters
Wired Clients	1. Select the Enable check box to enable tracking of client stations by the MSE. In 7.0, the client license encompasses all network location service elements and is shared among wireless clients, wired clients, rogue clients, access points, and interferers. The wired client limiting is supported from MSE 7.0 and Prime Infrastructure 1.0. In other words, you can limit wired clients to a fixed number, say 500. This limit is set to ensure that the licenses are not taken up completely by wired clients and some licenses are available for other devices. Caution When upgrading the MSE from 6.0 to 7.0, if any limits have been set on wireless clients or rogues, they reset because of the wired client limit change in 7.0. Note Active Value (Display only): Indicates the number of wired client stations currently being tracked. Note Not Tracked (Display only): Indicates the number of wired client stations beyond the limit.
Wireless Clients	1. Select the Enable check box to enable tracking of client stations by the MSE. 2. Select the Enable Limiting check box to set a limit on the number of client stations to track. 3. Enter a Limit Value, if limiting is enabled. The limit entered can be any positive value up to 25,000 which is the maximum number of clients that can be tracked by an MSE. Note The actual number of tracked clients is determined by the license purchased. Note Active Value (Display only): Indicates the number of client stations currently being tracked. Note Not Tracked (Display only): Indicates the number of client stations beyond the limit.
Rogue Access Points	1. Select the Enable check box to enable tracking of rogue clients and asset points by the MSE. 2. Select the Enable Limiting check box to set a limit on the number of rogue clients and asset tags stations to track. 3. Enter a Limit Value, if limiting is enabled. The limit entered can be any positive value up to 25,000 which is the maximum number of rogue clients and access points that can be tracked by an MSE. Note The actual number of tracked rogues (clients and access points) is driven by the client license purchased. The user must consider the number of clients that are being tracked in determining the available quantity to allocate to track rogue clients and access points because clients and rogue clients and access points are addressed by the same license. Note Active Value (Display only): Indicates the number of rogue clients and access points currently being tracked. Note Not Tracked (Display only): Indicates the number of rogue clients and access points beyond the limit.
Exclude Ad-Hoc Rogues	Select the check box to turn off the tracking and reporting of ad hoc rogues in the network. As a result, ad hoc rogues are not displayed on Prime Infrastructure maps or its events and alarms reported.
Rogue Clients	1. Select the Enable check box to enable tracking of rogue clients by the MSE. 2. Select the Enable Limiting check box to set a limit on the number of rogue clients to track. 3. Enter a Limit Value, if limiting is enabled. The limit entered can be any positive value up to 25,000 which is the maximum number of rogue clients that can be tracked by an MSE. Note The actual number of tracked rogues (clients and access points) is driven by the client license purchased. The user must consider the number of clients that are being tracked in determining the available quantity to allocate to track rogue clients and access points because clients and rogue clients and access points are addressed by the same license. Note Active Value (Display only): Indicates the number of rogue clients being tracked. Note Not Tracked (Display only): Indicates the number of rogue clients beyond the limit.
Interferers	1. Select the Enable check box to enable tracking of the interferers by the MSE. In 7.0, the client license encompasses all network location service elements and is shared among wireless clients, wired clients, rogue clients, access points, and interferers. Note Active Value (Display only): Indicates the number of interferers currently being tracked. Note Not Tracked (Display only): Indicates the number of interferers beyond the limit.
Asset Tracking Elements
Active RFID Tags	1. Select the Enable check box to enable tracking of active RFID tags by the MSE. Note The actual number of tracked active RFID tags is determined by the license purchased. Note Active Value (Display only): Indicates the number of active RFID tags currently being tracked. It also depends on the tag engine chosen. Note Not Tracked (Display only): Indicates the number of active RFID tags beyond the limit.
SNMP Parameters Not applicable to mobility services 7.0.105.0 and later.
SNMP Retry Count	Enter the number of times to retry a polling cycle the default value is 3. Allowed values are from 1 to 99999. (Configurable in controller Release 4.1 and earlier only.)
SNMP Timeout	Enter the number of seconds before a polling cycle times out, the default value is 5. Allowed values are from 1 to 99999. (Configurable in controller Release 4.1 and earlier only.)
SNMP Polling Interval
Client Stations	Select the Enable check box to enable client station polling and enter the polling interval in seconds. Default value is 300. Allowed values are from 1 to 99999. (Configurable in controller Release 4.1 and earlier only.)
Active RFID Tags	Select the Enable check box to enable active RFID tag polling and enter the polling interval in seconds. Allowed values are from 1 to 99999. Note Before the mobility service can collect asset tag data from controllers, you must enable the detection of active RFID tags using the config rfid status enable CLI command on the controllers.
Rogue Clients and Access Points	Select the Enable check box to enable rogue access point polling and enter the polling interval in seconds. Default value is 600. Allowed values are from 1 to 99999.(Configurable in controller Release 4.1 and earlier only.)
Statistics	Select the Enable check box to enable statistics polling for the mobility service, and enter the polling interval in seconds. Default value is 900. Allowed values are from 1 to 99999.(Configurable in controller Release 4.1 and earlier only.)

Step 5 Click Save to store the new settings in the MSE database.

Filtering Parameters for Mobility Services

You can limit the number of asset tags, wired clients, rogue clients, interferers and access points whose location is tracked by filtering on the following:

• MAC addresses

Specific MAC addresses can be entered and labeled as allowed or disallowed from location tracking. You can import a file with the MAC addresses that are to be allowed or disallowed, or you can enter them individually in the Prime Infrastructure GUI page.

The format for entering MAC addresses is xx:xx:xx:xx:xx:xx. If a file of MAC addresses is imported, the file must follow a specific format as follows:

– Each MAC address should be listed on a single line.

– Allowed MAC addresses must be listed first and preceded by an “[Allowed]” line item. Disallowed MAC addresses must be preceded by “[Disallowed].”

– Wildcard listings can be used to represent a range of MAC addresses. For example, the first entry “00:11:22:33:*” in the Allowed listing that follows is a wildcard.

Note Allowed MAC address formats are viewable in the Filtering Parameters configuration page. See Table 42-6 for details.

EXAMPLE file listing:

[Allowed]
00:11:22:33:*
22:cd:34:ae:56:45
02:23:23:34:*
[Disallowed]
00:10:*
ae:bc:de:ea:45:23

• Probing clients

Probing clients are clients that are associated to another controller but whose probing activity causes them to be seen by another controller and be counted as an element by the “probed” controller as well as its primary controller.

Modifying Filtering Parameters

To configure filtering parameters for an MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines . The Mobility Services page appears.

Step 2 Click the name of the MSE whose properties you want to edit. The General Properties page appears.

Step 3 From the Context-Aware Software menu, choose Filtering Parameters from the Administration subheading to display the configuration options.

Step 4 Modify the following filtering parameters as appropriate (see Table 42-6 ).

Step 5 Click Save to store the new settings in the MSE database.

Modifying History Parameters for Mobility Services

You can use Prime Infrastructure to specify how long to store (archive) histories on client stations, rogue clients, and asset tags. These histories are received from those controllers that are associated with the mobility service.

You can also program the mobility service to periodically remove (prune) duplicate data from its historical files to reduce the amount of data stored on its hard drive.

To configure mobility service history settings, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the mobility service whose properties you want to edit.

Step 3 From the left sidebar menu, choose Context Aware Service > History Parameters .

Step 4 Modify the following history parameters as appropriate (see Table 42-7 ).

:

Table 42-7 History Parameters

Field	Description
Archive for	Enter the number of days for the location appliance to retain a history of each enabled category. The default value is 30. Allowed values are from 1 to 99999.
Prune data starting at	Enter the number of hours and minutes at which the location appliance starts data pruning (between 0 and 23 hours, and between 1 and 59 minutes). Enter the interval, in minutes, after which data pruning starts again (between 0, which means never, and 99900000). The default start time is 23 hours and 50 minutes, and the default interval is 1440 minutes.
Enable History Logging of Location Transitions for	To enable history logging of Location transitions, choose one or more of the following: Client Stations Wired Stations Asset Tags Rogue Clients Rogue Access Points Interferers Note Before the mobility service can collect asset tag data from controllers, you must enable the detection of RFID tags using the config rfid status enable CLI command.

Step 5 Click Save to store your selections in the location appliance database.

Enabling Location Presence for Mobility Services

You can enable location presence on the MSE to provide expanded Civic (city, state, postal code, country) and GEO (longitude, latitude) location information beyond the Cisco default setting (campus, building, floor, and X, Y coordinates). This information can then be requested by wireless and wired clients on a demand basis for use by location-based services and applications.

You can also import advanced location information such as the MAC address of a wired client and the wired switch slot and port to which the wired client is attached.

Location Presence can be configured when a new Campus, Building, Floor or Outdoor Area is being added or configured at a later date.

Once enabled, the MSE is capable of providing any requesting Cisco CX v5 client its location.

Note Before enabling this feature, synchronize the MSE.

To enable and configure location presence on an MSE, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Select the MSE to which the campus or building or floor is assigned.

Step 3 From the left sidebar menu, choose Context Aware Services > Administration > Presence Parameters .

Step 4 Select the Service Type On Demand check box to enable location presence for Cisco CX clients v5.

Step 5 Select one of the following Location Resolution options:

a. When Building is selected, the MSE can provide any requesting client, its location by building.

– For example, if a client requests its location and the client is located in Building A, the MSE returns the client address as Building A .

b. When AP is selected, the MSE can provide any requesting client, its location by its associated access point. The MAC address of the access point appears .

– For example, if a client requests its location and the client is associated with an access point with a MAC address of 3034:00hh:0adg, the MSE returns the client address of 3034:00hh:0adg .

c. When X,Y is selected, the MSE can provide any requesting client, its location by its X and Y coordinates.

– For example, if a client requests its location and the client is located at (50, 200) the MSE returns the client address of 50, 200.

Step 6 Select any or all of the location formats:

a. Select the Cisco check box to provide location by campus, building and floor and X and Y coordinates. Default setting.

b. Select the Civic check box to provide the name and address (street, city, state, postal code, country) of a campus, building, floor, or outdoor area.

c. Select the GEO check box to provide the longitude and latitude coordinates.

Step 7 By default, the Location Response Encoding check box is selected. It indicates the format of the information when received by the client. There is no need to change this setting.

Step 8 Select the Retransmission Rule check box to allow the receiving client to retransmit the received information to another party.

Step 9 Enter a Retention Expiration value in minutes. This determines how long the received information is stored by the client before it is overwritten. The default value is 24 hours (1440 minutes).

Step 10 Click Save .

Importing Asset Information for Mobility Services

To import asset, chokepoint, and TDOA receiver information for the MSE using Prime Infrastructure, follow these steps:

Step 1 Choose Services > Mobility Services .

Step 2 Click the name of the MSE for which you want to import information.

Step 3 Choose Context Aware Service > Administration > Import Asset Information .

Step 4 Enter the name of the text file or browse for the filename.

Specify information in the imported file in the following formats:

• tag format: #tag, 00:00:00:00:00:00, categoryname, groupname, assetname
• station format: #station, 00:00:00:00:00:00, categoryname, groupname, assetname

Step 5 When the import filename is located in the Browse text box, click Import .

Exporting Asset Information for Mobility Services

To export asset, chokepoint, and TDOA receiver information from the MSE to a file using Prime Infrastructure, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines.

Step 2 Click the name of the MSE from which you want the export information.

Step 3 Choose Context Aware Service > Administration > Export Asset Information .

Information in the exported file is in the following formats:

• tag format: #tag, 00:00:00:00:00:00, categoryname, groupname, assetname
• station format: #station, 00:00:00:00:00:00, categoryname, groupname, assetname

Step 4 Click Export.

Click Open (display to screen), Save (to external PC or server), or Cancel (to cancel the request).

If you select Save , you are asked to select the asset file destination and name. The file is named assets.out by default. Click Close in the dialog box when the download is complete.

Importing Civic Information for Mobility Services

To import civic information for the MSE using Prime Infrastructure, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines.

Step 2 Click the name of the MSE for which you want to import asset information.

Step 3 From the left sidebar menu, choose Context Aware Software .

Step 4 From the Administration left sidebar menu, choose Import Civic Information .

Step 5 Enter the name of the text file or browse for the filename.

Information in the imported file should be one of the following formats:

Switch IP Address, Slot Number, Port Number, Extended Parent Civic Address, X, Y, Floor ID, Building ID, Network Design ID, ELIN:”ELIN”, PIDF-Lo-Tag:”Civic Address Element Value”

Each entry must appear on a separate line.

Step 6 Click Import .

Context-Aware Service Wired Parameters

This section describes the Context Aware Service > Wired drop-down list parameters.

Monitoring Wired Switches

You can review details on the wired switch (IP address, MAC address, serial number, software version, and ELIN), its port, its wired clients (count and status), and its civic information.

Wired switch data is downloaded to the MSE through Prime Infrastructure when the Ethernet switch and the MSE are synchronized (Services > Synchronize Services > Switches). Communication between a location-capable switch and the MSE is over NMSP. Prime Infrastructure and the MSE communicate over XML.

To view details on wired switches, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the device name link of the appropriate wired location switch.

Step 3 Choose Context Aware Service > Wired > Wired Switches . A summary of wired switches that are synchronized with the MSE appears.

Step 4 See the Wired Switch Details for more information on the switch, its port, its wired clients (count and status), and its civic information click the IP address link.

Wired Switch Details

To view wired switch details, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the device name link of the appropriate MSE.

Step 3 Choose Context Aware Service > Wired > Wired Switches . A summary of wired switches that are synchronized with the MSE appears.

Step 4 Click the IP address link for the applicable wired switch. The Wired Switch Details page appears.

The Wired Switch Details page has four tabs: Switch Information, Switch Ports, Civic, and Advanced.

You can export civic information from the switch by choosing that option from the Select a command drop-down list. This option is available in all four dashlets of the Wired Switches page.

The Wired Switch Details tabs shows the following information:

• Switch Information—Displays a total count summary of wired clients connected to the switch along with the state of the client (connected, disconnected, and unknown).

– Connected clients—Clients that are connected to the wired switch.

– Disconnected clients—Clients that are disconnected from the wired switch.

– Unknown clients—Clients are marked as unknown when the NMSP connection to the wired switch is lost.

You can view detailed wired client information by clicking in one of the client count links (total clients, connected, disconnected, and unknown). See the “Monitoring Wired Clients” section section for more information.

• Switch Ports—Displays a detailed list of the ports on the switch.

You can change the listing order (ascending, descending) of port IP addresses, slot numbers, module number, port type, and port number by clicking in the respective column heading.

• Civic—Displays a detailed list of the civic information for the wired switch.
• Advanced—Displays a detailed list of the additional civic information for the wired switch.

Monitoring Wired Clients

You can view details on a wired client (MAC address, IP address, username, serial number, UDI, model no., software version, VLAN ID, and VLAN ID), port association, and its civic information.

Wired client data is downloaded to the MSE through Prime Infrastructure when the switch and the MSE are synchronized (Services > Synchronize Services > Switches).

Prime Infrastructure and the MSE communicate over XML.

You can view the details of the wired client on either the wired switches page (Context Aware Service > Wired > Wired Switches) or wired clients page (Context Aware Service > Wired > Wired Clients).

• If you know the IP address, MAC address, VLAN ID, serial number, or username, you can use the search field on the wired clients page.
• If you want to examine wired clients as they relates to a specific switch, you can view that information on the wired switches page. See the Monitoring Wired Switches section for more information.

To view details on a wired client, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the device name link of the appropriate MSE.

Step 3 Choose Context Aware Service > Wired > Wired Clients .

In the Wired Clients summary page, clients are grouped by their switch.

A client status is noted as connected, disconnected, or unknown:

• Connected clients—Clients that are active and connected to a wired switch.
• Disconnected clients—Clients that are disconnected from the wired switch.
• Unknown clients—Clients that are marked as unknown when the NMSP connection to the wired switch is lost. See the Viewing MSE NMSP Connection Status for more information about NMSP connections.

If you know the MAC address of the wired client, you can click that link to reach the detail page of the client or use the search field. See the Wired Client Details for more information on wired client details.

• You can also search for a wired client by its IP address, username, or VLAN ID.

If you click the IP address of the switch, you are forwarded to the detail page of the switch. See the Monitoring Wired Switches section for more information.

Step 4 Click the MAC Address for the applicable client to view wired client details. See the Wired Client Details for more information on wired client details.

Wired Client Details

To view wired client details, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the device name link of the appropriate MSE.

Step 3 Choose Context Aware Service > Wired > Wired Clients . A summary of wired clients that are synchronized with the MSE appears.

Step 4 Click the MAC address link for the applicable wired client. The Wired Client Details page appears.

The Wired Client Details page has four tabs: Device Information, Port Association, Civic Address, and Advanced.

The Wired Switch Details tabs show the following information:

• Device Information—Display MAC and IP address, username, serial and model number, UDI, software version, VLAN ID, and VLAN name.
• Port Association—Displays the physical location of the switch port/slot/module on which the wired client terminates, the client status (connected, disconnected, unknown), and the switch IP address.
• Civic Address—Displays any civic address information.
• Advanced—Displays extended physical address details for the wired clients, if applicable.

A client takes on the civic address and advanced location information that is configured for the port on which the client terminates. If no civic and advanced information is defined for the its port (port/slot/module) then no location data is displayed.

Context-Aware Service Advanced Parameters

Modifying Northbound Notifications

Northbound notifications define which tag notifications the MSE sends to third-party applications.

To configure northbound parameters, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines.

Step 2 Click the name of the MSE you want to configure.

Step 3 Choose Context Aware Service > Advanced > Notification Parameters to display the configuration options.

Step 4 Select the Enable Northbound Notifications check box to enable the function.

Step 5 Select the Notification Contents check box to send notifications to third-party applications (northbound).

Step 6 Select one or more of the Notification Contents check boxes.

Step 7 Select the Notification Triggers check box.

Step 8 Select one or more of the Notification Triggers check boxes

Step 9 Enter the IP address or hostname and port for the system that is to receive the northbound notifications.

Step 10 Choose the transport type from the drop-down list.

Step 11 Select the HTTPS check box if you want to use HTTPS protocol for secure access to the destination system.

Step 12 To modify the notification parameter settings, enter the new value in the appropriate text box in the Advanced tab of this page. See Table 42-10 .

Step 13 Click Save .

Modifying Location Parameters for Mobility Services

You can use Prime Infrastructure to specify whether the mobility service retains its calculation times and how soon the mobility service deletes its collected Received Signal Strength Indicator (RSSI) measurement times. You can also apply varying smoothing rates to manage location movement of an element.

To configure location parameters, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the mobility service whose properties you want to edit.

Step 3 From the left sidebar menu, choose Context Aware Service > Location Parameters .

Step 4 Modify the location parameters as appropriate (see Table 42-9 ).

Table 42-9 Location Parameters

Field	Description
General
Enable Calculation Time	Select the check box to enable the calculation of the time required to compute location. Caution Enable only under Cisco TAC personnel guidance because enabling this field slows down overall location calculations.
Enable OW Location	Select the check box to enable Outer Wall (OW) calculation as part of location calculation. Note The OW Location parameter is ignored by the location server.
Relative discard RSSI time	Enter the number of minutes since the most recent RSSI sample after which RSSI measurement should be considered stale and discarded. Default value is 3. Allowed values range from 0 to 99999. A value of less than 3 is not recommended.
Absolute discard RSSI time	Enter the number of minutes after which RSSI measurement should be considered stale and discarded, regardless of the most recent sample. Default value is 60. Allowed values range from 0 to 99999. A value of less than 60 is not recommended.
RSSI Cutoff	Enter the RSSI cutoff value, in decibels (dBs) with respect to one (1) mW (dBm), preceding which the mobility service always use the access point measurement. Default value is -75. Note When 3 or more measurements are available preceding the RSSI cutoff value, the mobility service discards any weaker values and use the 3 (or more) strongest measurements for calculation; however, when only weak measurements following the RSSI cutoff value are available, those values are used for calculation. Caution Modify only under Cisco TAC personnel guidance. Modifying this value can reduce the accuracy of location calculation.
Enable Location Filtering	If enabled, the location filter is applied only for client location calculation. Enabling location filter allows previous location estimates to be used in estimating current location. This reduces location jitter for stationary clients and improve tracking for mobile clients.
Chokepoint Usage	Select the check box to enable the usage of chokepoint proximity to determine location. Applies to Cisco-compatible Tags capable of reporting chokepoint proximity.
Use Chokepoints for Interfloor conflicts	Allows the use of chokepoints to determine the correct floor during Interfloor conflicts. Choose Never, Always, or Floor Ambiguity.
Chokepoint Out of Range Timeout	After a Cisco-compatible Tag leaves a chokepoint proximity range, this is the timeout (in seconds) after which RSSI information is used again to determine location.
Absent Data Cleanup Interval	Enter the interval period (in minutes) for removing inactive elements from the database.
Use Default Heatmaps for Non Cisco Antennas	Select this check box to enable the usage of default heatmaps for non-Cisco antennas during the Location Calculation. This option is disabled by default.
Movement Detection
Individual RSSI change threshold	This field specifies the Individual RSSI movement recalculation trigger threshold. Enter a threshold value between 0-127 dBm. Do not modify without Cisco TAC guidance.
Aggregated RSSI change threshold	This field specifies the Aggregated RSSI movement recalculation trigger threshold. Enter a threshold value between 0-127 dBm. It should not be modified without Cisco TAC guidance.
Many new RSSI change percentage threshold	This field specifies Many new RSSI movement recalculation trigger threshold in percentage. It should not be modified without Cisco TAC guidance.
Many missing RSSI percentage threshold	This field specifies Many missing RSSI movement recalculation trigger threshold in percentage. It should not be modified without Cisco TAC guidance.

Step 5 Click Save to store your selections in Prime Infrastructure and mobility service databases.

Modifying Notification Parameters for Mobility Services

You can use Prime Infrastructure to configure MSE event notification parameters that define such items as how often the notifications are generated or resent by the MSE.

Modify notification parameters only if you expect the MSE to send a large number of notifications or if notifications are not being received.

You can also enable forwarding of northbound notifications for tags to be sent to third-party applications.

The format of northbound notifications sent by the MSE is available on the Cisco developers support portal at the following URL:

http://www.cisco.com/en/US/products/svcs/ps3034/ps5408/ps5418/serv_home.html

To configure notification parameters, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click the name of the MSE you want to configure.

Step 3 From the Context Aware Software left sidebar menu, choose Notification Parameters from the Advanced sub-heading to display the configuration options.

Step 4 Select the Enable Northbound Notifications check box to enable the function.

Step 5 Select the Notification Contents check box to send notifications to third-party applications (northbound).

Step 6 Select one or more of the Notification content options.

Step 7 Select the Notification Triggers check box.

Step 8 Select one or more of the Notification trigger options.

Step 9 Enter the IP address and port for the system that is to receive the northbound notifications.

Step 10 Choose the transport type from the drop-down list.

Step 11 Select HTTPS if you want to use HTTPS protocol for secure access to the destination system.

Step 12 To modify the notification parameter settings, enter the new value in the appropriate text box in the Advanced tab of the page. Table 42-10 describes each parameter.

Step 13 Click Save .

Viewing Partner Engine Status

To access the Partner Engine Status page, choose Services > Mobility Services > Mobility Services Engines > MSE Name > Context Aware Service > Partner Engine > Status .

If tag licenses are available, then Aeroscout Tag Engine is enabled. Otherwise, Cisco Partner Engine is enabled by default.

If only the evaluation license is available, then the Cisco Partner Engine is enabled by default. The Partner Engine status page shows status based on whether it is a Aeroscout Tag Engine or Cisco Tag Engine.

Note The Aeroscout engine fails to start on MSE if the Prime Infrastructure map names have special characters such as '&'.

Table 42-11 describes the fields in the Tag Engine Status page for the Aeroscout Tag Engine.

If you selected Cisco Tag Engine for Context Aware Service, the Tag Engine Status page displays the following information.

Table 42-12 describes the fields in the Tag Engine Status page for the Cisco Tag Engine.

Viewing MSE Notifications Summary

To view the Notification Summary, choose Services > Mobility Services > Context Aware Notifications > Notification Summary .

The mobility service sends event notifications and does not store them (fire and forget). However, if Prime Infrastructure is a destination of notification events, it stores the notifications it receives and groups them into the following seven categories:

• Absence (Missing)—Generated when the mobility service cannot see the asset in the WLAN for the specified time.
• Location Change Events—Generated when client stations, asset tags, rogue clients, and rogue access points move from their previous location.
• Chokepoint Notifications—Generated when a tag is seen (stimulated) by a chokepoint. This information is only reported and displayed for CCX v.1-compliant tags.
• Battery Level—Generated when a tracked asset tag hits the designated battery level.
• In/Out Area—Generated when an asset is moved inside or outside a designated area.

You define a containment area (campus, building, or floor) in the Maps section of Prime Infrastructure. You can define a coverage area using the Map Editor.

• Movement from Marker—Generated when an asset is moved beyond a specified distance from a designated marker you define on a map.
• Emergency—Generated for a CCX v.1 compliant asset tag when the panic button of the tag is triggered or the tag becomes detached, tampered with, goes inactive or reports an unknown state. This information is only reported and displayed for CCX v.1 compliant tags.

The summary details include the following:

• All Notifications
• Client Stations
• Asset Tags
• Rogue Clients
• Rogue Access Points

To view details for each of the notifications, click the number under the Last Hour, Last 24 Hours, or Total Active column to open the details page for the applicable notification.

Notifications Cleared

A mobility service sends event notifications when it clears an event condition in one of the following scenarios:

• Missing (Absence)—Elements reappear.
• In/Out Area (Containment)—Elements move back in or out of the containment area.
• Distance—Elements move back within the specified distance from a marker.
• Location Changes—Clear state is not applicable to this condition.
• Battery Level—Tags are detected again operating with Normal battery level.
• Emergency
• Chokepoint

In Prime Infrastructure, the Notifications Summary page reflects whether notifications for cleared event conditions have been received.

Viewing and Managing MSE Notifications

To view the Notification Definitions, choose Services > Mobility Services > Context Aware Notifications > Notification Definition . You can add event groups and event definitions to a group in this page. Every groups help you organize your event notifications. An event definition must belong to a particular group.

For more information on adding event groups and event definitions, see “Adding Event Groups” section and “Adding Event Definitions” section.

The Notification Definition page displays the following parameters only after adding event groups and event definitions:

Table 42-14 lists and describes the fields in the Notification Definition page.

Viewing Notification Statistics

You can view the notification statistics for a specific MSE. To view the Notification Statistics for a specific MSE, choose Services > Mobility Services > MSE-name > Context Aware Service > Notification Statistics (where MSE-name is the name of an MSE).

Table 42-14 lists and describes the fields in the Notification statistics page.

Mobile Concierge Service Parameters

Viewing Configured Service Advertisements

To view the configured service advertisements, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click Device Name to view its properties.

Step 3 Choose Mobile Concierge Service > Advertisements from the left sidebar menu.

The following information appears in the Mobile Concierge Service page:

• Icon—Displays an icon associated with the service provider.
• Provide Name—Displays the service providers name.
• Venue Name—Displays the venue name.
• Advertisements

– Friendly Name—Friendly name that is displayed in the handset.

– Advertisement Type—Type of advertisement that is displayed in the handset.

Viewing Mobile Concierge Service Statistics

To view Mobile Concierge service statistics, follow these steps:

Step 1 Choose Services > Mobility Services > Mobility Services Engines .

Step 2 Click Device Name to view its properties.

Step 3 Choose Mobile Concierge service > Statistics from the left sidebar menu.

The following information appears in the Mobile Concierge Service page:

• Top 5 Active Mobile MAC addresses—Displays information of the most active mobiles in a given venue.
• Top 5 Service URIs—Displays information of the usage of the services across a given venue or provider.

Adding Event Groups

To add an event group, follow these steps:

Step 1 Choose Services > Mobility Services > Context Aware Notifications .

Step 2 Choose Notification Definitions from the left sidebar menu.

Step 3 From the Select a command drop-down list, choose Add Event Group .

Step 4 Click Go .

Step 5 Enter the name of the group in the Group Name text box.

Step 6 Click Save .

The new event group appears in the Event Settings page.

Deleting Event Groups

To delete an event group, follow these steps:

Step 1 Choose Services > Mobility Services > Context Aware Notifications .

Step 2 Choose Notification Definitions from the left sidebar menu.

Step 3 Select the check box of the event group you want to delete.

Step 4 From the Select a command drop-down list, choose Delete Event Group(s) .

Step 5 Click Go .

Step 6 Click OK to confirm the deletion.

Step 7 Click Save .

Working with Event Definitions

An event definition contains information about the condition that caused the event, the assets to which the event applies, and the event notification destinations. This section describes how to add, delete, and test event definitions.

Prime Infrastructure enables you to add definitions on a per-group basis. Any new event definition must belong to a particular group.

To add an event definition, follow these steps:

Step 1 Choose Services > Mobility Services > Context Aware Notifications .

Step 2 From the left sidebar menu, choose Notification Definitions .

Step 3 Click the name of the group to which you want to add the event. An event definition summary page appears for the selected event group.

Step 4 From the Select a command drop-down list, choose Add Event Definition .

Step 5 Click Go .

Step 6 Enter the name of the event definition in the Event Definition Name text box.

The event definition name must be unique within the event group.

Step 7 Click Save .

Step 8 On the General tab, manage the following parameters:

• Admin Status—Enable event generation by selecting the Enabled check box (disabled by default).
• Priority—Set the event priority by choosing a number from the drop-down list. Zero is highest.

An event definition with higher priority is serviced before event definitions with lower priority.

• Activate—To continuously report events, choose the All the Time check box. To indicate specific days and times for activation, unselect the All the Time check box and choose the applicable days and From/Until times. Click Save .

Step 9 On the Conditions tab, add one or more conditions. For each condition, specify the rules for triggering event notification. To add a condition, follow these steps:

a. Click Add to open the Add/Edit Condition page.

b. Choose a condition type from the Condition Type drop-down list and configure its associated Trigger If parameters see ( Table 42-15 ).

c. In the Apply To drop-down list, choose the type of asset (Any, Clients, Tags, Rogue APs, Rogue Clients or Interferers) for which an event is generated if the trigger condition is met.

Emergency and chokepoint events are only applicable to tags (CCXv.1 compliant).

d. From the Match By drop-down list, choose the matching criteria (MAC Address, Asset Name, Asset Group, or Asset Category), the operator (Equals or Like), and enter the relevant text for the selected Match By element.

e. Click Add .

Step 10 On the Destination and Transport tab, follow these steps to add one or more destinations to receive event notifications and configure the transport settings:

a. Click Add to open the Add/Edit Destination and Transport page.

b. To add one or more new destinations, click Add New , enter the applicable IP address, and click OK .

The recipient system must have an event listener running to process notifications. By default, when you create an event definition, Prime Infrastructure adds its IP address as the destination.

c. To select a destination to receive notifications, click to highlight one or more IP addresses in the box on the right and click Select to add the IP address(es) to the box on the left.

d. From the Message Format field drop-down list, select XML or Plain Text .

If you select Prime Infrastructure as the destination, you must select XML format.

e. Choose one of the following transport types from the Transport Type drop-down list:

– SOAP—Simple Object Access Protocol. Use SOAP to send notifications over HTTP/HTTPS and to be processed by web services on the destination.

Specify whether to send notifications over HTTPS by selecting its corresponding check box. Enter the destination port number in the Port Number text box.

– Mail—Use this option to send notifications through e-mail.

Choose the protocol for sending the e-mail from the Mail Type drop-down list. Enter the following: username and password (if Authentication is enabled), name of the sender, prefix to add to the subject line, e-mail address of recipient, and a port number if necessary.

– SNMP—Simple Network Management Protocol. Use this option to send notifications to SNMP-capable devices.

If you have selected SNMP version v2c then you are prompted to enter the SNMP community string in the SNMP Community text box and the applicable port number in the Port Number text box.

If you have selected SNMP version v3 then you are prompted to enter the username, security name, choose the authentication type from the drop-down list, enter the authentication password, choose the privacy type from the drop-down list and enter the privacy password.

– SysLog—Specifies the system log on the destination system as the recipient of event notifications.

– Enter the notification priority in the Priority text box, the name of the facility, and the port number on the destination system.

f. Click Add .

Adding Event Definitions

An event definition contains information about the condition that caused the event, the assets to which the event applies, and the event notification destination.

Prime Infrastructure enables you to add definitions for each group. An event definition must belong to a group. See the Cisco Content-Aware Software Configuration Guide for more information on deleting or testing event definitions.

To add an event definition, follow these steps:

Step 1 Choose Services > Mobility Services > Context Aware Notifications .

Step 2 Choose Notification Definitions from the left sidebar menu.

Step 3 Click the name of the group to which you want to add to the event. An event definition summary page appears for the selected event group.

Step 4 From the Select a command drop-down list, choose Add Event Definition , and click Go .

Step 5 On the Conditions tab, add one or more conditions. For each condition you add, specify the rules for triggering event notifications.

Tip For example, to keep track of heart monitors in a hospital, you can add rules to generate event notifications when a heart monitor is missing for one hour, a heart monitor moves off its assigned floor, or a heart monitor enters a specific coverage area within a floor.

To add a condition, follow these steps:

a. Click Add to add a condition that triggers this event.

b. In the Add/Edit Condition dialog box, follow these steps:

1. Choose a condition type from the Condition Type drop-down list.

If you chose Missing from the Condition Type drop-down list, enter the number of minutes after which a missing asset event is generated. For example, if you enter 10 in this text box, the mobility service engine generates a missing asset event if the mobility service engine has not found the asset for more than 10 minutes. Proceed to Step c.

If you chose In/Out from the Condition Type drop-down list, choose Inside of or Outside of , then select Select Area to select the area to monitor for assets going into it or out of it. In the Select dialog box, choose the area to monitor, then click Select . The area to monitor can be an entire campus, building within a campus, a floor in a building, or a coverage area (you can define a coverage area using the map editor). For example, to monitor part of a floor in a building, choose a campus from the Campus drop-down list, choose a building from the Building drop-down list, and choose the area to monitor from the Floor Area drop-down list. Then click Select . Proceed to Step c.

If you chose Distance from the Condition Type drop-down list, enter the distance in feet that triggers an event notification if the monitored asset moves beyond the specified distance from a designated marker, then click Select Marker . In the Select dialog box, choose the campus, building, floor, and marker from the corresponding drop-down list, and click Select . For example, if you add a marker to a floor plan and set the distance in the Trigger. If the text box is set to 60 feet, an event notification is generated if the monitored asset moves more than 60 feet away from the marker. Proceed to Step c.

You can create markers and coverage areas using the Map Editor. When you create marker names, make sure they are unique across the entire system.

If you chose Battery Level from the Condition Type drop-down list, select the check box next to the battery level (low, medium, normal) that triggers an event. Proceed to Step c.

If you chose Location Change from the Condition Type drop-down list, proceed to Step c.

If you chose Emergency from the Condition Type drop-down list, click the button next to the emergency (any, panic button, tampered, detached) that triggers an event. Proceed to Step c.

If you chose Chokepoint from the Condition Type drop-down list, proceed to Step c. There is only one trigger condition, and it is displayed by default. No configuration is required.

c. From the Apply To drop-down list, choose the type of asset (Any, Clients, Tags, Rogue APs, Rogue Clients, or Interferers) for which an event is generated if the trigger condition is met.

If you choose the any option from the Apply to drop-down list, the battery condition is applied to all tags, clients, and rogue access points and rogue clients.

Emergency and chokepoint events apply only to Cisco-compatible extension tags Version 1 (or later).

d. From the Match By drop-down list, choose the matching criteria (MAC Address, Asset Name, Asset Group, or Asset Category), the operator (Equals or Like) from the drop-down list, and enter the relevant text for the selected Match By element.

Some examples of asset matching criteria that you can specify:

– If you choose MAC Address from the Match By drop-down list, choose Equals from the Operator drop-down list, and enter a MAC address (for example, 12:12:12:12:12:12), the event condition applies to the element whose MAC address is 12:12:12:12:12:12 (exact match).

– If you choose MAC Address from the Match By drop-down list, choose Like from the Operator drop-down list, and enter 12:12 , the event condition applies to elements whose MAC address starts with 12:12.

e. Click Add to add the condition you have just defined.

If you are defining a chokepoint, you must select the chokepoint after you add the condition.

To select a chokepoint, do the following:

1. Click Select Chokepoint . An entry page appears.

2. Choose Campus , Building , and Floor from the appropriate drop-down lists.

3. Choose a Chokepoint from the menu that appears.

You are returned to the Add/Edit Condition page, and the location path (Campus > Building > Floor) for the chokepoint auto-populates the text area next to the Select Checkpoint button.

Step 6 On the Destination and Transport tab, follow these steps to add one or more destinations to receive event notifications and to configure the transport settings:

a. To add a new destination, click Add . The Add/Edit Destination configuration page appears.

b. Click Add New .

c. Enter the IP address of the system that receives event notifications, and click OK .

The recipient system must have an event listener running to process notifications. By default, when you create an event definition, Prime Infrastructure adds its IP address as the destination.

d. To select a destination to send event notifications to, highlight one or more IP addresses in the box on the right, and click Select to add the IP addresses to the box on the left.

e. Choose XML or Plain Text to specify the message format.

f. Choose one of the following transport types from the Transport Type drop-down list:

– SOAP—Specifies Simple Object Access Protocol, a simple XML protocol, as the transport type for sending event notifications. Use SOAP to send notifications over HTTP/HTTPS that are processed by web services on the destination.

If you choose SOAP, specify whether to send notifications over HTTPS by selecting its corresponding check box. If you do not, HTTP is used. Also, enter the destination port number in the Port Number text box.

– Mail—Use this option to send notifications through e-mail.

If you choose Mail, you need to choose the protocol for sending the e-mail from the Mail Type drop-down list. You also need to enter the following information: username and password (if Authentication is enabled), name of the sender, prefix to add to the subject line, e-mail address of recipient, and a port number if necessary.

– SNMP—Use Simple Network Management Protocol, a very common technology for network monitoring used to send notifications to SNMP-capable devices.

If you choose SNMP, enter the SNMP community string in the SNMP Community text box and the port number to send notifications to in the Port Number text box.

– SysLog—Specifies the system log on the destination system as the recipient of event notifications.

If you choose SysLog, enter the notification priority in the Priority text box, the name of the facility in the Facility text box, and the port number of the destination system in the Port Number text box.

g. To enable HTTPS, select the Enable check box next to it.

Port Number auto-populates.

h. Click Save .

Step 7 On the General tab, follow these steps:

a. Select the Enabled check box for Admin Status to enable event generation (disabled by default).

b. Set the event priority by choosing a number from the Priority drop-down list. Zero is the highest priority.

An event notification with high priority is serviced before event definitions with lower priority.

c. To select how often the event notifications are sent:

1. Select the All the Time check box to continuously report events. Proceed to Step g.

2. Unselect the All the Time check box to select the day and time of the week that you want event notifications sent. Days of the week and time fields appear for the selection. Proceed to Step d.

d. Select the check box next to each day you want the event notifications sent.

e. Select the time for starting the event notification by selecting the appropriate hour, minute, and AM/PM options from the Apply From heading.

f. Select the time for ending the event notification by selecting the appropriate hour, minute, and AM/PM options from the Apply Until heading.

g. Click Save .

Step 8 Verify that the new event notification is listed for the event group (Mobility > Notifications > Settings > Event Group Name).

Deleting an Event Definition

To delete one or more event definitions from Prime Infrastructure, follow these steps:

Step 1 Choose Services > Mobility Services > Context Aware Notifications .

Step 2 From the left sidebar menu, choose Settings .

Step 3 Click the name of the group from which you want to delete the event definitions.

Step 4 Select the event definition that you want to delete by selecting its corresponding check box.

Step 5 From the Select a command drop-down list, choose Delete Event Definition(s) .

Step 6 Click Go .

Step 7 Click OK to confirm that you want to delete the selected event definitions.

Searching for Wireless Client on MSE by IPv6 Address

Note Only wireless clients have IPv6 addresses in this release.

To search for an MSE located clients using the Prime Infrastructure Advanced search feature, follow these steps:

Step 1 Click Advanced Search .

Step 2 In the New Search dialog, choose Clients as the search category from the Search Category drop-down list.

Step 3 From the Media Type drop-down list, choose Wireless Clients .

The Wireless Type drop-down list appears only when you choose Wireless Clients as the media type.

Step 4 From the Wireless Type drop-down list, choose any of the following types: All , Lightweight or Autonomous Clients .

Step 5 From the Search By drop-down list, choose IP Address .

Searching a client by IP address can contain either full or partial IP address. Each client can have up to 16 IPv6 addresses and 4 IPv4 addresses.

Step 6 From the Clients Detected By drop-down list, choose clients detected by as MSE.

This displays clients located by Context-Aware Service in the MSE by directly communicating with the controllers.

Step 7 From the Last detected within drop-down list, choose the time within which the client was detected.

Step 8 Enter the client IP address in the Client IP Address text box. You can enter wither a partial or full IPv6 address.

If you are searching for the client from Prime Infrastructure on the MSE by IPv4 address, enter the IPv4 address in the Client IP address text box.

Step 9 From the Client States drop-down list, choose the client states. The possible values for wireless clients are All States , Idle , Authenticated , Associated , Probing , or Excused . The possible values for wired clients are All States , Authenticated , and Associated .

Step 10 From the Posture Status drop-down list, choose the posture status to know if the devices are clean or not. The possible values are All , unknown , Passed , and Failed .

Step 11 Select the CCX Compatible check box to search for clients that are compatible with Cisco Client Extensions. The possible values are All Versions , V1 , V2 , V3 , V4 , V5 , and V6 .

Step 12 Select the E2E Compatible check box to search for clients that are end-to-end compatible. The possible values are All Versions , V1 , and V2 .

Step 13 Select the NAC State check box to search for clients identified by a certain Network Admission Control (NAC) state. The possible values are Quarantine , Access , Invalid , and Not Applicable .

Step 14 Select the Include Disassociated check box to include clients that are no longer on the network but for which Prime Infrastructure has historical records.

Step 15 From the Items per page drop-down list, choose the number of records to be displayed in the search results page.

Step 16 Select the Save Search check box to save the selected search option.

Step 17 Click Go.

The Clients and Users page appears with all the clients detected by the MSE.

Viewing Clients Detected by MSE

You can see the clients in probing state on 2.4 GHz on Cisco WLC but in probing state only on “a” radio (in the Monitor > Clients and Users > Client detected by MSE page). None of the clients shows up in probing state on “b/g” radio. This is because when clients are in the probing state, Prime Infrastructure does not get details on the protocol and by default these are shown to be on 5 GHz channel. After they are associated, the INFO messages are received from the controller which contain details on the protocol and the channel. But when they are probing with Measurement messages, Prime Infrastructure does not have this information and defaults it to 5 GHz.

To view all the clients detected by the MSE, follow these steps:

Step 1 Choose Monitor > Monitoring Tools > Clients and Users to view both wired and wireless clients information.

The Clients and Users table displays a few column by default. If you want to display the additional columns that are available, click , and then click Columns . The available columns appear. Select the columns that you want to show in the Clients and Users table. When you click anywhere in a row, the row is selected and the client details are shown.

Step 2 Filter the current list to choose all the clients that are detected by the MSE by choosing Clients detected by MSE from the Show drop-down list.

All the clients detected by MSE including wired and wireless appear.

The following different parameters are available in the Clients Detected by MSE table:

• MAC Address—Client MAC address.
• IP Address—Client IP address.

The IP Address that appears in the IP Address column is determined by a predefined priority order. The first IP address available in the following order appears in the IP address text box:

– IPv4 address

Note Only wireless clients have IPv6 addresses in this release. Each client can have up to 16 IPv6 addresses and 4 IPv4 addresses.

– IPv6 global unique address. If there are multiple addresses of this type, most recent IPv6 address that the client received is shown, because a user could have two Global IPv6 addresses but one might have been from an older Router Advertisement that is being aged out.

– IPv6 local unique address. If there are multiple IPv6 local unique addresses, then the most recent address appears.

– IPv6 link local address. For an IPv6 client it always have at least a link local address.

The following are the different IPv6 address types:

– Link-local Unicast—The link-local addresses are designed to be used for addressing on a single link for purposes such as auto-address configuration, neighbor discovery, or when no routers are present.

– Site-local Unicast—The site-local addresses are designed to be used for addressing inside of a site without the need for a global prefix.

– Aggregatable Global Unicast—The aggregatable global unicast address uniquely identifies the client in global network and equivalent to public IPv4 address. A client can have multiple aggregatable global unicast addresses.

• IP Type—The IP address type can be IPv4 and IPv6.

– Global Unique

– Unique Local

– Link Local

• User Name—Username based on 802.1x authentication. Unknown is displayed for client connected without a username.
• Type—Indicates the client type.

– indicates a lightweight client

– indicates a wired client

– indicates an autonomous client

• Vendor—Device vendor derived from OUI.
• Device Name—Network authentication device name. For example, WLC and switch.
• Location—Map location of the connected device.
• VLAN—Indicates the access VLAN ID for this client.
• Status—Current client status.

– Idle—Normal operation; no rejection of client association requests.

– Auth Pending—Completing a AAA transaction.

– Authenticated—802.11 authenticated complete.

– Associated—802.11 association complete. This is also used by wired clients to represent that a client is currently connected to the network.

– Disassociated—802.11 disassociation complete. This is also used by wired clients to represent that a client is currently not on the network.

– To Be Deleted—The client is deleted after disassociation.

– Excluded—Automatically disabled by the system due to perceived security threat.

• Interface—Controller interface (wireless) or switch interface (wired) that the client is connected to.
• Protocol

– 802.11—wireless

– 802.3—wired

• Association Time—Last association start time (for wireless client). For a wired client, this is the time when a client is connected to a switch port. This is blank for a client which is associated but has problems being on the network.
• CCX—Lightweight wireless only.

Step 3 Select the radio button next to MAC Address in the Client and User page to view the associated client information.

Viewing MSE Alarm Details

In the Monitor > Monitoring Tools > Alarms and Events page, click an MSE item under Failure Source column to access the alarms details for a particular MSE.

Alternatively, you can choose Services > Mobility Services Engines > MSE Name > System > Status > Prime Infrastructure Alarms page and click a particular MSE item under Failure Source column to access the alarms details for a particular MSE.

Table 42-16 describes the various fields in the Alarm Detail page for an MSE.

The General information might vary depending on the type of alarm. For example, some alarm details might include location and switch port tracing information.

• Related Alarm List—Displays all the alarms related to a particular attack.
• Rogue Client Details—Displays information about the rogue clients.
• Annotations—Enter any new notes in this text box and click Add to update the alarm. Notes appear in the “Annotations” display page.
• Messages—Displays information about the alarm.
• Device Details—
• Switch Port Tracing
• Location Notification
• Map Location
• Device Events
• Related History
• Audit Report—Click to view config audit alarm details. This report is only available for Config Audit alarms.

Configuration audit alarms are generated when audit discrepancies are enforced on config groups. If enforcement fails, a critical alarm is generated on the config group. If enforcement succeeds, a minor alarm is generated on the config group. The alarms have links to the audit report where you can view a list of discrepancies for each controller.

• Event History—Opens the MSE Alarm Events page to view events for this alarm. When there are multiple alarm pages, the page numbers appear at the top of the page with a scroll arrow on each side. Use these scroll arrows to view additional alarms.

Defining Venues

To define a venue, follow these steps:

Step 1 Choose Services > Mobility Services > Mobile Concierge.

Step 2 Choose Mobile Concierge Services > Venues from the left sidebar menu.

The Venues page appears.

Step 3 From the Select a command drop-down list, choose Define New Venue and click Go.

The Venue Wizard page appears.

Step 4 Enter the venue name in the Venue Name text box and click Next.

Step 5 In the Floor/Outdoor Association group box, you can configure the following:

• From the Area Type drop-down list, choose the area type where you want to display the service advertisement. The possible values are Floor Area and Outdoor Area.

Note The Building, Floor Area, and Coverage Area drop-down lists are displayed only if you select Floor Area as the area type.

• From the Campus drop-down list, choose the campus name where you want to display the service advertisements.
• From the Building drop-down list, choose the building name where you want the advertisements to appear.
• From the Floor drop-down list, choose the floor type.
• From the Coverage Area drop-down list, choose the coverage area within the floor.
• From the Outdoor Area drop-down list, choose the outdoor area where you want to display the service advertisements. This field is displayed only if you select Outdoor Area as the Area Type.

Step 6 Click Next. The Audio group box appears.

Step 7 From the Audio group box, click Choose File to browse and select the audio file to play the audio notification.

Step 8 Click Next. The Icons group box appears.

Step 9 From the Icons group box, click Choose File to browse and select the icon that you want to display on the clients handset.

Step 10 Click Next. The Venue Apps group box appears.

Step 11 From the Venue Apps group box, choose the venue app on which you want to display the service advertisement from the Web App drop-down list.

Step 12 Click Next. The Additional Venue Information group box appears.

Step 13 From the Additional Information group box, you can provide any additional information that the venue would like to provide to the mobile application. You can configure the following:

• Enter the location detail in the Location Detail text box. This provides details such as store address, zip code, or street address of the venue.
• Enter the GPS latitude and longitude of the venue in the Latitude and Longitude text box. This helps the applications to identify the venue accurately.
• Enter any other additional information that the venue would like to provide to the mobile application in the Additional Information text box.

Step 14 Click Save. This information is applied to the MSE and the synchronization happens automatically.

Related Topics

• Monitoring with Mobile Concierge Services
• Deleting Venues
• Defining Providers with Policies
• Deleting Providers
• Defining Policies
• Deleting Policies

Deleting Venues

To delete a venue, follow these steps:

Step 1 Choose Services > Mobility Services > Mobile Concierge.

Step 2 Choose Mobile Concierge Services > Venues from the left sidebar menu.

The Venues page appears.

Step 3 Select the check box of the venue that you want to delete.

Step 4 From the Select a command drop-down list, choose Delete Venue, and click Go.

Click OK to confirm the deletion.

Related Topics

• Monitoring with Mobile Concierge Services
• Defining Venues
• Defining Providers with Policies
• Deleting Providers
• Defining Policies
• Deleting Policies

Defining Providers with Policies

Step 1 Choose Services > Mobility Services > Mobile Concierge.

Step 2 Choose Mobile Concierge Services > Providers from the left sidebar menu.

The Providers page appears.

Step 3 From the Select a command drop-down list, choose Define New Provider and click Go.

The Provider Wizard page appears.

Step 4 Enter the providers venue name in the Provider Name text box.

Step 5 Click Next. The Icons group box appears.

Step 6 From the Icons group box, click Choose File to browse and select the icon that you want to display on the clients handset.

Step 7 Click Next. The Local Services group box appears.

Step 8 From the Local Services group box, do the following:

• Click the inverted triangle icon location at the left side of the Local Service # name to expand the Local Service and configure the following:

– Choose the service type from the Service Type drop-down list. The possible options are: Directory Info, Sign Up, Discount Coupon, Network Help, and Other.

– Enter the display name in the Display Name text box.

– Enter the description in the Description text box.

– Choose the service URIs from the Service URIs drop-down list.

– Enter the recommended application for the venue in the Recommended Apps text box.

Step 9 Click Save.

Related Topics

• Monitoring with Mobile Concierge Services
• Deleting Providers
• Defining Venues
• Deleting Venues
• Defining Policies
• Deleting Policies

Deleting Providers

To delete a provider, follow these steps:

Step 1 Choose Services > Mobility Services > Mobile Concierge.

Step 2 Choose Mobile Concierge Services > Providers from the left sidebar menu.

The Providers page appears.

Step 3 Select the check box of the provider that you want to delete.

Step 4 From the Select a command drop-down list, choose Delete Provider, and click Go.

Click OK to confirm the deletion.

Related Topics

• Monitoring with Mobile Concierge Services
• Defining Policies
• Defining Venues
• Deleting Venues
• Defining Providers with Policies
• Deleting Policies

Defining Policies

To define policies, follow these steps:

Step 1 Choose Services > Mobility Services > Mobile Concierge.

Step 2 Choose Mobile Concierge Services > Policies from the left sidebar menu.

The Policies page appears.

Step 3 From the Select a command drop-down list, choose Define New Policy and click Go.

The Policy Wizard page appears.

Step 4 Choose the venue on which you want the policy to be applied from the Venue drop-down list.

Step 5 Click Next. The Provider group box appears.

Step 6 Choose the provider from the Provider drop-down list.

Step 7 Click Next. The SSID group box appears.

Step 8 From the SSID drop-down list, choose the SSIDs on which you want to broadcast the service advertisements and click OK. You can choose multiple SSIDs.

Step 9 Click Next. The Display Rule group box appears.

Step 10 From the Display Rule group box, you can do the following:

• Select the Display Rule radio button. You can select either Everywhere or Near selected APs radio button. By default, Display everywhere is selected.

If you select Display everywhere, then it searches for all the Mobile Concierge-supported controllers that provide these SSIDs and assigns these controllers to the MSE.

If you select Display near selected APs, then you can configure the following parameters:

• AP—Select those APs on which you want the advertisements to broadcast.
• Radio—Select the radio frequency on which you want the advertisements to be broadcasted. The service advertisement is displayed when the mobile device is near the radio band that you have selected. The possible values are 2.4 GHz or 5 GHz.

– min RSSI—Enter a value for RSSI at which you want the service advertisements to be displayed on the user interface.

Step 11 Click Finish.

Related Topics

• Monitoring with Mobile Concierge Services
• Deleting Policies
• Defining Venues
• Deleting Venues
• Defining Providers with Policies
• Deleting Providers
• Defining Policies

Deleting Policies

To delete a new policy, follow these steps:

Step 1 Choose Services > Mobility Services > Mobile Concierge.

Step 2 Choose Mobile Concierge Services > Policies from the left sidebar menu.

The Policies page appears.

Step 3 Select the check box of the policy that you want to delete.

Step 4 From the Select a command drop-down list, choose Delete Policy, and click Go.

Click OK to confirm the deletion.

Related Topics

• Monitoring with Mobile Concierge Services
• Defining Venues
• Deleting Venues
• Defining Providers with Policies
• Deleting Providers
• Defining Policies