Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2087
Views
0
Helpful
2
Replies

Troubleshooting CAPWAP-tunneled Traffic

tylerpalmer
Level 5
Level 5

‎09-07-2018 08:14 AM - edited ‎07-05-2021 09:08 AM

Hi All. 

 

I'm needing some tips on troubleshooting traffic that flows through capwap tunnels from remote sites back to our main office. I'm seeing periods of high utilization in our netflow tool, but the high utilization is coming from capwap-data, so I'm having some difficulty tracking down what client or clients are causing the bandwidth use.

 

Most of our wireless users at the remote sites use an SSID that dumps them off onto the local LAN via H-REAP, so we are able to identify individual client traffic easily and apply QoS as needed. In the capwap tunnel though, we have four SSIDs for solutions that require the clients to be on the same subnet or are having to transit personal device traffic back to a DMZ for internet access while segmenting that from our internal segments.

 

I suspected our personal device users, but found the same pattern of traffic at several sites which makes me think updates of some type, but need to to be able to get more information from the client side of things to determine which solution is the culprit.

 

We're running 5508 controllers and have Cisco Prime Infrastructure installed.

 

I had hoped to find some reporting in Prime that would allow me to break down client usage by AP, so that I could see which clients at the remote sites are pulling traffic, but haven't found the secret sauce to generate such a report in Prime.

 

Any pointers would be appreciated. Thanks!

Labels:
0 Helpful
2 Replies 2

William Kuczmera
Level 1
Level 1

‎09-07-2018 11:54 AM

This guide may be helpful to  you. Its been a little while since I have been in Prime, but I do recall a busiest clients report as well as a busiest AP Report being available. You can run this once or set it up on a schedule to run every day, for example.  I do believe your hunch is correct. I have seen similar behavior from BYOD devices primarily Iphones running near constant updates on the applications installed on the phone or tablet. 

 

https://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-4/user/guide/bk_CiscoPrimeInfrastructure_3_4_0_UserGuide/bk_CiscoPrimeInfrastructure_3_4_0_UserGuide_chapter_011000.html

 

In the guide go to Monitor The Network Tab and then Manage Reports. 

 

HTH, 

Will Kuczmera 

0 Helpful

Jhosbell Verdesca De Aguiar
Cisco Employee
Cisco Employee
In response to William Kuczmera

‎09-07-2018 01:09 PM - edited ‎09-07-2018 01:10 PM

You could set up AVC and Netflow at the WLC for the centrally switched WLANs and you will be able to see what devices are using most of the bandwidth and even which applications are they using.

Check this link for how to do it:

 

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-8/AVC_8point8_dg.html 

** Please rate helpful posts **

CCIE #58023
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card