System Health Widget Operational Best Practices describes the details for the operational best practices that the System Health widget provides.
| Type | Field | Description |
|---|---|---|
| Operational | Certificate Authentication | Pre-installed Extreme certificates allow validation between ExtremeCloud IQ Controller and an AP. APs that do not support signed certificates, can provide self-signed certificates. In this case, you must disable Enforce Manufacturing Certificate on ExtremeCloud IQ Controller for the AP. AP Authentication failure messages are logged in the ExtremeCloud IQ Controller Events Log. |
| Operational | Mesh AP operating on DFS channel. | Due to DFS procedures and mandatory ‘Stay off Channel‘ periods, APs operating on DFS channels in a Mesh topology can result in service outages. |
| Operational | AP recommended version image | APs are not running the recommended version image. Run the supported AP firmware version. Running other firmware revisions can lead to unexpected results. See Upgrade AP Images. |
| Operational | AP with Dual 5 GHz and power provided is AF | AP510 and AP410 support Dual 5 GHz radios and AF (low power) is provided. Therefore, Radio 2 will be shut down. Configure the AP radio for 2.4 GHz or 5 GHz, or provide AT (high power). |
| Operational | Backup secure tunnel | Secure tunnel is supported on ExtremeWireless Wi-Fi 6 APs. To improve resilience and reduce the outage interval associated with a failover event in a high-availability pair, access points establish session tunnels to both peers in a high-availability pair. |
| Operational | NTP | Proper time stamp synchronization is facilitated through Network Time Protocol (NTP). If the NTP server is not reachable, verify the NTP server settings. See Network Time. |
| Operational | Service interface is not operational. Check connectivity for proper service. | System functions reference specific interfaces for connectivity. For proper operation, corresponding system interfaces must be enabled and operational. |
| Operational | Backup tunnel established to ExtremeCloud IQ Controller | To improve resilience and reduce the outage interval associated with a failover event in a high- availability setup. Access points establish session tunnels to both peers in a high-availability pair. |
| Operational | AP acknowledgment message | APs send an acknowledgment message for each configuration update. A missing configuration acknowledgment message from an AP can indicate a connectivity issue. |
| Operational | Communication between AP and controller over port 13910 is blocked by the firewall | For proper
communication between the AP and the controller, ensure that Port
13910 is open in the firewall. Note: When the AP is
more than one hop away, setting the default route via the
Management port can also block communication between an AP and
the controller.
|
| Operational | AP connection to primary controller | In the event of an unexpected release of APs, check your network connectivity between APs and the controllers for possible interruptions. |
| Operational | Adoption rules did not successfully assign APs to site | Consider the
following when configuring adoption rules for AP site assignment:
For more information, see Adding or Editing Adoption Rules. |
| Operational | High-Availability Configuration | High-Availability connectivity status. Verify your high-availability configuration. See Availability. |
| Operational | High-Availability Synchronization | High-Availability connectivity status with synchronization message. |
| Operational | Assigned Entitlements Status | The system must be licensed to
operate. A best practice is to start the license renewal process at
least 90 days before the license expiration date to avoid
interruption of functionality. The following are the available
status warnings:
To view the list of entitlements, go to . For more information, refer to Product Subscription License. |
| Operational | ExtremeCloud IQ Controller is not onboarded to ExtremeCloud IQ. | Onboard ExtremeCloud IQ Controller into ExtremeCloud IQ to take advantage of Cloud Visibility. After ExtremeCloud IQ Controller is onboarded into the cloud, all access points that are discovered by that controller are visible in ExtremeCloud IQ. Cloud connectivity is displayed on the License Details page. For information about how to onboard ExtremeCloud IQ Controller to ExtremeCloud IQ, refer to the ExtremeCloud IQ Controller Deployment Guide. |
| Operational | Client Address Protection. Clients denied. | Indicates that a client has attempted to access the network though an IP address that is configured on the Protected IP Address List. Select the icon to display the protected IP address and the MAC address of the offending client. For more information, see Site Allow List/Deny List. |