Aruba Instant & Cloud Wi-Fi

Reply
Occasional Contributor I
Posts: 6
Registered: ‎12-07-2016

DNS intercepted by IAP intermittently, DNS response should be from Client DHCP server setting

I have 2 x Demo IAP-325 6.4.4.8-4.2.4.3 in a VC cluster with employee type WLAN and Local, L2 DHCP on the VC.  The Client Gateway is a Cisco FW to the Internet.  The DHCP Client scope options have the DNS Server to 8.8.8.8 and the IAP DNS Server settings is to the internal corporate DNS Server.  This is basically a BYOD WLAN to the Internet to access Corporate services.

On a wireless client, I can nslookup to a corporate FQDN, but get two different DNS responses randomly:

1 - DNS response with the correct Internet IP address from the Cisco FW mac address

2 - DNS response with the internal IP address from the Aruba AP mac address.

I am not doing any VPN as far as I know and tried the Enterprise Domains settings with no success.

 

Is it a firmware bug or wrong setting somewhere?????

 

 

 

Guru Elite
Posts: 20,992
Registered: ‎03-29-2007

Re: DNS intercepted by IAP intermittently, DNS response should be from Client DHCP server setting

Did you try configuring * instead of a domain name in the Enterprise domain list?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 6
Registered: ‎12-07-2016

Re: DNS intercepted by IAP intermittently, DNS response should be from Client DHCP server setting

Yes, tried * in the Enterprise Domain list as well with no luck.

 

Note that I will have another Guest WLAN as well for self registering guests with a CP captive Portal so I need the Aruba AP DNS Server to be internal.

Any other solutions?

Is there a way to disable AP DNS interception per WLAN??

 

Guru Elite
Posts: 20,992
Registered: ‎03-29-2007

Re: DNS intercepted by IAP intermittently, DNS response should be from Client DHCP server setting

As a test, can you have something else besides the IAP supply the DHCP addresses?  I don't exactly know your setup, but is the Cisco firewall the default gateway for those clients?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 6
Registered: ‎12-07-2016

Re: DNS intercepted by IAP intermittently, DNS response should be from Client DHCP server setting

I've removed the DHCP scopes to the GW Firewall with no change.  The problem still existed.

I power cycled the APs which fixed the problem.  I have not seen the problem since.  So a combination of DHCP scope removal and reboot may have fixed the issue???

 

Contacted our BDM and there is no bug of this type.  Received a later version of firmware and upgraded APs as well.

Search Airheads
Showing results for 
Search instead for 
Did you mean: