ArubaOS and Controllers

Reply
Contributor I
Posts: 34
Registered: ‎04-27-2009

Guest network just NOT working quite right

So this is driving me nuts. Sometimes a guest wireless user will work right out of the gate; sometimes a client will just REFUSE to work right. I need to get this thing reliably working, or I'm gonna look the fool.

A little background:
1 master, 2 local controllers. My APs LMS IPs are split between the 2 local controllers. The master serves as the gateway and DHCP scope for the guest network. There is a layer 2 GRE tunnel between each local and the master. The guest network is a WPA2 AES network with captive portal tied to the Internal database.

I provisioned a new guest user today. They were able to connect to the network, got the portal, and logged in no problem. They then disconnected, and tried to connect again. This time they couldn't get an address. I noticed in local2 that there were two user entries (#show user) under the same MAC. One was valid, the second had a 169 IP address. I deleted both (#aaa user del mac ######). Now they could connect and get a valid private IP, but nothing they did brought up the portal page.

I've had similar issues with the wifi on my phone, when switching APs. I'll connect to the network (I set up a MAC-based internal user to avoid the portal login page), but if I walk to another APs area, the wifi will disconnect, and fail to obtain an IP when connecting again.

This is getting increasinly frustrating and embarrassing. I need this network to 'just work'. Does anyone have, or know of a BBP-type document on how to set up a guest network with captive portal that spans multiple controllers?
Aruba Employee
Posts: 99
Registered: ‎09-08-2010

Re: Guest network just NOT working quite right

Quickest resolution will typically come from opening a TAC case so that they can dedicate the time to look into this.

That said, what version of code are you running on the three controllers? Are the three controllers all physically colocated and connected to the same network segments, or are they distributed across the network? Do all APs in a given area connect back to the same controller, or are they randomly split across both of the local controllers?
Guru Elite
Posts: 19,949
Registered: ‎03-29-2007

Re: Guest network just NOT working quite right


So this is driving me nuts. Sometimes a guest wireless user will work right out of the gate; sometimes a client will just REFUSE to work right. I need to get this thing reliably working, or I'm gonna look the fool.

A little background:
1 master, 2 local controllers. My APs LMS IPs are split between the 2 local controllers. The master serves as the gateway and DHCP scope for the guest network. There is a layer 2 GRE tunnel between each local and the master. The guest network is a WPA2 AES network with captive portal tied to the Internal database.

I provisioned a new guest user today. They were able to connect to the network, got the portal, and logged in no problem. They then disconnected, and tried to connect again. This time they couldn't get an address. I noticed in local2 that there were two user entries (#show user) under the same MAC. One was valid, the second had a 169 IP address. I deleted both (#aaa user del mac ######). Now they could connect and get a valid private IP, but nothing they did brought up the portal page.

I've had similar issues with the wifi on my phone, when switching APs. I'll connect to the network (I set up a MAC-based internal user to avoid the portal login page), but if I walk to another APs area, the wifi will disconnect, and fail to obtain an IP when connecting again.

This is getting increasinly frustrating and embarrassing. I need this network to 'just work'. Does anyone have, or know of a BBP-type document on how to set up a guest network with captive portal that spans multiple controllers?




What is the initial role of the user that get the captive portal before he logs in? Go to the commandline on the controller and type "show rights " For example, type "show rights guest-logon."

For most people who have that issue, they are not permitting DHCP properly. They will have "user any service dvc-dhcp permit", but it should be "any any service dhcp permit". Please see the explanation here, if that is your issue: http://kb.arubanetworks.com/cgi-bin/arubanetworks.cfg/php/enduser/std_adp.php?p_faqid=533
Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Search Airheads
Showing results for 
Search instead for 
Did you mean: