ArubaOS and Controllers

Reply
Occasional Contributor II
Posts: 10
Registered: ‎11-23-2010

Next Gen PEF Disabled APs

I have a 651-8 controller working fine with 7 AP-93s. I then install the Next Gen PEF license and all of my APs went down and I could no longer authenticate via Captive Portal, got an error page that stated "Web Authentication is disabled. What am I missing here?
Guru Elite
Posts: 20,808
Registered: ‎03-29-2007

Re: Next Gen PEF Disabled APs

If you did not have the Next-Gen PEF license, there were no roles on your system. When you add that license, you have to create those roles, manually to accommodate those existing SSIDs. Probably the easiest way to do this is to use the WLAN Wizard to recreate that SSID.

Alternatively, to easily take care of the "Web Authentication Disabled" message, find out what role the user is in when he associates. After you do that, edit that role in Configuration> Security> Access Control (edit that role). Go down and add a Captive Portal Profile to the properties that role, and your message should go away.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 10
Registered: ‎11-23-2010

Re: Next Gen PEF Disabled APs

I have done all you suggested, a couple of times. However, the 7 AP-93s still fail to come up.
Guru Elite
Posts: 20,808
Registered: ‎03-29-2007

Re: Next Gen PEF Disabled APs

You may have two issues. If the APs fail to come up, SSH into the controller and see why:

Do a "show ap database" and see if there are any APs there and if there is anything in the "flags" column. The PEF-NG license MUST match the number of AP licenses, otherwise only the lesser number between the AP license or PEF-NG licenses will be able to come up.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 10
Registered: ‎11-23-2010

Re: Next Gen PEF Disabled APs

I have the 8 PEF-NG and 8 external AP license. Here is the output of the show command:

Name Group AP Type IP Address Status Flags Switch IP
---- ----- ------- ---------- ------ ----- ---------
DataCenter Ascend Guest Internet 651 192.168.123.2 Up 1h:10m:36s B 192.168.123.2
First Floor East Ascend Guest 93 192.168.123.250 Down 192.168.123.2
First Floor Middle Ascend Guest 93 192.168.123.248 Down 192.168.123.2
First Floor West Ascend Guest 93 192.168.123.249 Down 192.168.123.2
Lower Level Lounge Ascend Guest 93 192.168.123.254 Down 192.168.123.2
Third Floor North East Ascend Guest 93 192.168.123.253 Down 192.168.123.2
Third Floor South East Ascend Guest 93 192.168.123.251 Down 192.168.123.2
Third Floor West Ascend Guest 93 192.168.123.252 Down 192.168.123.2
Occasional Contributor II
Posts: 10
Registered: ‎11-23-2010

Re: Next Gen PEF Disabled APs

BTW there was no flags on any of them as you can tell
Guru Elite
Posts: 20,808
Registered: ‎03-29-2007

Re: Next Gen PEF Disabled APs

Type "show port status" on the commandline. Make sure none of them are untrusted.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 10
Registered: ‎11-23-2010

Re: Next Gen PEF Disabled APs

Heres what i see. Also, i can ping the APs from the controller

Port Status
-----------
Slot-Port PortType adminstate operstate poe Trusted SpanningTree PortMode
--------- -------- ---------- --------- --- ------- ------------ --------
1/0 GE Enabled Down Enabled Yes Disabled Access
1/1 GE Enabled Down Enabled Yes Disabled Access
1/2 GE Enabled Down Enabled Yes Disabled Access
1/3 GE Enabled Down Enabled Yes Disabled Access
1/4 GE Enabled Up N/A Yes Disabled Access
1/5 GE Enabled Up N/A Yes Disabled Access
1/6 GE Enabled Up N/A Yes Disabled Access
1/7 GE Enabled Down N/A Yes Disabled Access
Guru Elite
Posts: 20,808
Registered: ‎03-29-2007

Re: Next Gen PEF Disabled APs

Type "show log system 50" on the commandline.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 10
Registered: ‎11-23-2010

Re: Next Gen PEF Disabled APs

Dec 1 13:43:14 KERNEL: 0:flushing more than page size of icache addresses starting @ c09ef000
Dec 1 13:43:14 KERNEL: 0:<7>wlan: 0.8.4.2 (Atheros/multi-bss)
Dec 1 13:43:15 KERNEL: 2:<4>ath_hal: module license 'Proprietary' taints kernel.
Dec 1 13:43:15 KERNEL: 2:flushing more than page size of icache addresses starting @ c0a6c000
Dec 1 13:43:15 KERNEL: 2:)
Dec 1 13:43:15 KERNEL: 0:flushing more than page size of icache addresses starting @ c00f3000
Dec 1 13:43:15 KERNEL: 0:<6>ath_rate_atheros: Copyright (c) 2001-2005 Atheros Communications, Inc, All Rights Reserved
Dec 1 13:43:15 KERNEL: 0:<6>ath_rate_atheros: Aruba Networks Rate Control Algorithm
Dec 1 13:43:15 KERNEL: 0:flushing more than page size of icache addresses starting @ c0101000
Dec 1 13:43:15 KERNEL: 0:<6>ath_dfs: Version 2.0.0
Dec 1 13:43:15 KERNEL: Copyright (c) 2005-2006 Atheros Communications, Inc. All Rights Reserved
Dec 1 13:43:15 KERNEL: 0:flushing more than page size of icache addresses starting @ c0ac7000
Dec 1 13:43:15 KERNEL: 0:<6>ath_dev: Copyright (c) 2001-2007 Atheros Communications, Inc, All Rights Reserved
Dec 1 13:43:15 KERNEL: 2:flushing more than page size of icache addresses starting @ c0126000
Dec 1 13:43:15 KERNEL: 2:<6>ath_pci: 0.9.4.5 (Atheros/multi-bss)
Dec 1 13:43:15 KERNEL: 0:grenache_led_blink: clm=1 glm=0
Dec 1 13:43:17 KERNEL: 2:Requesting IRQ 36 on CPU 2
Dec 1 13:43:17 KERNEL: 2:wifi0: Base BSSID 00:1a:1e:50:46:50, 16 available BSSID(s)
Dec 1 13:43:17 KERNEL: 2:wifi0: AP type AP-651, radio 0, max_bssids 16
Dec 1 13:43:17 KERNEL: 2:<6>wifi0: Atheros 9160: mem=0x14000000, irq=26 hw_base=0xb4000000
Dec 1 13:43:17 KERNEL: 1:flushing more than page size of icache addresses starting @ c00e4000
Dec 1 13:43:17 KERNEL: 0:flushing more than page size of icache addresses starting @ c00ed000
Dec 1 13:43:17 KERNEL: 2:flushing more than page size of icache addresses starting @ c00e7000
Dec 1 13:43:18 :399816: |fpapps| poe download start
Dec 1 13:43:56 :313078: |fpapps| XSec Vlan Interface 30 not found line 877
Dec 1 13:43:56 :313078: |fpapps| XSec Vlan Interface 30 not found line 877
Dec 1 13:43:56 :313078: |fpapps| XSec Vlan Interface 30 not found line 877
Dec 1 13:43:56 :313256: |fpapps| Route resolve returned an Error
Dec 1 13:43:58 :399816: |nanny| Received the PAPI_APP_SPAWN_PROC Message
Dec 1 13:43:58 :306510: |publisher| Dropping message from 8214 for service 'aaa-idle-user-timeout (service not found)'
Dec 1 13:44:00 KERNEL: 2:<4>process `snmpd' is using obsolete setsockopt SO_BSDCOMPAT
Dec 1 13:44:05 :325022: |authmgr| Bogus VLAN ID:4095 received.
Dec 1 13:44:07 :304001: |stm| Unexpected stm (Station managment) runtime error at open_rap_data_path_socket, 5445, RAP ioctl No such device [ifr_name: br0
Dec 1 13:44:07 :304001: |stm| Unexpected stm (Station managment) runtime error at rap_datapath_init, 5412, Unable to open rap datapath socket
Dec 1 13:44:09 KERNEL: 1:<4>process `trapd' is using obsolete setsockopt SO_BSDCOMPAT
Dec 1 13:44:15 :304001: |stm| Unexpected stm (Station managment) runtime error at data_path_handler, 649, data_path_handler: recv - Network is down
Dec 1 13:44:21 :304001: |stm| Unexpected stm (Station managment) runtime error at papi_handler, 773, Message from 127.0.0.1:8378 type 0: Length mismatch expected 0 received 780
Dec 1 13:44:22 KERNEL: 2:<7>vap_device_event: UTC Time:19:44:22 dev aruba000 (0:0) has been registered
Dec 1 13:44:22 KERNEL: 2:<7>vap_device_event: dev aruba000 (0:0) is up
Dec 1 13:44:22 KERNEL: 2:<6>vap aruba000 vlan is 30. not discovering tunnel vlan
Dec 1 13:44:22 :304001: |stm| Unexpected stm (Station managment) runtime error at papi_handler, 773, Message from 127.0.0.1:8224 type 0: Length mismatch expected 0 received 780
Dec 1 14:55:39 :399803: |stm| An internal system error has occurred at file sapm_amapi.c function sapmisc_custom_cmd line 6458 error No function for custom command 19.
Dec 1 15:26:51 :311002: |AP First Floor West@192.168.123.249 sapd| Rebooting: SAPD: Unable to contact switch. Called by sapd_hello_cb:4
Dec 1 15:26:51 :303086: |AP First Floor West@192.168.123.249 nanny| Process Manager (nanny) shutting down - AP will reboot!
Dec 1 15:26:58 :311002: |AP Third Floor South East@192.168.123.251 sapd| Rebooting: SAPD: Unable to contact switch. Called by sapd_hello_cb:4
Dec 1 15:26:58 :303086: |AP Third Floor South East@192.168.123.251 nanny| Process Manager (nanny) shutting down - AP will reboot!
Dec 1 15:27:14 :311002: |AP Lower Level Lounge@192.168.123.254 sapd| Rebooting: SAPD: Unable to contact switch. Called by sapd_hello_cb:4
Dec 1 15:27:14 :303086: |AP Lower Level Lounge@192.168.123.254 nanny| Process Manager (nanny) shutting down - AP will reboot!
Dec 1 15:28:37 :311002: |AP First Floor Middle@192.168.123.248 sapd| Rebooting: SAPD: Unable to contact switch. Called by sapd_hello_cb:4
Dec 1 15:28:38 :303086: |AP First Floor Middle@192.168.123.248 nanny| Process Manager (nanny) shutting down - AP will reboot!





On a side note, i am running OS 5.0.2.1
Search Airheads
Showing results for 
Search instead for 
Did you mean: