Controller Based WLANs

How to access the console of an AP when it has lost connection to the Aruba Controller?

by ‎05-25-2016 02:30 PM - edited ‎05-25-2016 02:36 PM
Aruba Controller running 6.4 and above with an Access Point terminated to it.

This failover system allows users to access an AP console after the AP has disconnected from the controller. By advertising backup ESSID in either static or dynamic mode, the user is still able to access and debug the AP remotely through a virtual AP. Settings for this feature can be changed using the controller's WebUI or CLI.
There are three operating modes that we can use it for AP debugging when it is not reachable to controller which is as below.
Off: No backup ESSID advertised by the AP. The default setting is off.
Static:  Virtual AP continuously advertises the backup ESSID, regardless of the connection status between the AP and controller.
Dynamic:  Virtual AP advertises the backup ESSID only after the AP disconnects from the controller. Once connection between the AP and controller is available, the backup ESSID is disabled again.
If the AP loses its connectivity to the controller, connect to the Backup ESSID. It will get address from the AP DHCP server. The DHCP server address is 192.168.11. Association with the vap
User can use psk password to associate with the Backup vap, and get a dhcp ip address.

Configuration steps below using CLI.
(Aruba7210) #
(Aruba7210) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z

(Aruba7210) (config) #ap system-profile default
(Aruba7210) (AP system profile "default") #bkup-passwords 123456789
(Aruba7210) (AP system profile "default") #bkup-band [all/b/g]
(Aruba7210) (AP system profile "default") #bkup-mode [off/static/dynamic]
(Aruba7210) (AP system profile "default") #!
(Aruba7210) (config) #exit
(Aruba7210) #
Configuration steps below using WebUI.
1. Login to the controller and Navigate to the Configuration > Advanced > All Profiles page.
2. Under AP > AP System on the Profile pane, select the AP system profile name.
3. In the Profile Details pane, select the Advanced tab.
4. To change the password, clear the Password for Backup field and enter the new password, click apply
5. To configure the RF band on which the backup ESSID is advertised, click the drop-down list in the RF Band for Backup field and select the desired RF band, click apply.
6. To configure the operation mode, choose one of the following options from the Operation for backup drop-down list, click apply.

Below screenshot for example.

We can verify that the backup ESSID is broadcasting or not using below command as for example we set the operating mode as static.
(Aruba7210) #show ap remote bss-table ap-name 18:64:72:c9:97:54

Aruba AP BSS Table
bss                ess                       port  ip             phy    type  ch/EIRP/max-EIRP  cur-cl  ap name            in-t(s)  tot-t
---                ---                       ----  --             ---    ----  ----------------  ------  -------            -------  -----
18:64:72:19:75:5f  backup-18:64:72:C9:97:54  ?/?  ?      ap    ?/?/?             0       18:64:72:c9:97:54  0        20m:53s
18:64:72:19:75:4f  backup-18:64:72:C9:97:54  ?/?  ?      ap    ?/?/?             0       18:64:72:c9:97:54  0        20m:52s
18:64:72:19:75:50  vasa1x                    ?/?  a-VHT  ap    64E/6/22          0       18:64:72:c9:97:54  0        1h:11m:11s
18:64:72:19:75:40  vasa1x                    ?/?  g-HT   ap    1/6/21.5          0       18:64:72:c9:97:54  0        1h:11m:10s

Channel followed by "*" indicates channel selected due to unsupported configured channel.
"Spectrum" followed by "^" indicates Local Spectrum Override in effect.

Num APs:4
Num Associations:0

(Aruba7210) #
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.