What are the different modes of WAN operation used in Branch office Controller and how to configure?

Aruba Employee
Requirement:

Aruba Controller running 6.4.4.x and above.



Solution:
In the branch controller deployments, the local controllers are connected across the WAN link from the master controller to the RADIUS server. If there is an outage over the WAN link it will result in service outage as new users cannot be authenticated to 802.1X Virtual APs. This feature provides limited connectivity to branch controllers even when the WAN link is down. To provide connectivity when the WAN link is down, open and PSK SSID Virtual APs (VAPs) are made available at all times and the user can connect to these VAPs instead of the main 802.1X Virtual AP during the outage.
 
When all the WAN links are down, an AP management module in the controller updates the link state using the notification it receives from the health check manager. Depending on the link state, the newest of Virtual APs are made available to the users, ensuring minimum service depending on the deployment. The VAPs for WAN link failure feature can be configured using the branch controller WebUI or command-line interface.
 
Note: This feature is targeted for Campus APs in branch office deployments for now.


Configuration:

We can configure the WAN Operation in following modes using CLI: 

(Aruba7210) #
(Aruba7210) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z

(Aruba7210) (config) #wlan virtual-ap default
(Aruba7210) (Virtual AP profile "default") #wan-operation ?
always                  Enable virtual-AP regardless of WAN link state.
backup                  Enable virtual-AP when WAN link is down
primary                 Enable virtual-AP only when WAN link is present

(Aruba7210) (Virtual AP profile "default") #wan-operation backup
(Aruba7210) (Virtual AP profile "default") #!
(Aruba7210) (config) #
(Aruba7210) (config) #exit
(Aruba7210) #
We can also configure the WAN Operation modes using GUI as below:
1.) Login to controller and Configuration> AP Configuration> AP Group Page.
2.) Select an AP Group.
3.)Navigate to Wireless LAN > Virtual AP.
4.)Select an existing virtual AP or add a new virtual AP (That need to be enabled when WAN link goes down).
5.) Once you select the virtual AP, click Advanced tab.
6.) Modify the WAN Operation Mode drop-down menu value to Primary, Always, or Backup. For WAN link failure, this mode should be set to backup.
 

 

 



Verification
We can verify the configuration using below command output:
(Aruba7210) #
(Aruba7210) #show wlan virtual-ap default

Virtual AP profile "default"
----------------------------
Parameter                                       Value
---------                                       -----
AAA Profile                                     default
802.11K Profile                                 default
Hotspot 2.0 Profile                             N/A
SSID Profile                                    default
Virtual AP enable                               Enabled
VLAN                                            N/A
Forward mode                                    tunnel
Allowed band                                    all
Band Steering                                   Disabled
Steering Mode                                   prefer-5ghz
Dynamic Multicast Optimization (DMO)            Enabled
Dynamic Multicast Optimization (DMO) Threshold  13
Drop Broadcast and Unknown Multicast            Disabled
Convert Broadcast ARP requests to unicast       Enabled
Authentication Failure Blacklist Time           3600 sec
Blacklist Time                                  3600 sec
Deny inter user traffic                         Disabled
Deny time range                                 N/A
DoS Prevention                                  Disabled
HA Discovery on-association                     Enabled
Mobile IP                                       Enabled
Preserve Client VLAN                            Disabled
Remote-AP Operation                             standard
Station Blacklisting                            Enabled
Strict Compliance                               Disabled
VLAN Mobility                                   Disabled
WAN Operation mode                              backup
FDB Update on Assoc                             Disabled
WMM Traffic Management Profile                  default
Anyspot profile                                 N/A

(Aruba7210) #
Version history
Revision #:
2 of 2
Last update:
‎05-20-2016 10:19 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: