Controller Based WLANs

What is the RAP Local Client Access feature?

Aruba Employee

Product and Software: This article applies to all Aruba controllers and ArubaOS 5.0 and later.

Consider remote clients in separate VLANs that are associated to the same RAP. Typically, when these clients communicate with each other, their traffic must go back to the controller.


A peer-to-peer application like VoIP has higher latency in this situation.


Currently the Aruba controller allows direct peer-to-peer access by clients in split or bridge forwarding modes on the same RAP. This access is allowed even if the clients are in separate VLANs, but custom firewall rules are needed.


The RAP Local Client Accessfeature provides an easy configuration process to enable local access for clients on a RAP, without requiring custom firewall rules.


RAP Local Access is enabled from the AP system profile for each AP group.


To enable:
configure terminal ap system-profile <ap-profile> rap-local-network-access

To disable:
configure terminal ap system-profile <ap-profile> no rap-local-network-access


To show the status of RAP Local Access:
#show ap system-profile default

AP system profile "default"
---------------------------
Parameter Value
--------- -----
LMS IP N/A
........ ......
Remote-AP Local Network Access Enabled

If the RAP Local Access feature is enabled and two clients are behind the same RAP, the sessions between them should not appear on the controller. Instead, the sessions between them should appear on that AP with the destination pointing to "local" and the redirect (R) flag set for that session.

 

1167_image001.jpg

 

These two clients on the RAP should also have route-cache entries.

 

1167_image002.jpg

Version history
Revision #:
1 of 1
Last update:
‎07-04-2014 01:45 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.