Controller-less WLANs

 View Only
last person joined: one year ago 

Articles relating to existing and legacy HPE Aruba Networking products and solutions including IAP, Central / HPE Aruba Networking Central, MSR, and Outdoor Mesh
Back to Library

How to configure an IAP as a Wifi client though both CLI and GUI? 

Jul 03, 2014 10:12 PM

Instant AP supports Ethernet, 3G/4G USB and Wi-Fi as the uplinks. USB modems and the Wi-Fi uplink can be used to extend the connectivity to places where an Ethernet uplink cannot be configured. It also provides a reliable backup link for the Ethernet based Instant networks.

Wi-Fi uplink lets user configure any accessible wireless network as uplink for IAPs. Users can now build self contained IAP VPN networks in a hotel room to connect all their personal devices and use the existing hotel WiFi connection for uplink.

 

  • Wi-Fi uplink is supported only by the master/ virtual controller (VC).
     
  • Uplink priority can be configured between Ethernet, Wi-Fi and 3G/4G.
     
  • Allows the master IAP to establish WPA2, WPA and Open Wi-Fi uplinks.
     
  • For single radio IAPs, the radio serves wireless clients and the Wi-Fi uplink.
     
  • For dual radio IAPs, both radios can be used to serve, clients but only one of them can be used for the Wi-Fi uplink, either 2.4Ghz or 5GHz.

Environment : This article applies to all Aruba Instant Access Points running Aruba InstantOS.


(Support for an IAP associating to an other IAP as Wi-Fi uplink is introduced from 6.2.1.0-3.3.0.0)

 

 

Wi-Fi uplink can be configured on the virtual controller in a few easy steps:

 

  1. Open Instant GUI and login with admin credentials.
  2. Click on "System" from the Main Menu at the top right.
  3. At the bottom of the "System" window click on "Show Advance Options". As shown below:
  4. Click on the "Uplink" tab
  5. Under Wi-Fi Section, configure the settings:

rtaImage.jpg

 

Name(SSID): Name of the wireless network that the IAP would be connecting to.

Key Management: Select the type of encryption. WPA-2 Personal, WPA Personal or Open

Passphrase Format: Characters or Hexadecimal.

Passphrase: Password for wireless network that the IAP is connecting to. Password should be minimum of 8 characters.

Band: Wi-Fi radio.  2.4GHz or 5.0GHz



6. Click OK.

 



Below screenshot would help to configure it via CLI:
 
rtaImage (1).jpg
 
Below are the command formats:

essid <Name of the wireless network>

cipher-suite <key management>
  • For Open:  clear
  • For WPA-2: wpa2-ccmp-psk
  • For WPA: wpa-tkip-psk
uplink-band  <wireless band>
  • For 2.4GHz:  dot11g
  • For 5GHz: dot11a
wpa-passphrase  <password for wireless network>
 
 
Configuration can be verified from GUI and CLI. Below screenshots help us to verify:

From GUI:
  1. Open Instant GUI and login with admin credentials.
  2. From the top right-menu, point to "More" and then click on "Support".

rtaImage (2).jpg

From CLI:

SSH into Master IAP and execute the below command:

#show wifi-uplink config
 
rtaImage (3).jpg
 
Below command is also useful to know if the Wi-Fi Uplink is configured and active:

# show wifi-uplink status
 
rtaImage (4).jpg
 
Below command helps to troubleshoot if any issues with Wi-Fi uplink:
  • "Show wifi-uplink status" command would help to check the status of the W-Fi uplink. As we see in the below image, the connection is enabled and in running state.

rtaImage (5).jpg

 

This can verified from GUI as well. Open Instant GUI and login with admin credentials.

 

 

rtaImage (6).jpg

 

"show wifi-uplink auth"  shows the auth log of IAP's association to Wi-Fi uplink.

 

IAP-MASTER# show wifi-uplink auth
 
----------------------------------------------------------------------
wifi uplink auth configuration:
----------------------------------------------------------------------
ctrl_interface=/tmp/sta_supplicant_ctrl
ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=1
network={
ssid="AndroidAP"
scan_ssid=1
proto=WPA RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk="twjc1652"
priority=9
}
----------------------------------------------------------------------
wifi uplink auth log:
----------------------------------------------------------------------
[1096]2000-01-01 00:00:47.192: Global control interface '/tmp/supp_gbl'
[1096]2000-01-01 04:09:49.022: CTRL_IFACE GLOBAL INTERFACE_REMOVE 'aruba101'
[1096]2000-01-01 04:09:49.022: CTRL_IFACE GLOBAL INTERFACE_ADD 'aruba101        /aruba/bin/wpa_sta_supplicant.conf      madwifi "Androi
[1096]2000-01-01 04:09:49.224: wpa_supplicant_add_iface   2626  wifi-uplink
[1096]2000-01-01 04:09:49.225: wpa_sapd_socket_init  2889
 
[1096]2000-01-01 04:09:49.225: wpa_sapd_socket_tx_radio_used  2948
 
[1096]2000-01-01 04:09:50.026: RX ctrl_iface - hexdump_ascii(len=11):
     52 45 43 4f 4e 46 49 47 55 52 45                  RECONFIGURE
[1096]2000-01-01 04:09:50.219: State: DISCONNECTED -> SCANNING
[1096]2000-01-01 04:09:50.219: Scan results: 0
[1096]2000-01-01 04:09:53.442: Scan results: 1
[1096]2000-01-01 04:09:53.443: Trying to associate with 38:aa:3c:39:8e:8b (SSID='AndroidAP' freq=2437 MHz)
[1096]2000-01-01 04:09:53.443: keys cleared. Forcing clear again
[1096]2000-01-01 04:09:53.443: State: SCANNING -> ASSOCIATING
[1096]2000-01-01 04:09:53.467: Calling w_s_initiate_eapol
[1096]2000-01-01 04:09:53.477: wpa_supplicant_event_assoc: 00:00:00:00:00:00
[1096]2000-01-01 04:09:53.477: State: ASSOCIATING -> ASSOCIATED
[1096]2000-01-01 04:09:53.477: wpa_sapd_socket_tx_radio_channel  2986
 
[1096]2000-01-01 04:09:53.477: Associated to a new BSS: BSSID=38:aa:3c:39:8e:8b
[1096]2000-01-01 04:09:53.477: keys cleared. Forcing clear again
[1096]2000-01-01 04:09:53.477: Associated with 38:aa:3c:39:8e:8b
[1096]2000-01-01 04:09:53.478: WPA: Association event - clear replay counter
[1096]2000-01-01 04:09:53.519: IEEE 802.1X RX: version=2 type=3 length=95
[1096]2000-01-01 04:09:53.519:   EAPOL-Key type=2
[1096]2000-01-01 04:09:53.519:   key_info 0x8a (ver=2 keyidx=0 rsvd=0 Pairwise A
[1096]2000-01-01 04:09:53.519:   replay_counter - hexdump(len=8): 00 00 00 00 00
[1096]2000-01-01 04:09:53.519:   key_nonce - hexdump(len=32): 34 24 42 77 b4 25
[1096]2000-01-01 04:09:53.519:   key_iv - hexdump(len=16): 00 00 00 00 00 00 00
[1096]2000-01-01 04:09:53.520: State: ASSOCIATED -> 4WAY_HANDSHAKE
[1096]2000-01-01 04:09:53.520: WPA: RX message 1 of 4-Way Handshake from 38:aa:3
[1096]2000-01-01 04:09:53.520: l2_packet_send:l=121 p=0x888e
[1096]2000-01-01 04:09:53.520: Sending fd=7 L=153
[1096]2000-01-01 04:09:53.526: IEEE 802.1X RX: version=2 type=3 length=151
[1096]2000-01-01 04:09:53.526:   EAPOL-Key type=2
[1096]2000-01-01 04:09:53.526:   key_info 0x13ca (ver=2 keyidx=0 rsvd=0 Pairwise
[1096]2000-01-01 04:09:53.526:   replay_counter - hexdump(len=8): 00 00 00 00 00
[1096]2000-01-01 04:09:53.526:   key_nonce - hexdump(len=32): 34 24 42 77 b4 25
[1096]2000-01-01 04:09:53.527:   key_iv - hexdump(len=16): 00 00 00 00 00 00 00
[1096]2000-01-01 04:09:53.527: State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
[1096]2000-01-01 04:09:53.527: WPA: RX message 3 of 4-Way Handshake from 38:aa:3
[1096]2000-01-01 04:09:53.527: l2_packet_send:l=99 p=0x888e
[1096]2000-01-01 04:09:53.528: Sending fd=7 L=131
[1096]2000-01-01 04:09:53.528: State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
[1096]2000-01-01 04:09:53.528: WPA: Key negotiation completed with 38:aa:3c:39:8
[1096]2000-01-01 04:09:53.528: State: GROUP_HANDSHAKE -> COMPLETED
[1096]2000-01-01 04:09:53.529: CTRL-EVENT-CONNECTED - Connection to 38:aa:3c:39:
[1096]2000-01-01 04:09:53.529: inform_wifi_uplink_status  632  informing wifi-up

 

Therefore based on the stages, we can identify where the connection is stuck and  resolve the problem.
 
 

 

 

 

Statistics
0 Favorited
8 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.