Controllerless Networks

last person joined: 2 days ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

All wireless traffic appears to be coming from Master AP

This thread has been viewed 4 times

  • 1.  All wireless traffic appears to be coming from Master AP

    Posted May 17, 2018 07:07 PM

    There is probably a simply solution to this but for the life of me, I can't think of what it is.

     

    So the scenario is:  We have a remote location with 60'ish IAPs.  Mixture of 204s and 205s.  We're trying to set up 3 separate SSIDs for the users on 3 separate VLANs...

    Data - VLAN 10 - 10.10.10.x - DHCP is network assigned

    Voice - VLAN 20 - 10.10.20.x - DHCP is network assigned

    Public - VLAN 30 - 10.10.30.x - DHCP is controller assigned

     

    We have a firewall sitting at the edge of the network that is supposed to direct the traffic based upon IP address, 10.10.10.x and 10.10.20.x go over MPLS... 10.10.30.x out the internet connection.

     

    It hasn't worked since we tried setting it up.  While investigating the problem, we noticed that the only IP address that the firewall sees is the Master AP (10.10.10.1).  So to the firewall, it thinks all traffic is coming from 10.10.10.1.  Makes it hard to segregate off the public traffic!

     

    Why is this happening and how do I correct it?  Thanks.

     



  • 2.  RE: All wireless traffic appears to be coming from Master AP

    Posted May 17, 2018 07:16 PM

    Which is very aggravating to our end users at this locations...

     

    John Smith connects his iPhone to "Public" and is issued a 10.10.30.67 IP address from the AP.  He tries to navigate to facebook.com and the firewall says "Oh, you're 10.10.10.1 (master AP), I'm sending you over the MPLS!"  When his traffic runs into the main firewall at Headquarters, it blocks him because 1) His iPhone is not an authenticated domain system 2) Facebook is not allowed on corporate's private network.



  • 3.  RE: All wireless traffic appears to be coming from Master AP

    EMPLOYEE
    Posted May 17, 2018 07:19 PM

    Please see the 5-minute video here :  http://community.arubanetworks.com/t5/Video/Video-Virtual-Controller-Assigned-IP-Address/ta-p/172708

     

    I hope it sheds light on your issue.



  • 4.  RE: All wireless traffic appears to be coming from Master AP

    Posted May 17, 2018 07:31 PM

    That video shows how to set up a DHCP server within an instant network.  On the Virtual Controller, we have a DHCP server set up with a local DHCP scope.

     

    As in my example above... John Smith is assigned a DHCP address from the VC.  His iPhone gets the address 10.10.30.67.  The problem is, when his traffic gets to the firewall, the traffic is telling the firewall that it is coming from 10.10.10.1 (the master AP), so it gets directed to the wrong WAN provider.



  • 5.  RE: All wireless traffic appears to be coming from Master AP

    EMPLOYEE
    Posted May 17, 2018 08:02 PM

    Virtual Controller assigned always NATs the traffic out of the ip address of the VC.  It would have to be "Network Assigned" to NOT nat it out of the Virtual Controller.  Your network assigned VLANs should just be bridged to the local network tagged out of each access point's interface.



  • 6.  RE: All wireless traffic appears to be coming from Master AP
    Best Answer

    EMPLOYEE
    Posted May 17, 2018 08:03 PM

    If the VLAN is Virtual Controller assigned, it is "behind" the instant AP virtual controller.  It would have to be Network Assigned to NOT be natted.  I hope that makes sense.



  • 7.  RE: All wireless traffic appears to be coming from Master AP

    Posted May 17, 2018 08:58 PM
    I have a network of 4 Aruba Ap controlled by a controller with a static IP of 176.16.5.10. To login via wireless I'd have to give my system an ip of 176.16.5.199, I reassigned it to dhcp and can't seem to be able to enter my controller via same route. Any help please, presently my network is down, I did this cuz of IP conflict.


  • 8.  RE: All wireless traffic appears to be coming from Master AP

    EMPLOYEE
    Posted May 18, 2018 11:30 AM
    @Lawdrickywrote:
    I have a network of 4 Aruba Ap controlled by a controller with a static IP of 176.16.5.10. To login via wireless I'd have to give my system an ip of 176.16.5.199, I reassigned it to dhcp and can't seem to be able to enter my controller via same route. Any help please, presently my network is down, I did this cuz of IP conflict.

    If your network is down, please contact Aruba TAC for immediate support. 

     

    http://www.arubanetworks.com/support-services/contact-support/



  • 9.  RE: All wireless traffic appears to be coming from Master AP

    Posted May 18, 2018 10:15 AM

    Is there any way to disable this functionality?  Can we have VC assigned IP addresses WITHOUT NAT'ing the addresses to the VC?



  • 10.  RE: All wireless traffic appears to be coming from Master AP

    Posted May 18, 2018 10:38 AM

    I believe the quick answer to that is no.  If you are using a DHCP scope on the cluster/VC itself, it will NAT through the IP of the IAP.