Controllerless Networks

Reply
Regular Contributor II
Posts: 226
Registered: ‎10-29-2014

DNS response code 5: refused , for wireless users

[ Edited ]

Hey All,

Facing issue with wireless users. Domain lookup is not happening for them, thus causing no internet.

We configured IAP internal DHCP server along with google public DNS. Users are getting correct IP and able to ping 8.8.8.8  but not able to resolve the domain name.

When I am connecting to the wired port with same IP configuration I am able to do #nslookup with success.

I have done dns debug for the users and its saying "response code: refused(5)" , nothing is blocking in Firewall.

Attached is the log file.

 

Guru Elite
Posts: 21,499
Registered: ‎03-29-2007

Re: DNS response code 5: refused , for wireless users

Is it possible that you have "internal-domains" set?  http://www.arubanetworks.com/techdocs/Instant_42_WebHelp/InstantWebHelp.htm?_ga=1.43038629.1615771646.1440445030#CLI_commands/internal-domains.htm?Highlight=domain



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor II
Posts: 226
Registered: ‎10-29-2014

Re: DNS response code 5: refused , for wireless users

Nope,Its not configured.
Guru Elite
Posts: 21,499
Registered: ‎03-29-2007

Re: DNS response code 5: refused , for wireless users

Do you have a toplogy diagram?

How are these users getting to the internet?

What is the client default gateway?

We are missing detail here.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor II
Posts: 226
Registered: ‎10-29-2014

Re: DNS response code 5: refused , for wireless users

IAP > L2 sw > L3 sw > Firewall.
Firewall is the gateway for the client.
Aruba Employee
Posts: 240
Registered: ‎03-26-2013

Re: DNS response code 5: refused , for wireless users

Hi SumaN,

 

Please configure the same DNS server for the IAP as well & then test the client connectivity.

Aruba Employee
Posts: 240
Registered: ‎03-26-2013

Re: DNS response code 5: refused , for wireless users

Hi SumaN,

IAP proxies all DNS requests for the clients in this mode.

 

If you configure an asterisk (*) instead of a domain name in the enterprise domain list, all DNS requests areforwarded to the default DNS server of the client. If you want all DNS requests to be processed by the DNS server of the client, configure an asterisk (*) in the enterprise domain setting.

 

So, we have the following options:

 

1. Configure the DNS server to be same for IAP & Client.

2. In case we do not have DNS configured for the IAP, then configure an asterisk (*) in the enterprise

domain settings which will allow all the DNS request to be processed by the DNS server of the client.

Regular Contributor II
Posts: 226
Registered: ‎10-29-2014

Re: DNS response code 5: refused , for wireless users

Thanks Nitesh,
I configured '*' under enterprise domain and it started to work.
Aruba Employee
Posts: 240
Registered: ‎03-26-2013

Re: DNS response code 5: refused , for wireless users

Hi SumaN,

 

Thank you for confirming that things are workin as expected.

Search Airheads
Showing results for 
Search instead for 
Did you mean: