Controllerless Networks

Reply
Frequent Contributor I

IAP 277 adding a mesh (point to point) to existing config

Good morning,

   I am working on configuring two IAP-277s to bring our network to an isolated trailer. We currently have an IAP cluster up on VLAN 10 (10.0.100.0/24) that is broadcasting 2 SSIDs and operating the Bridge off of a hidden SSID. I am having some trouble with getting this all to work.

Here is what the setup looks like:

quickmap.jpg

I followed a guide and have done the following:

-Add the mesh Access Point to the cluster. 

-Turn off Extended SSID

-Select the IAP in the cluster and change the Uplink to Ethernet Bridging Enabled.

-Reboot the IAP cluster.

-Move the Mesh Point IAP to the remote location and power it up.

Unfortunately, my cluster loses the IAP after moving it. (It's not a distance issue as I have this setup in a lab)

 

I have a few questions:

1)Can I connect the IAP to a POE switch? Some articles that I read are stating that the Eth0/Uplink port cannot be active in order for the bridge to work.

2)Can I use my existing cluster and add a mesh portal/point to it? Or do I need to add a whole new VLAN to my network?

 

Any input would be appreciated. Thank you

Re: IAP 277 adding a mesh (point to point) to existing config

Yes you can connect the IAP mesh point to a POE switch, the main thing to watch out for is that there is nothing on the remote/bidge side that is handing out IP addresses.

You shouldn't have an issue with adding a mesh point to an existing cluster, so long as the mesh point, mesh portal, and VC are all on the same Layer 2 network.

Jerrod Howard
Sr. Technical Marketing Engineer
Frequent Contributor I

Re: IAP 277 adding a mesh (point to point) to existing config

Thank you for the reply. I was able to make some headway on it as the Portal and Point are now communicating. 

Now I cannot get traffic to pass through the remote switch over to the datacenter. 1/2 way there :-P

 

I have the IAP plugged into a Trunked (native vlan 10, access to all others) but I cannot ping to or from the remote switch. I am, however, able to ping back to the datacenter from the Mesh Point IAP, but cannot ping from the remote Point IAP to the remote switch that it is directly connected to. Would this be something I need to change on the IAPs Ethernet 0 or would my switch be the suspect?

Re: IAP 277 adding a mesh (point to point) to existing config

Not sure, can you email me the config of your portal and point to jerrod.howard@hpe.com and I will try to look at it tomorrow. 

Jerrod Howard
Sr. Technical Marketing Engineer
Occasional Contributor I

Re: IAP 277 adding a mesh (point to point) to existing config

 

Hi, I am having an issue whereas the Mesh Point (remote AP) connects back to the Mesh Portal (Network Root AP) but remote network is unable to ping back to main Network.

 

Was this ever resolved?

Aruba Employee

Re: IAP 277 adding a mesh (point to point) to existing config

Frequent Contributor I

Re: IAP 277 adding a mesh (point to point) to existing config

net_sparrow - To clarify your remote access point is able to ping back to the network, but the switch connected to it cannot ping back, correct?

 

That was my problem and it ended up being a problem with either eth0 bridging not being enabled or a vlan mismatch on the remote switch and wired_port_profile on the remote access point. 

 

To test, I would recommend allowing all vlans on the wired port profile as well as the port on the switch that the access point connects to.

Frequent Contributor I

Re: IAP 277 adding a mesh (point to point) to existing config

Here is, kind of, the step-by-step I wrote after I figured out my setup:

Creating an Aruba IAP wireless bridge
1.	Bring up the IAP as a normal member of the cluster
2.	Static the IP and set a reservation
3.	Create a WIRED INTERFACE NETWORK on the cluster: native vlan X trunk ALL
4.	Assign the profile to port 0 on the cluster IAPs
5.	ON THE CLUSTER Set Extended SSID to DISABLED
6.	***REBOOT THE CLUSTER IF YOU HAD TO DO STEP 3 and/or 5***
7.	On the mesh POINT set the Uplink values to VLAN X and BRIDGE ENABLED
8.	Reboot the IAP in the current port.
9.	After a full reboot, disconnect the IAP and power it up on the remote switch
10.	On the POINT IAPs switch, set the PoE Profile “Upstream-TrunkPorts” to ENABLED(We use Aruba MAS switches, so this is more-or-less just setting the vlan to match the config on the IAP)
11.	On the POINT IAPs switch, set the port (0/0/0) to the “Upstream-TrunkPorts-Group” group (We use Aruba MAS switches, so this is more-or-less just setting the vlans to match the config on the IAP)

I used TRUNK ALL for the initial setup to ensure I could get communication, then I went back and locked it down to the proper VLANS. Hope it can help.


Occasional Contributor I

Re: IAP 277 adding a mesh (point to point) to existing config

I have been configuring similar setup last week.

Two IAPs 277 acting as a bridge between two locations, and in each location the respective AP is connected to a switch:

 

Switch====IAP(Mesh Portal) - - - wireless link - - - IAP(Mesh Point)=====Switch

 

Configuring Mesh Link is relatively easy:

  1. Starting from the factory default settings, let the IAPs form the initial cluster. 
  2. substitute the default Instant (SetMeUp) SSID with a new one, where Extended SSID option is disabled. (reboot required) extended-ssid.JPG
  3. enable ETH0 bridging on the IAP that is selected to be Mesh Point (reboot required).extended-ssid.JPG

After the reboot the mesh link between Mesh Portal and Mesh Point is up and running. You are also able to use the wireless link behind the Mesh Point in the remote location. However, as in my case, if want to use the wired connection behind the Mesh Point here comes the tricky part of the configuration. 

 

  1. Enabling ETH0 bridging option (step 3 above) to form the mesh link disables the wired link. If you want to use it, you have to enable it, and this is a bit hidden. Go to More->Wired  and check the wired profiles there. You have to either define your own wired profile on ETH0 or, as I did, modify the default_wired_profile and enable ETH0, as per default it is in the admin mode DOWN (reboot required).  wired-profile.JPGset the admin state to upset the admin state to up
  2. Last issue to check (may not affect all the setups) is to check on the switch from with the IAP is powered up in the remote location whether there is enough power assigned on that interface. In my case (8 port 2930, AOS-S 16.02) I had initially 25W and lldp on, and that was not sufficient to enable the ETH0 again - the IAP went into a reboot loop. Solution was to increase it to 30W and turn the LLDP off.

 

 

Occasional Contributor I

Re: IAP 277 adding a mesh (point to point) to existing config

Hi VincentArriola. Thankyou for your update and help on this issue.

 

I had already completed the setup as outlined in your email with the exception of  

 

7.            On the mesh POINT set the Uplink values to VLAN X and BRIDGE ENABLED

When I attempt this I lose all connectivity with the planned mesh POINT so have to revert the changed via CLI and reload.

 

10.          On the POINT IAPs switch, set the PoE Profile “Upstream-TrunkPorts” to ENABLED(We use Aruba MAS switches, so this is more-or-less just setting the vlan to match the config on the IAP)

 

11.          On the POINT IAPs switch, set the port (0/0/0) to the “Upstream-TrunkPorts-Group” group (We use Aruba MAS switches, so this is more-or-less just setting the vlans to match the config on the IAP)

 

With points 10 & 11 I am using HP switches and trunking all with a native VLAN 4 on the switch ports the Aruba APs connect to.

 

VLAN 4 = Management (switches/APs and Clients) -- this is going into an existing site so I am unable to change this although I know it’s not ideal.

 

VLAN 5 = VOIP network.

 

The mesh network between Master Portal and Slave Point establishes OK and I can ping from the Master network switch to the Slave mesh point on VLAN 4. For the VOIP VLAN 5 I can ping through from Master switch to Slave network and back again.

 

From the Slave Mesh Point I can ping the Master Portal, VLAN 4 and 5 back on the Master switch and any clients connected on the Master switch.

 

My problems:

 

From the Master network switch I am unable to ping anything past the Slave Point on VLAN 4. Traceroute produces no results. We need the ability to connect to the remote Slave Point from the remote switch should it become ‘stranded’ as both Aruba’s will be installed on roof tops. We also need to be able to see the switch and clients connected on VLAN4 on the Slave site.

 

I know the problem is likely to be with eth0 bridging and/or switch port configuration. VLAN 5 connection is OK whereas VLAN 4 is not. As I said earlier I attempted to change the uplink VLAN to 4 on the Slave mesh Point but lost connection so this was changed back to VLAN 0.

 

Please find attached my redacted show tech-support from both Master (mesh portal) and Slave (mesh point), switch and a schematic showing the setup.

 

Thank you for any assistance you can provide.

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: