Controllerless Networks

Hello.

I ran into a peculiar situation with our IAP225 (6.4.2.0-4.1.1). It has an ip-address from our internal

DHCP-server and we have assigned a static DNS entry for the VC ip-address. Now everything works

smoothly outside the wlan networks but once you are logged into our Aruba hosted wlan networks

and try to reach the management via the dns name it returns a wrong address and the management

is not reached properly.

For clarification let's pretend we have a network of 192.168.10.0/24 and the vc iap is 192.168.10.5 with the vc ip-address of 192.168.10.4. The DNS name aruba.comppany.ds is bound to 192.168.10.4 and is working properly from the wired network. Once you're on the wlan and try to reach for aruba.company.ds an ip-address of 172.38.98.1 and an https error is returned for false site. The only occurance of this mysterious ip I can find is from sh ip route on the vc iap:

aruba.company.ds# sh ip route
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
172.31.98.0 0.0.0.0 255.255.254.0 U 0 0 0 br0
0.0.0.0 10.55.2.1 0.0.0.0 UG 0 0 0 br0

This can even be observed by using nslookup on the client logged into the wlan. So my guess is the IAP is doing some DNS manipulation but I haven't asked it to do anything remotely connected. Can someone shed some light into the matter? Is this some Aruba quirk or is my system going haywire?

Thanks in advance!

You are not using 4.1.1.9 are you?

ArubaOS (MODEL: 225), Version 6.4.2.6-4.1.1.10

What happens when you try to reach it using  just the ip address of the VC?

Did you upload a certificate to the IAP with the same hostname?

I had the same issue and it was because IAP had a cert with the same name  as the destination I was trying to reach.

Yes the IAP has a corresponding certificate.

DNS-name=aruba.comppany.ds
DNS-name=aruba
DNS-name=192.168.10.4

Isn't that the way it is supposed to be if you want the https-site to work properly from the vc ip-address?