Remote Networking

Reply
Frequent Contributor II
Posts: 104
Registered: ‎02-25-2011

RAP2 connection reliability

Hi,

My boss likes to turn off his RAP2 at home when he's not using it. It seems that when he does this, it's very hit and miss whether the RAP will establish a tunnel when it's turned back on.

Are there any known issues with repeatedly turning the RAP on and off, for example let's say 3 times in the space of 4 hours ?

How can I debug why the RAP is not establishing a connection to the controller ?

We are running code 6.1.2.0

Thanks

Lee
Guru Elite
Posts: 21,541
Registered: ‎03-29-2007

Re: RAP2 connection reliability

You could use "show datapath session table | include 4500" on the controller to see when the RAP5 first initiates IPSEC traffic. You can then use "show crypto ipsec sa" to see when it makes the security association. The rap2 is a low-powered device and take about 3 minutes to come up every time, so that needs to understood.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor II
Posts: 104
Registered: ‎02-25-2011

Re: RAP2 connection reliability

Thanks for your response Joseph,

Unfortunately, I'm in the UK, and my boss is in the US, I'd rather not have him phoning me in the middle of the night when he can't connect :)

Hence, I'd like to set some debugs up on the controllers to log his connection attempts and try to ascertain what's happening.

I've setup ap-debug logging for his RAP's MAC address, is there any other debugging I should be doing to assist with troubleshooting this.

Regards,

Lee
Guru Elite
Posts: 21,541
Registered: ‎03-29-2007

Re: RAP2 connection reliability


Thanks for your response Joseph,

Unfortunately, I'm in the UK, and my boss is in the US, I'd rather not have him phoning me in the middle of the night when he can't connect :)

Hence, I'd like to set some debugs up on the controllers to log his connection attempts and try to ascertain what's happening.

I've setup ap-debug logging for his RAP's MAC address, is there any other debugging I should be doing to assist with troubleshooting this.

Regards,

Lee




Unfortunately, until the access point actually makes the connection, it cannot send any logs. The two commands are useful only in realtime. Alternatively, you can use the following commands to view to ike setup of that AP:

config t
logging level debugging security subcat ike

then do:

show log security 50

or just send the logs to an external device so that you can see what happens when he tries to connect.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: