Remote Networking

Reply
Occasional Contributor II
Posts: 60
Registered: ‎01-19-2011

Unable to ping default gateway in bridge mode.

Hello,
I've set up a lab where in my controller is residing in the HQ and an AP at remote branch. I set up bridge mode where the AP will be the dhcp server for the clients. I have vlans 1, 2 and 10 inside controller. So I setup the VAP vlan as 2, Remote AP DHCP server VLAN in AP system Profile as 2 also, and Native VLAN ID inside AP system Profile as 4093(not inside my controller).

Here is my problem:
From my 2nd laptop I can associate to the SSID and CAN get IP address from the DHCP server that is configured in the AP, however I can't ping the default gateway (which is the AP). I have set my Session ACL as "allowall"

While the client is connected, I tried to change the Native VLAN in AP system profile to 2 and the remote AP dhcp server vlan to 10. From this change I can ping the AP and controller. But when I disconnect and connect back I can't get an IP address anymore.

Have anyone experience this before? I Appreciate any help.

My topoly is:
Aruba MC ------> Cisco Switch ------> Cisco Router ------> AP


Thank you so much.
Guru Elite
Posts: 21,259
Registered: ‎03-29-2007

Re: Unable to ping default gateway in bridge mode.

Imus_rl,

If traffic on an SSID is bridged, it does not come back to the controller. It only exists on the AP that it is on. If the VAP VLAN ID matches the Native VLAN ID, it will be bridged to the ethernet port of the AP, without 802.1q tagging any of the user traffic before sending it to the ethernet port. If the VAP VLAN ID of the user traffic does NOT match the Native VLAN ID, it will tag the user traffic with 802.1q. If the switch is NOT a trunk and the user traffic is tagged, it will probably be discarded by the switch. So, to make a long story short, if you only want to bridge traffic, the Virtual AP vlan must match the Native VLAN ID of the AP system profile. If you have that access point on a trunk port on a switch and the VAP VLAN does not match the Native VLAN ID, the AP will tag the user traffic and switch it to the VLAN specified in the VAP on that wired port.

When you change the VLAN ID of the VAP, the user in the user table is still in the same VLAN, so it probably cannot pass traffic. You would have to disconnect the user with the "aaa user delete" command for the user to get the new settings.

Please see the article here: http://airheads.arubanetworks.com/vBulletin/showthread.php?t=2105 for a better explanation.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 60
Registered: ‎01-19-2011

Re: Unable to ping default gateway in bridge mode.

Hi Colin,

Now I understand. But if I'm only going to bridge traffic, then i can't make the AP as DHCP server because under the AP system profile the controller doesn't allow me to input same values in Native VLAN and Remote AP DHCP server VLAN. I guess I need to redesign my topology. Thanks colin.
Guru Elite
Posts: 21,259
Registered: ‎03-29-2007

Re: Unable to ping default gateway in bridge mode.

Describe what you are deploying and we will come up with a solution.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 60
Registered: ‎01-19-2011

Re: Unable to ping default gateway in bridge mode.

I'm deploying Aruba in a company where they have two branches. Currently Branch_1 has aruba wireless running and Branch_2 is all running on cisco autonomous. Now they have decided to standardize their wireless and install Aruba as well. So what's going to happen is that they have Aruba Controller in Branch_1 and another controller in Branch_2 as they have purchased already. For us there's no problem that's fine. But what they want to happen is when the controller in Branch_1 is down, the APs will home to Branch_2 and vice versa. I have been told by some engineers that it's not possible and I think they're right.

Do you have any suggestion or solution for this? What I can think of is that we reside both controllers in one branch in a Master-Local or Master-Master setup and all APs will home here. But if you have a better suggestion I'll very much appreciate it.
Thanks.
Guru Elite
Posts: 21,259
Registered: ‎03-29-2007

Re: Unable to ping default gateway in bridge mode.

There are a number of ways to configure this. The Campus Validated Reference Guide has a section on redundancy. That guide can be found here: http://www.arubanetworks.com/technology/reference-design-guides/


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 60
Registered: ‎01-19-2011

Re: Unable to ping default gateway in bridge mode.

Hi Colin,

Sorry for openning this thread again. As you've mentioned above I can plug the AP in a trunk port for it to tag traffic. But as soon as I did it the AP won't home to my controller. Do I have to make the AP a trunk as well? Or is there a procedure on how to do it?

Thank you .
Guru Elite
Posts: 21,259
Registered: ‎03-29-2007

Re: Unable to ping default gateway in bridge mode.

Please make sure that the Native Vlan on your switch port matches the one on your access point.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: