12-08-2013 07:14 PM
When our client use their devices (Mobile Phone, Laptop...etc) connected to our Guest Network which has captive portal for Authentication, they can get the IP Address successfully but the captive portal sometimes cannot be prompted up. I tried to ping the gateway but request time out. The temporary solution is to Turn off the WiFi of this mobile device for a period and let the device get another IP Address.
Is there any option in Aruba Controller that need to be enable? Does anyone have some idea on this problem?
Here is some cnofiguration of our Aruba WiFi Network:
- The default gateway of the Clients, Access Point and contoller is the VLAN Interface in the Layer3 Switch
- We have 1 Master Controller and 1 Local Controller and all Access Points are mounted to the Local Controller
- All Controllers are running as trunk and directly connected to the Layer3 Switch.
12-08-2013 07:17 PM
Can you ping that address from the client when you are having issues?
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
12-08-2013 08:30 PM - edited 12-08-2013 08:31 PM
It could be a DNS inestability.
What DNS are you using?
If you cannot translate a name for example when the user pop up a webpage if the computer at that momment cannot translate for example www.google.com it wont display the captive porta...
So check that. I had clients using crappy DNS from their ISPs and this kind of thing use to happen to them.
I told them to change them to another one maybe the google ones 18.104.22.168 and well it stop happening to them..
Im not telling you its this but it could be though.
If you can check yourself and if it happens to you check if you can translate names when it doesnt work with ping... doing ping to www.cnn.com or stuff like that.
Correct DNS funtionality is really imporant for the captive porta... if DNS does not work properly the captive portal doesnt work either. IF DNS works now and then, then the captive portal will work now and then.
IF you seee this behavior just happen with apple devices try this
Product Manager - Aruba Networks
12-08-2013 08:39 PM
When a device fails to bring up captive portal, what is the state of the device? What role does the device have when captive portal fails? Is it able to do anything?
Also, what happens if you type http://22.214.171.124 as a URL? If Captive Portal loads, then it is a DNS issue.
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX
12-09-2013 06:34 AM
I've come across this a few times and it was due to a combination of a high user idle timeout and prohibit IP spoofing. Basically, a guest would disconnect from the SSID and release his IP. A new guest would connect and receive the same IP before the previous guest timed out of the user table. If IP spoofing is detected by the controller, it will be logged: show log all | inc ip_address_here. I forget the message, but it will be obvious. If you don't see any messages indicating a spoofed IP, check the user table to see if the problem client has an entry: show user-table | inc ip_address.
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
12-09-2013 08:09 PM
Thank you for all replies, I will tried to test in the above methods if the problem occurs.
I have also find a post in this forum http://community.arubanetworks.com/t5/Unified-Wire