Wireless Access

Reply
Contributor I

3200 Controller Taking Over Name Resolution

Hello All... I have a client who has a 3200 controller and AP105s in the field. We have an issue with only wireless clients... When they try and go to the organizations website (yourname.org) they end up at the Aruba controller... if they try it wired, they go where they are supposed to go. NSLOOKUP in wireless and wired clients reflect a different answer when I lookup the name, and the wireless answer is a Non-Authoritative answer but says it is from the correct DNS server. Where would would this be in the controller? Thanks in advance!

Re: 3200 Controller Taking Over Name Resolution

Is the VLAN trusted on port ?
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Contributor I

Re: 3200 Controller Taking Over Name Resolution

Hi Victor,
  Thanks for you reply.

What do you mean is the VLAN trusted on port?  They are configured on one flat VLAN with wired and wireless is that helps..

Re: 3200 Controller Taking Over Name Resolution

If you can take at the controller interface :
interface gigabitethernet 0/0/0
description "GE0/0/0"
trusted
trusted vlan 1,10
switchport mode trunk

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Contributor I

Re: 3200 Controller Taking Over Name Resolution

Victor,
   Yes, I believe it is -- I'm attaching screenshot of the port settings.

 

Screen Shot 2015-02-06 at 11.44.37 AM.png

Re: 3200 Controller Taking Over Name Resolution

Port Config looks good
Can you shared the following :
- show user <user IP address>
- show rights <user-role that the devices are getting>
- show ap licenses-usage

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Contributor I

Re: 3200 Controller Taking Over Name Resolution

Here is a show user and a sampling of 3 users:

172.19.10.156  70:56:81:8a:6d:95  aimguest          authenticated  00:03:31    802.1x            4th-Tech-01        Wireless  AIM/24:de:c6:45:08:78/a-HT        AIM-8021x      tunnel        OS X

172.19.10.130  2c:be:08:f1:52:f2  bcummings         authenticated  00:00:11    802.1x            1st-Stairwell-01   Wireless  AIM/00:24:6c:b1:89:18/a-HT        AIM-8021x      tunnel        OS X

172.19.10.135  00:23:6c:93:4e:44  sadams            authenticated  00:00:43    802.1x            2nd-201-01         Wireless  AIM/00:24:6c:b1:80:80/g-HT        AIM-8021x      tunnel        OS X

 

Show Rights:

RoleTable

---------

Name              ACL  Bandwidth                  ACL List                                       Type

----              ---  ---------                  --------                                       ----

ap-role           4    Up: No Limit,Dn: No Limit                                                 System

authenticated     22   Up: No Limit,Dn: No Limit  allow-all/                                     User

default-via-role  21   Up: No Limit,Dn: No Limit                                                 User

guest             3    Up: No Limit,Dn: No Limit  guest/                                         User

guest-logon       6    Up: No Limit,Dn: No Limit  captiveportal/,logon-control/,captiveportal6/  User

logon             1    Up: No Limit,Dn: No Limit  captiveportal6/                                User

stateful-dot1x    5    Up: No Limit,Dn: No Limit                                                 System

sys-ap-role       7    Up: No Limit,Dn: No Limit  sys-control/,sys-ap-acl/                       System (not editable)

 

Show AP:

AP Licenses

-----------

Type                      Number

----                      ------

AP Licenses               36

PEF Licenses              32

Overall AP License Limit  32

 

AP Usage

--------

Type            Count

----            -----

CAPs            29

RAPs            0

Tunneled nodes  0

Total APs       29

 

Remaining AP Capacity

---------------------

Type  Number

----  ------

CAPs  3

RAPs  3

 

Contributor I

Re: 3200 Controller Taking Over Name Resolution

I thought this was interesting, too -- here's a screenshot of the AP stats in the web interface that shows the controller as being the domain name, instead of aruba-master... or an IP address, which is what I've worked with in the past...  

Seems like maybe where that is set might be the key?

 

Screen Shot 2015-02-06 at 12.21.14 PM.png

Guru Elite

Re: 3200 Controller Taking Over Name Resolution

bsarte,

 

Did the organization replace the controller's web (SSL) certificate with one that has aimpa.org in the name? 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: 3200 Controller Taking Over Name Resolution

Hi cjoseph -- looking in the controller I see a certificate for the domain name...  attaching screen shot... 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: