Wireless Access

Reply
Occasional Contributor II

AP-93H Split Tunnel Port

I am trying to setup an AP-93H with split tunnel on the ports so that the traffic is not tunneling back to the controller, and just going from the controller locally.

 

I followed a guide I received from TAC, and when the user connects, they are put in the NAT vlan with the correct role, however they never get the captive portal to login.  I have entered the IP address of the wireless controller and even that will not show a login page, I just get a timeout.

 

Thanks for any assistance you can provide.

Guru Elite

Re: AP-93H Split Tunnel Port

Are you doing split tunnel captive portal?  Can you at least ping the controller's ip address?

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Occasional Contributor II

Re: AP-93H Split Tunnel Port

Yes, I can do DNS lookups and ping but it will not display the portal.

 

Guru Elite

Re: AP-93H Split Tunnel Port

Is the captive portal interface on the controller the same as the controller's management interface, or do you have a separate vlan for captive portal?
******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Occasional Contributor II

Re: AP-93H Split Tunnel Port

I have a vlan setup on the controller (21) that is setup as a source NAT.  There is an ip on the controller for that vlan as well.

Guru Elite

Re: AP-93H Split Tunnel Port

Does the user get into a role with the Captive Portal ACL?

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Occasional Contributor II

Re: AP-93H Split Tunnel Port

Yes, they are put into the correct login role with the acls applied for redirection.

Guru Elite

Re: AP-93H Split Tunnel Port

You should then type "show datapath session table <ip address of client>" on the commandline of the controller to see what traffic is being passed during the redirect, or if traffic is being denied.

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: