Wireless Access

last person joined: 9 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Accessing Master from one subnet

This thread has been viewed 2 times

  • 1.  Accessing Master from one subnet

    Posted Jun 25, 2014 10:06 AM

    I have noticed that one of the subnets cannot ping/ssh/web to the master controller. On that subnet, we can get to everything else on the entire network except for the master controller. The master and local our on the same subnet. Any ideas why this is happening?



  • 2.  RE: Accessing Master from one subnet

    EMPLOYEE
    Posted Jun 25, 2014 10:19 AM

    We need more information.  What type of host is this that is trying to connect?  Is it wired or wireless?  Did you do a traceroute to the master or ping each hop in between?

     



  • 3.  RE: Accessing Master from one subnet

    Posted Jun 25, 2014 10:40 AM

    The devices are all wireless. The devices are laptops or wireless workstations. I cannot ping/ssh/ web/trace route to it. But I can ping the switch in between the local and the master. It is only one switch in between the 2 controllers. From all other wireless subnets, i can get to the master.



  • 4.  RE: Accessing Master from one subnet

    Posted Jun 25, 2014 06:28 PM
    what is the gateway of that subnet ? and what is the gateway or default route of the contollers ? make sure those 2 subnets are having routes pointing to each other from the layer 3 device.

    Start from the controller and move towards the gateway of the controller's IP and from their start troubleshooting... also check what role those clients are getting and if there is any deny rule matching the controllers IPs or subnet.

    from those clients Can you reach or ping any other device from the same subnet as the controllers ?


  • 5.  RE: Accessing Master from one subnet

    Posted Jun 25, 2014 07:38 PM

    Yes, more info. Is the IP address of the controller in the same subnet as your wireless client? Any ACL's being applied to the user role?



  • 6.  RE: Accessing Master from one subnet

    Posted Jun 26, 2014 11:15 AM

    The Master and Local controller are on one subnet and the clients are on another. The clients gateway is the controller. The controllers have routes to the core and the core has routes to the controllers.  The puzzling thing is I can get to the local controller which is on the same subnet as the master. There are no ACLs that prevent the clients to get to the master.



  • 7.  RE: Accessing Master from one subnet
    Best Answer

    EMPLOYEE
    Posted Jun 26, 2014 11:28 AM

    Probably the reason why is that the default gateway for that client is the local controller.  

     

    The local controller has a route to the master that is the ipsec tunnel between them.  The master controller's return route to the client is probably not over the tunnel.  You may have a case of asymetric routing due to the fact that the default gateway of the client is the controller...



  • 8.  RE: Accessing Master from one subnet

    Posted Jun 26, 2014 11:26 AM

    Simply Changed the AAA profile to Authentciated in inital role for your SSIDs you wnat to be aple to do all of this through wireless and make sure you disable the STP on all controllers connected to switches run STP and you will get everything work well also know your network well.