06-02-2015 09:59 PM
I am using Aruba Controller 650 with AP105. When I connected to the WIFI, I am able to acces the internet fine. However, on my wired PC, I cannot access the Internet because DNS will not resolve (using 220.127.116.11/Google DNS). My wired PC and wifi connected PCs are on the same subnet.
Is there some default access privilege on the Controller for authenticated WIFI (allowall) vs wired access?
Thanks in advance.
06-03-2015 01:43 AM
Client traffic always processed according to the role mapped to that user. check which role is mapped to the wired client ensure both wired user role also same as Wireless.
Please feel free for any further help on this.
[Is my post helped you ? Give Kudos :) ]
06-03-2015 02:31 PM
Are you connecting to the 2nd ethernet port of an access point or connecting directly to one of the ethernet interfaces on the controller? Are the ethernet ports trusted or untrusted? Unless the ports are configured as untrusted their are no firewall rules associated with wired users. What device is acting as the DHCP server and did the wired client recieve the DNS IP address via DHCP options? If you have further questions regarding this issue please email me at firstname.lastname@example.org and I will be happy to assist you further.
06-03-2015 05:50 PM
The controller is connection like below.
Controller ----Switch --- AP --- laptop (wifi)
---------- desktop (wired)
The controller port is set to trusted and controller is acting at the DHCP server. DHCP did provide DNS server IP addresses.
I have no ACLs anywhere but on the controller.
06-09-2015 09:21 AM
So the desktop PC is connected to the switch and the controller is acting as the router? Does the wired PC mac show up in the controller's datapath bridge table and if so is it in the correct vlan? What is the default-gateway for the wired client and can the wired client ping it? I can't remember if you said this but are all the ports trusted on the controller? Do the configs match between the switch and controller uplink ports (both are access ports in the same vlan or both are trunks with the same allowed vlans)? It might be best to open a support case for this issue. If you would like I would be happy to work with you if you open a case. Please let me know if you would like to proceed with a case or continue to exchange replies on the forum.