Wireless Access

Reply
Contributor I
Posts: 25
Registered: ‎12-29-2011

Bridge/Persistent Configuration

Multiple controller setup with RAP's. One 802.1x SSID configured in bridge mode and Remote-AP Operation "persistent". AP system profile has IPSEC retries set to 0 and multiple LMS.

 

The RADIUS communication is only working when there is controller connectivity, RADIUS is also installed on the central site. However already authenticated clients should be able to continue to work locally when there is a controller connectivity outage.

 

When I break connectivity with the controller, I still have connectivity for 20-30 seconds to the local bridged network. Afterwards all network connectivity stops working.

 

The 802.1x SSID remains broadcasted however. And I'm appear still connected to the SSID, Not 100% sure but I don't think the AP deauths me...

 

Are there extra parameters to configure? Which logging can i check?

Guru Elite
Posts: 8,445
Registered: ‎09-08-2010

Re: Bridge/Persistent Configuration

You would need to stand up a backup PSK ssid for use when the controller is not reachable. If you need auth survivability, consider using Instant or a 7000 series controller on site.


Thanks,
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I
Posts: 25
Registered: ‎12-29-2011

Re: Bridge/Persistent Configuration

I understand you would need other solutions for new 802.1x authentications.

However I assumed that existing 802.1x should continue to work with persistent bridge ssid's? This question concerns existing 802.1x sessions.

Search Airheads
Showing results for 
Search instead for 
Did you mean: