Wireless Access

I've seen this issue mentioned in a few post, but I haven't seen a clear solution.

We've got a branch office connected over a private MPLS WAN link. The site has got 2 AP65 Access Points set up in Bridge Mode (campus APs and CPSEC).

We are currently seeing a recurring issue where there is a large amount of IPSEC NATT traffic (udp 4500) from the Head Office controller to one Access Point.

This AP/Controller traffic quickly uses up all the available bandwidth between the branch and head office and all other inter site traffic is negatively impacted.

Any ideas on what to look for?

We are currently running Aruba OS version 5.0.4.9.

Thanks

L

If your bridge SSID is the only one on that access point, you should not see alot of UDP4500 traffic.  If you also have a tunneled SSID, like a guest SSID, that is likely where your traffic is being generated.

[Mod note: removed quote of OP]

Hi cjoseph,

That is what I would expect.

There is a tunnelled guest SSID but I believe tunnelled traffic to the controller uses GRE.

In addition, the UDP 4500 traffic bursts occur when there is minimal or no user activity on the bridged or tunnelled SSIDs. I have verified this using Airwave and netflow traffic stats.

Regards

L

Make sure that "Drop Broacast and Multicast" is enabled on the Virtual AP for that guest SSID.  Downstream broadcasts are a major unseen cause of traffic.

Thanks!

I'll give that a go and monitor for a few days.

L