Wireless Access

Reply
Contributor I

Clients get IP Address vom DHCP but no Network access

Hello guys 

 

I'm installing an VMC standalone on customer side and have a strange issue.

 

DHCP are on the windows domain controller for all VLANs. 

I have two SSIDs:

Test 1 ; VLAN 10 ; default Role: authenticated

Test 2 : VLAN 20 ; default Role : logon

 

On both SSIDs the clients get an IP from the DHCP. Afterwards they cannot ping the gateway or other internal stuff even the internet.

 

Have someone an idea what the issue can be?

 

Thanks in advanced.

Guru Elite

Re: Clients get IP Address vom DHCP but no Network access

On the controller the user is connected to, type "show datapath session table <ip address of user>" to see if traffic is being blocked.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: Clients get IP Address vom DHCP but no Network access

Thanks for replay and sorry for the late response.

The traffic is not shown in the datapath table session:

 

 #show datapath session table 192.168.1.149


Datapath Session Table Entries
------------------------------

Flags: F - fast age, S - src NAT, N - dest NAT
       D - deny, R - redirect, Y - no syn
       H - high prio, P - set prio, T - set ToS
       C - client, M - mirror, V - VOIP
       Q - Real-Time Quality analysis
       u - Upstream Real-Time Quality analysis
       I - Deep inspect, U - Locally destined
       E - Media Deep Inspect, G - media signal
       r - Route Nexthop, h - High Value
       A - Application Firewall Inspect
       B - Permanent, O - Openflow
       L - Log

Source IP       Destination IP  Prot SPort DPort Cntr     Prio ToS Age Destination TAge Packets    Bytes      Flags
--------------- --------------- ---- ----- ----- -------- ---- --- --- ----------- ---- ---------  --------- ---------------
192.168.1.149      192.168.1.255      17   137   137    0/0     0    0   1   tunnel 14   8f   46         3588       FC
192.168.1.149      224.0.0.252     17   49755 5355   0/0     0    0   0   tunnel 14   2    2          104        FC
192.168.1.149      224.0.0.252     17   64857 5355   0/0     0    0   0   tunnel 14   5    0          0          FC
192.168.1.149      224.0.0.252     17   61096 5355   0/0     0    0   1   tunnel 14   12   0          0          FC
192.168.1.149      224.0.0.252     17   63715 5355   0/0     0    0   0   tunnel 14   2    2          104        FC

192.168.1.255      192.168.1.149      17   137   137    0/0     0    0   9   tunnel 14   90   0          0          FY

Do you have another idea?

Guru Elite

Re: Clients get IP Address vom DHCP but no Network access

That output does not match your command.  Is your user in the user table on the controller?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: Clients get IP Address vom DHCP but no Network access

Sorry, I forgot to change th IP Address. ;)

 

The user is listet on the User Table.

Guru Elite

Re: Clients get IP Address vom DHCP but no Network access

What are the ACLS on the client's role?

Can the client ping the default gateway?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: Clients get IP Address vom DHCP but no Network access

I tried with the default "authentication" role (see the Picture in the Attachment).

 

No I can't reach any device in the network. Even the DHCP Server who gave the IP address.

 

It's the first time I use a Virtual MC. All other installation are physical Applicances.

 

 

 

Guru Elite

Re: Clients get IP Address vom DHCP but no Network access

Remove the first rule.  It is blocking everything.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: Clients get IP Address vom DHCP but no Network access

It's not possible:

Capture.PNG

 

I did try with a new role only with one rule "any any permit" already. With the same result. I can try it again...

Contributor I

Re: Clients get IP Address vom DHCP but no Network access

I tried with the new rule again.

That is my ruleset:

Capture.PNG

Use it on the Wifi Profile:

Capture1.PNG

User assign to the new rule:

Capture2.PNG

I get the IP Address from the DHCP Server, but I can't pint the default gateway even the DHCP Server...

Capture3.PNG

there are no ARP entries in the arp-table as well.

 

It's realy strange.

I have another SSID - used default VLAN 1, with no issue!

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: