Wireless Access

Reply
Super Contributor II

DHCP server behind a wired RAP port

Hi Airheaders!

 

I have a use case where we want to place RAP3:s on selected sites and build a L2 tunnels to a centrally placed controller. On the centrally placed controller we want to be able to connect clients and recieve IP-adress from the DHCP server that´s placed on the RAP3 side of the tunnel. This isn´t working right now. If we assign IP-address statically we have connectivity.

 

Ports on RAP are trusted, the port on controller side is trusted. What am I missing to make broadcast/DHCP work from an access port on the controller to the DHCP server placed on the wired port of the RAP3?

 

Trying code 6.5.2.0 now.

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba Partner Ambassador
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP CWAP
Guru Elite

Re: DHCP server behind a wired RAP port

It will not work that way. There are many rap deployments that have been destroyed by users plugging in tunneled ports to the cable modem. I believe DHCP is blocked if it is not coming from the controller or the controller's side of the network.
******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Super Contributor II

Re: DHCP server behind a wired RAP port

Thanks cjoseph! **bleep** that´s what we were afraid of. Do you know of any way to override this or perhaps a version of code that it will work on?

 

What about putting the RAP3 as instant and doing a centralized L2 tunnel? Will it still block DHCP?

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba Partner Ambassador
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP CWAP
Super Contributor II

Re: DHCP server behind a wired RAP port

We tried running this setup with Instant-VPN instead but we get the same type of behaviour. We can get DHCP address locally on the IAP (from port 1 to port 2 for example) but as soon as the DHCP offer needs to traverse the tunnel to the controller it doesn´t work.

 

We tried Aruba IPSEC and also GRE with the same type of error. I´m not sure why it blocks DHCP over a GRE tunnel, I´m almost sure that I´ve made for example guest networks that recieve their DHCP from the other end of a GRE tunnel from the controllers perspective. So perhaps the limitation is on the AP side that a DHCP offer is never passed over a tunnel?

 

Anyway, this setup seems to be doomed. :(

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba Partner Ambassador
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP CWAP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: