Wireless Access

Reply
New Contributor
Posts: 2
Registered: ‎02-26-2014

How can I get my SSID's to assign the correct VLAN IP's?

Hello, 

 

I have been left a pile of Aruba Networks equipment from a previous IT regime and I'm trying to set up a wireless network with it. I have no experience with Aruba whatsoever so please bare with me! I have been left with a 650 controller and a number of AP-105 access points. 

 

What I wish to create is my AP's broadcasting out simultaneous SSID's for a public and a private WLAN. I have three VLANS set up. 

 

Controller IP - 192.168.0.248

VLAN 2 - Private WLAN - 192.168.150.0/24

VLAN 3 - Public WLAN - 192.168.200.0./24

 

So far I have managed to create the SSID's and they are broadcasting. I have created corresponding VPN tunnels which seems to be up according to the monitor. My clients can see the two networks "Private" and "Public" 

 

Problem is, when I try to connect to them they won't allow me to. I know I am entering the correct password as I have tried several times and I have even changed it to something else. It's like the traffic doesn't know where to route to. 

 

It could be I am missing something very simple, as I say, I have no experience, I have just got this far through trial and error. Any assistance would be very much appreciated?!  I have attached a copy of the config from the controller! 

 

MVP
Posts: 4,271
Registered: ‎07-20-2011

Re: How can I get my SSID's to assign the correct VLAN IP's?

 

 

 

What's serving as your DHCP server ?

 

Please share the show rights <role name> and the show wlan virtual-ap <virtual AP name>

 

 

 

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
New Contributor
Posts: 2
Registered: ‎02-26-2014

Re: How can I get my SSID's to assign the correct VLAN IP's?

Hi Victor, 

 

Thanks for getting back to me, is this what you are looking for? 

 

(NZRCWLG) #show rights

RoleTable
---------
Name ACL Bandwidth ACL List Type
---- --- --------- -------- ----
ap-role 4 Up: No Limit,Dn: No Limit control/,ap-acl/ System
authenticated 49 Up: No Limit,Dn: No Limit allowall/,v6-allowall/ User
default-via-role 48 Up: No Limit,Dn: No Limit allowall/ User
default-vpn-role 46 Up: No Limit,Dn: No Limit allowall/,v6-allowall/ User
guest 3 Up: No Limit,Dn: No Limit http-acl/,https-acl/,dhcp-acl/,icmp-acl/,dns-acl/,v6-http-acl/,v6-https-acl/,v6-dhcp-acl/,v6-icmp-acl/,v6-dns-acl/ User
guest-logon 6 Up: No Limit,Dn: No Limit logon-control/,captiveportal/,v6-logon-control/,captiveportal6/ User
logon 1 Up: No Limit,Dn: No Limit logon-control/,captiveportal/,vpnlogon/,v6-logon-control/,captiveportal6/ User
stateful-dot1x 5 Up: No Limit,Dn: No Limit System
sys-ap-role 7 Up: No Limit,Dn: No Limit sys-control/,sys-ap-acl/ System (not editable)
voice 47 Up: No Limit,Dn: No Limit sip-acl/,noe-acl/,svp-acl/,vocera-acl/,skinny-acl/,h323-acl/,dhcp-acl/,tftp-acl/,dns-acl/,icmp-acl/ User


(NZRCWLG) #show wlan virtual-ap

Virtual AP profile List
-----------------------
Name References Profile Status
---- ---------- --------------
default 0
NZRC_Private-vap_prof 1
NZRC_Public-vap_prof 1

Total:3

(NZRCWLG) #

 

 

In terms of my DHCP setup, I have attached a screen shot. Do I need to have DHCP set up in here as well for both VLAN2 and VLAN3 for the VPN tunnels to work? 

 

Thanks 

 

MVP
Posts: 4,271
Registered: ‎07-20-2011

Re: How can I get my SSID's to assign the correct VLAN IP's?

What do you mean by creating a VPN ?

What type of authentication are you using? 802.1x, PSK , open, captive portal ?

 

Create VLANs and SVIs

 

VLAN 2

VLAN 3

 

Interface vlan 2

ip address 192.168.150.1 255.255.255.0

operstate up

 

interface vlan 3

ip address 192.168.200.1 255.255.255.0

operstate up

 

DHCP pools

 

ip dhcp pool private

network 192.168.150.0 255.255.255.0

default-router 192.168.150.1

dns <your dns server(s)>

!

ip dhcp pool public

network 192.168.200.0 255.255.255.0

default-router 192.168.200.1

dns <your dns server(s)>

 

Add VLANs to VAP

 

wlan virtual-ap NZRC_Private-vap_prof 

vlan 2

!

wlan virtual-ap NZRC_Public-vap_prof 

vlan 3

 

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
Showing results for 
Search instead for 
Did you mean: