08-21-2013 11:51 AM
Having issues with a guest WiFi network on a second VLAN (150), this started after a firmware update and I cannot figure this out; I'm thinking there is a bug. We have 5 IAP-105 devices plugged into 2 HP switches. Both switches are trunked allowing all vlans, APs are plugged into trunked ports as well. Our router is a juniper SRX, with a guest VLAN #150.
SRX Gateway: 192.168.10.1 (this is the DHCP server)
Switch#1 vlan interface: 192.168.10.5
Switch#2 vlan interface: 192.168.10.6
Client joins and obtains 192.168.10.120
Both switches can ping each other, as well as the gateway. Gateway can ping switches. The switches can also ping a wireless client joined to the guest network, as well as the guest ping the switches.
Here is where things get wierd. The client obtains a DHCP address from the gateway, but can not ping it or make external DNS queries. The gateway can't ping the client either. If I hardwire a laptop into the switch on vlan 150 I can ping the gateway as well as the switches and browse the internet. It's odd.
Previous version: 18.104.22.168-3.0.0
Current version: 22.214.171.124-126.96.36.199
Any ideas would be great! Thanks in advance.
08-21-2013 01:03 PM
Do you have your guest users in a role that is blocking that type of traffic?
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
08-22-2013 08:48 AM - edited 08-22-2013 08:53 AM
Not that I see. It's another "Employee" network type set to unrestricted. I have tried resetting to factory defaults to clear the problem, but no luck. This started after the firmware upgrade which is wierd, I have no way of rolling back to the old version unless I can find the image somewhere.
Sorry, I am new to the Aruba gear.
08-22-2013 11:16 AM
With a laptop connected wirelessly, I am able to ping the SRX gateway and browse the internet if I manually add a static ARP entry for the juniper on the laptop.
Once I remove the ARP entry, communication stops.