10-03-2013 11:14 AM
I have a question which pertains the Aruba regulatory domains and the restrictions around the US based hardware. The problem I am running into is that we have deployed a pair of Aruba6000's in the DC acting as a centralized wireless head-end for our company. We are only providing guest internet access with this deployment so the controllers are siting between firewall sandwich and all user traffic gets pipped o the raw internet. This is working well in most of our locations within the US.
The problem comes when we are trying to exend wireless guest network to a couple offices which located in South America in a couple of differnet countries. Since the AP's are deployed in lets say Panama and the master controllers are located in the US and therefore is restricted to US domain. The AP's in Panama which are configured with their own regulatory domain using the country code for Panama are not comming up and are stuck in reboot cycle. The errors from the AP console:
<ERRS> |stm| AP test-ap: ap regulatory-domain-profile "PANAMA_RDP" is invalid.
<ERRS> |stm| AP test-ap: No valid instances of required profile "ap regulatory-domain-profile".
<DBUG> |stm| samp_ap_init: AP test-ap: Setting state to CONFIG_ERR
<DBUG> |stm| samp_ap_adjust_radios: AP test-ap
My question is how can I solve this issue? To me there are two possible options:
- (A) Deploy unrestricted controllers to these offices and some how setup L3 GRE tunnel to make all guest user traffic exit via the head-end, etc...
- (B) Configure a custome regulatory domain profile using the US country code but, mannually configure the underlying channels to match what would be required for my AP's to legally operate in those countries (i.e. Panama, others).
Obviously I am keen on getting option (B) working as this would be the least costly solution and it would allow us to deploy what we need with out major redesign of our wireless infra.
I would like to know if anyone here knows if option (B) is something that would be supported by Aruba? Has anyone else run into this issue and how have you worked around the regulatory domain restrictions?
Thanks in advance for your help/advice!
10-04-2013 08:26 AM
Just update - I also checked with Aruba TAC and they confirmed that my option (B) is flat out not supported which is what I was wondering about. So, it looks like the only way is to deploy unrestricted controllers and if traffic centralization is required then I will need to look at using controller-to-controller GRE tunnels.