Wireless Access

Reply
Occasional Contributor II

Issues with Physical Move of Master Controller

We are in the process of moving our Data Center from STL to Dallas.  I have a new Master Controller with the same config as the existing controller minus the interface updates. 

 

We attempted to swing our local controllers over to the new Master tonight.  I changed the Master IP on the local controller, saved, and reloaded.  The Local controller came up on the new master with no issues. 

 

The AP's attached to the Local controller also came up with no issues but the RAP's did not.  Previous to the change we made a DNS entry update to ping the master.com name to the new external IP address.  We checked several dns lookup services to verify the change had propagated. 

 

I have a local RAP3 and I rebooted it for it to reconnect to the original Master Controller. 

 

My question is do the RAP's cache the dns entry?  If so, how can that be cleared remotely to move these to the new Master?  If not, what would be the reason this RAP's are not attaching back to the New Master? 

 

Any help is greatly appreciated. 

 

 

Daniel

Re: Issues with Physical Move of Master Controller

Hi,

 

More than likely the new controller does not have the NAT pool for the RAPs.  I can't remember the exact command, but search through the old master for a config that contains the word 'local' and you'll work out which command you need to put it.

 

If you can remember what inner ip the RAPs had when they came up, that will make it easier and you'll spot it.

 

 


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACCX #817, ACMP, ACMX #294
Guru Elite

Re: Issues with Physical Move of Master Controller

Michael_Clarke is 100% correct.

 

In addition, you should have a firewall that NATs your inbound traffic from the public address that RAPs point to, to the private address that the master USED TO BE.  That NAT statement on your inbound firewall most likely has to be updated with the new master's ip address...

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Issues with Physical Move of Master Controller

The NAT Pool would be missing even thou the New Master was setup using the flashbackup of the old?  Shouldnt that grab the entire config?

 

 

dp

Occasional Contributor II

Re: Issues with Physical Move of Master Controller

Watching the firewall and a RAP3 after it was rebooted it never attempted to connect to the new Master IP via DNS.  It went directly to the old Master IP (External). 

 

 

dp

Re: Issues with Physical Move of Master Controller

Did you import the rap whitelist db to the new controller ?
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Guru Elite

Re: Issues with Physical Move of Master Controller


dpatterson1976 wrote:

Watching the firewall and a RAP3 after it was rebooted it never attempted to connect to the new Master IP via DNS.  It went directly to the old Master IP (External). 

 

 

dp


If you only changed the internal ip address of the master, what you need to do is update your external firewall so that the NAT entry translating the incoming traffic to the private ip address is updated to the new master's private address.  This is by far the easiest route.

 

If you created a new NAT entry on your firewall for a new external and internal ip address, you have to change ALL of your RAPs, and that is not possible unless they can reach the old controller.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Issues with Physical Move of Master Controller

 

I do not believe we are doing any NAT translations at the FW. 

 

We use a FQDN on the RAP to point to the Master Controller.  This IP is on the Controller VRRP.  We made an external DNS change to point the FQDN at the new IP. 

 

Occasional Contributor II

Re: Issues with Physical Move of Master Controller

The Whitelist DB is available on the new Master Contoller. 

Guru Elite

Re: Issues with Physical Move of Master Controller


dpatterson1976 wrote:

 

I do not believe we are doing any NAT translations at the FW. 

 

We use a FQDN on the RAP to point to the Master Controller.  This IP is on the Controller VRRP.  We made an external DNS change to point the FQDN at the new IP. 

 


So is the ip address that the access pointing to a private address or a public address?   Are the access points located on your private or public network?   If they are both private, everything should work as long as access points are pointing to the DNS and it is supplying the new address.  If they are pointing to the old ip address, you will have problems.

 

If it is a public address and your new master does NOT have a public ip address on one of its interfaces, you probably have a firewall doing the translation and you need to look at that.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: