Wireless Access

Reply
Contributor II
Posts: 51
Registered: ‎03-21-2013

Master-Redundancy and wired access clients

Hi everyone.

 

I have to controller 7210 with master-standby configuration. Sync is working fine, and everything looks like is working fine. I use controllers to give internet access to customers in a hotel. Customer use wired, and wireless access.

 

In order to apply aaa profile to wired clientes, i make clients VLAN untrusted in master active controller. My problem is that if i make that same VLAN untrusted in standby controller, some wired clients appear in standby controller, and those clients don't have internet access.

 

Anyone knows how can i fix this problem??.

 

Thank you in advance.

Contributor II
Posts: 51
Registered: ‎03-21-2013

Re: Master-Redundancy and wired access clients

I forget to add some information:

 

I have VRRP working in VLAN 1 for client access.

 

Regards, 

MVP
Posts: 4,308
Registered: ‎07-20-2011

Re: Master-Redundancy and wired access clients

 

Do you have broadcast enabled under the wired ap profile?

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Contributor II
Posts: 51
Registered: ‎03-21-2013

Re: Master-Redundancy and wired access clients

Hi, it was enable.

 

I disabled it and tested again but it didn't work.

 

Regards,

Guru Elite
Posts: 21,537
Registered: ‎03-29-2007

Re: Master-Redundancy and wired access clients

What is the default gateway for your clients?  A standby or backup master controller cannot serve clients, so you need to make sure that the default gateway for your clients is on a layer3 switch beyond both controllers or on a VRRP that the current master has priority for.  You don't want traffic to end up on the standby when it is in standby mode.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II
Posts: 51
Registered: ‎03-21-2013

Re: Master-Redundancy and wired access clients

Hi, thanks for your response.

 

Default gateway for clients is shared VRRP IP address between the two controllers. VRRP is working fine.

 

Just in the moment I make VLAN untrusted in standby controller, wired access clients starts appearing in the controller user-table. Only wired access clients appear in standby controller.

 

Regards,

 

Guru Elite
Posts: 21,537
Registered: ‎03-29-2007

Re: Master-Redundancy and wired access clients

Okay, clients will always appear in the user table of a controller when any traffic is seen by them on the untrusted interface.  Here is what we need to do:

 

We need to change the ip cp-redirect address on both controllers to the ip address of the VRRP.  We can only do this on the commandline:

 

Type "show ip cp-redirect-adress" on the commandline of both the master and the backup master.  They should both point to interfaces that are local to each controller.  That parameter determines what ip address clients that use captive portal should be redirected to.  I am guessing that the standby or backup controller is answering with it's own local address.  Change this address on both controllers, via the commandline:

 

config t

ip cp-redirect-address <ip address of vrrp>

 

See if that helps.

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II
Posts: 51
Registered: ‎03-21-2013

Re: Master-Redundancy and wired access clients

Hi, 

 

i checked and ech controller has different cp-redirect address. I'll make changes to config tomorrow and I'll let you know.

 

Thanks for your help.

 

Regards,

Contributor II
Posts: 51
Registered: ‎03-21-2013

Re: Master-Redundancy and wired access clients

Hi,

 

I did the changes you recommend me but no luck so far... :P

 

Regards

Guru Elite
Posts: 21,537
Registered: ‎03-29-2007

Re: Master-Redundancy and wired access clients

What provides DHCP for that VLAN with the wired users?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: