Wireless Access

Reply
Occasional Contributor II

Mobility Master not reachable from WiFi

Hey Guys,

 

if been looking at this issue for quite some time now and I can't find the root of this problem.

 

We use dynamic vlan assignement within our SSID. When my Device is in the default-vlan, I can reach the Mobility-Master from my Laptop, when I'm in any other VLAN I can't ping the active MM and the VRRP-IP. I can ping the backup-MM though. If I switch Master and Backup-MM, the behavior stays the same. So this is only applying to the active MM and its VRRP-IP.

 

In order to narrow down the issue I'v put the VLANs configured as access on a switch and everything worked fine from both VLANs. Then I created a role "wlan-user" which just says "accept any any" for IPv4 and IPv6. Our MM only have IPv4, due to a bug in our ESXi.

 

I can see this behavior on any device and I ensured the role is applying correctly. There are no wrong routes or anything like that on the client devices. Has someone noticed this issue before and can help me to fix that?

 

Greetings,
Hendrik

~~~
WiFi Enthusiast | ACMP
Guru Elite

Re: Mobility Master not reachable from WiFi

You should honestly troubleshoot this as any other networking issue.   The MM only has a single ip address.

 

EDIT:  What is the default gateway of your MM and what is the default gateway of the wifi clients?  Make sure the default gateways are correct.

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Occasional Contributor II

Re: Mobility Master not reachable from WiFi

I already checked that.

 

Let me explain it a bit further:
10.0.0.1 is the default gateway

10.0.0.10 is the VRRP-IP

10.0.0.11 is MM-1

10.0.0.12 is MM-2

 

when the MM-1 is the active MM and is claiming the VRRP-IP I can't ping 10.0.0.10 and 10.0.0.11, but I can ping 10.0.0.12.

If I then reboot MM-1 and MM-2 becomes actice I can't ping 10.0.0.10 and 10.0.0.12, but I can ping 10.0.0.11.

 

Yes, the default gateway of everything is correct and If I use a wire everything works fine. This issue just occures over wifi and only on those APs, that are terminating on a controller managed by those MMs. If I'm logged into the wifi with the same assigned vlan on our old 6.5 setup everything works fine. If this was a normal networking issue, I wouldn't have posted that in here.

~~~
WiFi Enthusiast | ACMP
Guru Elite

Re: Mobility Master not reachable from WiFi

Can you ping all three ip addresses from the default gateway of the MM?

 

EDIT:

What is the difference between the VLAN that the users are on wired vs. wireless?  Are you blocking any user traffic?

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Occasional Contributor II

Re: Mobility Master not reachable from WiFi

yes, I can. Also from every other network we have, if the connection is wired.

~~~
WiFi Enthusiast | ACMP
Guru Elite

Re: Mobility Master not reachable from WiFi

How are you treating the wireless user traffic differently?  Is there a role ACL on the user traffic?  If you are not blocking any user traffic on the wireless, please open a TAC case, because we don't have any information on what could be causing your issue.  You can open a TAC case following the instructions here:  https://www.arubanetworks.com/support-services/contact-support/

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: