Wireless Access

Reply
New Contributor
Posts: 4
Registered: ‎02-01-2012

Problems using AP-105 over a VPN link back to our 650 Controller

Hi all,

 

We ran into an issue that im completely stumped on.  We have a 4 AP-105s in one of our buildings that we justed deployed over VPN link back to the 650 Controller.  I have already added the A record in DNS for aruba-master and the APs pull down the config and work properly.  The issue we ran into durring testing this was that our Laptops works without any problems (Opens captive portal on both SSIDs, surfs the web, downloads files, and does a very accurate speed test using speedtest.net) but whenever we connected to either SSIDs using a smartphone or tablet (Apple or Android) we can only get to the Captive portal page and thats it.  We need to have this portion of our wireless deployment allow both smartphones and tables access.  We are a Vocational school moving towards allowing our students the option to use an e-book for their course and having tablets and smartphones connect properly is a must.

 

Also incase anyone is wondering both locations are about 200 ft apart and each have a Verizon Fios connection of 35/35. Im assuming latency shouldnt be a problem with our fiber connections.  Also, ping results from one site to another is typically 1-2ms with a max of 5ms.

 

Anyone have any advice as to where to start troubleshooting this and if anyone else out there can give us some advice on a similiar deployment i would greatly appreciate it.

 

Thanks,

 

Iraklis Notis

Aruba Employee
Posts: 664
Registered: ‎04-15-2009

Re: Problems using AP-105 over a VPN link back to our 650 Controller

Try turning off OCSP on the smartphone/browser tablets.

 

If you are able to open the captive portal, authenticate and browser after that (on the smartphone/tablets), turn OCSP back on and search Airheads for OCSP.  You will find answers on how to allow OCSP through your ACLs in the initial role and that will correctly fix this issue.

New Contributor
Posts: 4
Registered: ‎02-01-2012

Re: Problems using AP-105 over a VPN link back to our 650 Controller

[ Edited ]

Olino,

 

Thank you for that info.  I did try the first suggestion with no luck.  I also did a search and I used the information provided in this post:

http://community.arubanetworks.com/t5/ArubaOS-and-Mobility-Controllers/Captive-portal-page-can-t-display-on-Android-when-using-quot/m-p/26618#M1977

 

I think i forgot a key piece of information for my environment out of this.  When i connect any smartphone or tablet to an AP that is directly connected to the 650 controller we have no problems with them.  Its only when they connect to the APs that contacts and transmits data to the controller over the VPN connection that we have.  Ive checked my Watchguard Firewall logs and nothing is triggered in there to show that something is blocking it over the VPN connection.

 

That being said would the problem still be OCSP?  I will try the ACL right now to see how that goes.

 

Thanks,

 

Iraklis Notis

 

Guru Elite
Posts: 21,029
Registered: ‎03-29-2007

Re: Problems using AP-105 over a VPN link back to our 650 Controller

What might be happening is that you might have to lower the MTU of your APs when deploying over VPN.  Try this:

 

config t

ap system-profile default

mtu 1400

exit

write mem

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎02-01-2012

Re: Problems using AP-105 over a VPN link back to our 650 Controller

cjoseph,

 

At first that didnt do it.  I decided to wipe the 650 and redo the entire config.  After i did that changing the mtu worked flawlessly.  I guess some how i put the ap's in a different system profile by accident and the MTU change wouldnt show up when i looked it up under the old config.

 

Thanks!!!

 

Iraklis

Guru Elite
Posts: 21,029
Registered: ‎03-29-2007

Re: Problems using AP-105 over a VPN link back to our 650 Controller

Thank you. Sorry you had to go through that. Please mark this solved if it fixed your issue.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: