Wireless Access

Reply
Contributor II

RAP backup not working on arubaOS 8.2.X version.

The option to use the backup option is not working on arubaOS 8.2+ version.

I tested with the 8.2.1 and with the new version 8.2.1.1, both with 205H and 303H. Bellow is what I am getting.


Wireless Backup is coming up, the user can connect and browser.

But the RAP is not able to detect the controller if it came back, and because of this, someone need to access the reduced managed interface of the RAP(in the back-mode) to do a reboot(very impracticable).

For some reason on the interface of the back-up mode is showing the LMS - with the internal IP of the controller, but using diagnostic to tried to connect to the controller a least on the logs it is trying to connect to the correct Public IP of the controller but is failing to do that( even if it is able to ping to the controller).

In the wired side, I can not make the clients rout to anywhere, on the 8.2.1 I was able to ping wireless user because of the option remote-local backup(something like that),even if they are in another scope of dhcp, but only that, I was not able to reach the IP of the RAP.  the wired users on the 8.2.1.1 is not able to reach the wireless users, the RAP and consequelenty anything, I am trying to see if the are able to ping others wired clients, but even that works it will not help me.

Sad...

Contributor II

Re: RAP backup not working on arubaOS 8.2.X version.

Ok more details...

the good news is that the RAP is able to come back to the controller  by itself. Not sure how many seconds it is needing, don't look like it is the default 600 seconds, I am trying to change by hand to see if it is able to be more fast and to see if it really is capable of come back para itself or if the ap reboot when is was alone.

Second, the wired user are able to talk to itself, but not able to talk to the RAP or  ''iniciate a conversation'' with the Wireless Users.

The wireless users are able to rout, and able to ping the wireless users, not sure if a printer is going to work...

Update:

Forget it, 30 minutes and nothing about coming back, I supposed it reboot alone in the first place when I was eating lunch, I will continue to observe...

 

 

Frequent Contributor I

Re: RAP backup not working on arubaOS 8.2.X version.

I think you should have some network diagram is better to explain this.

01.jpg

 

 

Contributor II

Re: RAP backup not working on arubaOS 8.2.X version.

Cloudq...

Is a typical RAP design like you image...

And I am even simplificate to do a site test using my 4g to be my wan link carrier of the APs.

 

There is a central location hosting my standalone VMC 8.2.1.1

and I am using a 3g/4g as a test to simulate a internet wan link of my APs... and That is it. Everything is working and by that you should read ''enteprise auth, dhcp, vlan, and rules'' And like I said, the problem is when my connection with my central site is blocked, in this cases the backup ssid is showing up and more or less working, what is not working is my AP is no coming back by itselft to the controller, and the wired ports don't rout...

Is a bug very easy to replicate there is nothing fancing about the network.

 

Contributor II

Re: RAP backup not working on arubaOS 8.2.X version.

Ok, the engineering need to be involved on this. 

Good news is, the RAP are really able to come back, but there is somekind of  incompatibility with palo-alto firewall..

The firewall is up to date, and the problem is...
to simulate a disconnect situation, I block the public IP of the RAP that arrive in controller. This is working, my RAP is turning on the Backup SSID and rebooting the wired ports, but  disblocking, is not working.. the ping is able to come back, but I think there is is some kind of packets that is not been sended or able to pass through the firewall because it not coming back without a ''manual'' reboot..

 

I tried in another environment with a meraki firewall and the AP is able to go back by itself, and on the paloalto site I starting testing by disable the controller network interface...

 

But !! The wired ports are still broken, there is no away to make it rout, it can ping and comunicate with others wired users but it cannot ping its own gateway(the RAP). Another syntom that I discover is that doing a packetcapture in the specifics ports through the RAP console activate the the ping responses from the gateway, but only that, they still cannot rout beyond that.

 

engineering please, start looking in this feature to work on a fix !!

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: