Wireless Access

Dears,

I have noticed that there is a role missing in the local controller ip access-list session although it is found in the master controller , how can I push the missing role to be in the local controller ?

You need to click on the save configuration button on the master, or type write mem on the command line of the master.

I already did this but nothing change , the missing line still missing in the local controller

What line is that, and on what ACL?

 

line: any any any  src-nat pool Internet_Pool 

ip access-list session Allow_All

ip pools need to be created on the local controller.  Create the pool with the exact same name on the local controller under VPN.

where can I find it ?

Configuration> Advanced Services> VPN.  If that controller is not the one that gives out ip addresses from a pool, you can ignore the config mismatch.

On the local controller use the command "show audit-trail 100 | include failed" to see the last 100 failed changes.   If the master is pushing the changes to the controller and they are not taking then you will see the fails there.  Copy and paste the failed line into the CLI when in config mode and you will get more details on why it failed.  

 

Its most likely the issue is as pointed out above that the pool was not created on the local controller so the command thats pointing to the pool is not valid.  Create the pool first then try pasting the other failed config in again.

 

Config Sync errors do not show up in the audit trail.  Only commits that were typed into the local controller or entered into the GUI actually show up there....  Even successful changes that are synced from a master to a local do not show up in the audit trail.  Those are strictly manual inputs entered in the local controller.

Ok Joseph thanks. I don't have master local all mine are master and I use this trick when airwave has issues pushing commands because missing vlans and such. Thanks for the correction.