Wireless Access

Reply
Occasional Contributor I

update ip access-list session

Dears,

I have noticed that there is a role missing in the local controller ip access-list session although it is found in the master controller , how can I push the missing role to be in the local controller ?

Guru Elite

Re: update ip access-list session

You need to click on the save configuration button on the master, or type write mem on the command line of the master.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I

Re: update ip access-list session

I already did this but nothing change , the missing line still missing in the local controller

Guru Elite

Re: update ip access-list session

What line is that, and on what ACL?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I

Re: update ip access-list session

line: any any any  src-nat pool Internet_Pool 

ip access-list session Allow_All

Guru Elite

Re: update ip access-list session

ip pools need to be created on the local controller.  Create the pool with the exact same name on the local controller under VPN.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I

Re: update ip access-list session

where can I find it ?

Guru Elite

Re: update ip access-list session

Configuration> Advanced Services> VPN.  If that controller is not the one that gives out ip addresses from a pool, you can ignore the config mismatch.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I

Re: update ip access-list session

On the local controller use the command "show audit-trail 100 | include failed" to see the last 100 failed changes.   If the master is pushing the changes to the controller and they are not taking then you will see the fails there.  Copy and paste the failed line into the CLI when in config mode and you will get more details on why it failed.  

 

Its most likely the issue is as pointed out above that the pool was not created on the local controller so the command thats pointing to the pool is not valid.  Create the pool first then try pasting the other failed config in again.

 

Guru Elite

Re: update ip access-list session

Config Sync errors do not show up in the audit trail.  Only commits that were typed into the local controller or entered into the GUI actually show up there....  Even successful changes that are synced from a master to a local do not show up in the audit trail.  Those are strictly manual inputs entered in the local controller.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: