Search the Community
- ClearPass Recipe Review
- ClearPass Recipe Submission
- Admin Tool - Assign Role in Bulk
- Admin Tool - User Search
- CWNP Conf 2015
- Airheads Conference Vegas 2015
- Wlan Pro Conference 2015
- Airheads Conference Shanghai 2014
- WLAN Pro Conf EU 2014
- CWNP Conference 2014 (Sep 22 - 24)
- Airheads Local 2014
- Wireless Field Day 7 (Aug 6-8, 2014)
- Black Hat 2014 Contest
- Airheads EMEA Italy 2014 (June 9 - 13)
- Americas Airheads Conference 2014
- WLAN Professionals Summit 2014
- Airheads Roadshow 2013
- EMEA Airheads Conference 2013
- APJ Airheads Conference 2013
- Americas Airheads Conference 2013
- Americas Airheads Conference 2012
- APJ Airheads Conference 2012
- EMEA Airheads Conference 2012
- Airheads EMEA 2012 Contest: How to Enter - Contest Terms & Conditions
- Airheads EMEA 2012 Contest: Create your Entry to Win Here!
- Airheads Conferences Prior to 2012
- Americas Airheads Local Events 2012
- EMEA Airheads Local Events 2012
- Wireless Field Day 3 @ Aruba Networks
- Wireless Tech Field Day 2- Silicon Valley
- Wi-Fi Mobility Symposium- San Jose, CA USA
- SDN Apps
- Connector Translation Testing area
We are considering installing Aruba 305 IAPs to replace our current HP/H3C APs. I have some questions on limits - what is the limit of the number of 305 IAPs that can run without problems on a virtual controller?
Also, what is the limit of the number of IAPs that can be managed in Airwave running on a VM?
Thank you, Airheads for your help!
There is no hard limit according to the VRD, Aruba has tested up to 128. Here's the ...
There is no hard limit according to the VRD, Aruba has tested up to 128.
Here's the link to the VRD if you want further info.
Check out the below tool on ASE to assist with Airwave sizing for your virtualized environment: &n...
Check out the below tool on ASE to assist with Airwave sizing for your virtualized environment:
For IAP cluster size, there is not enforced limit to the number of IAPs that can be in one cluster. For general deployments, I try to stay less than 100 IAPs in a single cluster, but that is not a set maximum.
We are a health clinic with IAP-305-US AP's. We do NOT have RADIUS, Clear Pass, AirWave, or anything else. Just the AP's. We desire only our company supplied laptops on our work network. On our old Meraki system, we had a whitelist for the work (Private)network, where only the MAC's in our whitelist had access to the work network. The public (Guest) network was open to all devices. In this system, I have a "MAC authentication" box that I can enable, but then it just gives me the choice to add users, with a username and passwords. No place to put MAC addresses. If we assign our users usernames and passwords, they can still bring in their own devices and use them on the work network with their username and password. So we are looking for a way to use MAC addresses so only those devices we allow can use the work network. We only have about 16 laptops, so hand entering the MAC's is not an issue. I just can't find a place to put them. Any ideas?
So I am not sure why my various searches, "MAC whitelist", "Whitelist MAC", etc could not find anyt...
So I am not sure why my various searches, "MAC whitelist", "Whitelist MAC", etc could not find anything, but after following numerous threads, I stumbled upon the answer by kdisc98 at https://community.arubanetworks.com/t5/Security/White-list-for-MAC-addresses/td-p/65242. Very simple. Very easy when you know how. Just not intuitive. (In essence, you put the MAC address in lowercase with no delimiter in both the User box and the Password box).
Thanks very much to kdisc98.
I was trying to test and validate the IAP-345 hardware I received as part of various initatives.
However, much to my surprise, the IAP-345 decided to "see" my existing corporate IAP VC, tell me that it was pre-empted in the master election by my existing VC, and then lock itself into a slave role with no option for me to intervene.
I've also verified that my existing corporate IAP cluster has auto-join turned off.
I need to vet this hardware, test migrations to Aruba Central, and numerous other tasks. How can I get this thing to create it's own independent cluster like I expect it to?
To my knowledge, this wasn't an issue before InstantOS 8.3.
I have an instant cluster with two IAP-205H, one is mesh portal and one is mesh point. Each of them send 2 syslog messages every 5 minutes, that i have not been able to find any explanation to:
cli: <341004> <WARN> <192.168.100.27 20:4C:03:0E:4A:90> Send awc hang detection.
cli: <341004> <WARN> <192.168.100.27 20:4C:03:0E:4A:90> Recv awc hang reply.
What is happening?
Hi Ole, The above message is seny by CLI to detect the state of AWC process on the IAP....
The above message is seny by CLI to detect the state of AWC process on the IAP.
As we are seeing awc reply message, that means awc process is running fine on the IAP.
We don't have a way to stop these messages.
There is probably a simply solution to this but for the life of me, I can't think of what it is.
So the scenario is: We have a remote location with 60'ish IAPs. Mixture of 204s and 205s. We're trying to set up 3 separate SSIDs for the users on 3 separate VLANs...
Data - VLAN 10 - 10.10.10.x - DHCP is network assigned
Voice - VLAN 20 - 10.10.20.x - DHCP is network assigned
Public - VLAN 30 - 10.10.30.x - DHCP is controller assigned
We have a firewall sitting at the edge of the network that is supposed to direct the traffic based upon IP address, 10.10.10.x and 10.10.20.x go over MPLS... 10.10.30.x out the internet connection.
It hasn't worked since we tried setting it up. While investigating the problem, we noticed that the only IP address that the firewall sees is the Master AP (10.10.10.1). So to the firewall, it thinks all traffic is coming from 10.10.10.1. Makes it hard to segregate off the public traffic!
Why is this happening and how do I correct it? Thanks.
Our wifi network includes 195 IAP-305s, about a dozen IAP-315s and one IAP-225. On the 305s and 315s we're running firmware version 188.8.131.52. I checked for an available firmware upgrade and the version that was indicated is 184.108.40.206. Seems like a big jump, unless there's been a change to the versioning procedure. My question is, can/should we move from 220.127.116.11 to 18.104.22.168? If so, do we need the incremental 6.5.x.x versions first?
Thanks for any info.
"IAP-335 Supports up to 1,733 Mbps in the 5 GHz band (with 4SS/VHT80 or 2SS/VHT160"
I have 2x iap-325 + 1x iap-335 (22.214.171.124_64659)
How can I activate / use the maximum channel width 160Mhz?
If the Windows client is connected to the IAP-335, the connection speed will not increase.
Intel AC-9260 (Driver 126.96.36.199)
There is only the option 80Mhz!?
I try to configure GRE tunnel for guest traffic from instant cluster to a controller located in central location.
There is a plan to deploy a lot of instant clutser in different geographic location and to tunnel only guest traffic to central controller/controllers.
I would like to deploy only one tunnel from each instant cluster to central controller not a tunnel for each IAP, because there would be a thousands of IAP.
I have confugred IAPs and controller according to documents I have found on community:
I have configured solution with DHCP scope L2 centralized and with manual GRE tunnel and option Per-AP tunnel disabled (so to pass trafic only via master virtual-controller) .
It works but only when Wifi client connects to master VC, when client assiciates with other APs, then client cannot get IP address from DHCP (defined on central controler).
So my question is
1) Is it possible to have only one GRE tunnel for each Instant cluster ?
2) If yes what should I do to pass traffic via Master VC ? In above docs theres no information about that (or I'm missing something)
Any other help and advices would be very appraciated.
Hi Karol, Is the client vlan trunked to all the IAP's? DHCP packet from client co...
Is the client vlan trunked to all the IAP's?
DHCP packet from client connected ot slave IAP will be forwarded via uplink port of slave IAP & will eventually reach the master IAP which will then send it inside the tunnel.
Please ensure that slave IAP is on trunk port which is tagged with client vlan as well.
You can test this on a single slave IAP & validate the behavior.
Is there a way to force clients to move to a more suitable access point when there is one available? Sometimes I see a client connected to an access point that is connected to an access point far away when there is one much closer.
How do I setup my VC so that a WAP assumes the role of master if the current master (the first WAP I setup) isn't available? This is my current setup:
You've already set it up, it's configured automatically :D The current AP holding the Virtual Contr...
You've already set it up, it's configured automatically :D The current AP holding the Virtual Controller is denoted by the * , so in this case it is Server Room AP. If you unplug this, the Virtual Controller IP will fail over to Conference Room.
Just a note, you want to set the Virtual Controller IP to in the same subnet as the AP's just not the same IP as an AP.