We are testing an AP515 as an Instant AP. We have set up the unit with basic settings, one SSID with WPA2 personal encryption. We are using networked defined VLAN and IP addressing on an existing network that works. We are able to connect and get network access but are unable to browse to certain websites like google and other google services (youtube etc) but other websites work fine. We have tried tweaking the policies and adding explicit any to any allow rules and various services but doesn't seem to change anything. Anyone know why this might happen?
We are using AP515 in the same environment as campus APs on a cluster and don't experience anything like this. I have tested IAP in another environment and it worked fine with basic settings although was on an older model of AP. Is there something different about 515s or the IAP software they run?
Have you tried with Unrestricted access on the network configuration?
Hi thanks for reply. We have tried with this unrestricted setting and still same results.
Are you able to resolve the URL of the problematic sites, to confirm DNS is working? Is there any difference in the sites such as HTTP or HTTPS? Any transparent proxies upstream?
Grab one of the IPs of the URLs which is failing and check the datapath session. You might see Y flag which means there is no syn.
show datapath session | include [IP OF WEB SITE]
Thanks for reply. DNS is working ok as lookups resolve. If we browse to a URL for example youtube.com in Chrome it attempts to connect to http without redirecting to https. If we add https in it will partially load the webpage but lots of content won't load within the page. Other pages like google search or reddit won't load at all. No proxy involved on our network. Firefox and Chrome show connection reset errors so presume is something to do with traffic or TCP messing up but is beyond my knowledge.
I will check the datapatch command now. Thanks.
We are indeed seeing the 'no SYN' flag for sessions to websites. I understand this means there is an issue with the 3 way handshake?
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.