Wireless Access

The specs for a 505Hr is up to 500Mb for VPN encryption. We've purchased a dozen or so of the 505Hr in order to provide remote users with more then 100Mb of throughput back to our 7210 mobility controller. Speedtest have shown to be getting around 80-90 Mb of throughput. I do have a case open with Aruba, but no findings yet. We've tested with a host device directly connected to an open port on said 7210 on the subnet in questions and speedtest is well over 800 Mb (our ISPs are at 1Gb). We've also tested with a 505Hr port configured in bridge mode (whereas the traffic gets offloaded to the local ISP) and speedtests are close to 500 Mb (the amount provided by the ISP at test location). At same test location, the tunneled VPN data back to the 7210 isn't getting anywhere close to the 500Mbs. Does anyone have 505Hr in deployment in a mobility controller scenario and are you getting expected speed and if so, do you have to implement any special configuration?

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------

Is this wired or wireless?

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------

Original Message:
Sent: May 10, 2021 01:02 PM
From: Tony Marques
Subject: 505Hr VPN throughput

The specs for a 505Hr is up to 500Mb for VPN encryption. We've purchased a dozen or so of the 505Hr in order to provide remote users with more then 100Mb of throughput back to our 7210 mobility controller. Speedtest have shown to be getting around 80-90 Mb of throughput. I do have a case open with Aruba, but no findings yet. We've tested with a host device directly connected to an open port on said 7210 on the subnet in questions and speedtest is well over 800 Mb (our ISPs are at 1Gb). We've also tested with a 505Hr port configured in bridge mode (whereas the traffic gets offloaded to the local ISP) and speedtests are close to 500 Mb (the amount provided by the ISP at test location). At same test location, the tunneled VPN data back to the 7210 isn't getting anywhere close to the 500Mbs. Does anyone have 505Hr in deployment in a mobility controller scenario and are you getting expected speed and if so, do you have to implement any special configuration?

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------

Using port 1 for wired. Haven 't tried wireless yet, but was thinking of configuring a 505Hr with our corporate SSID and seeing if that is any different. Would you suggest/recommend I try that?

------------------------------
Tony Marques
------------------------------

Original Message:
Sent: May 10, 2021 01:06 PM
From: Colin Joseph
Subject: 505Hr VPN throughput

Is this wired or wireless?

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: May 10, 2021 01:02 PM
From: Tony Marques
Subject: 505Hr VPN throughput

The specs for a 505Hr is up to 500Mb for VPN encryption. We've purchased a dozen or so of the 505Hr in order to provide remote users with more then 100Mb of throughput back to our 7210 mobility controller. Speedtest have shown to be getting around 80-90 Mb of throughput. I do have a case open with Aruba, but no findings yet. We've tested with a host device directly connected to an open port on said 7210 on the subnet in questions and speedtest is well over 800 Mb (our ISPs are at 1Gb). We've also tested with a 505Hr port configured in bridge mode (whereas the traffic gets offloaded to the local ISP) and speedtests are close to 500 Mb (the amount provided by the ISP at test location). At same test location, the tunneled VPN data back to the 7210 isn't getting anywhere close to the 500Mbs. Does anyone have 505Hr in deployment in a mobility controller scenario and are you getting expected speed and if so, do you have to implement any special configuration?

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------

Whatever vlan that wired device is on, enable bcmc-optimization on it, so that the wired devices doesn't have to compete with broadcasts for throughput.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------

Original Message:
Sent: May 10, 2021 01:14 PM
From: Tony Marques
Subject: 505Hr VPN throughput

Using port 1 for wired. Haven 't tried wireless yet, but was thinking of configuring a 505Hr with our corporate SSID and seeing if that is any different. Would you suggest/recommend I try that?

------------------------------
Tony Marques

Original Message:
Sent: May 10, 2021 01:06 PM
From: Colin Joseph
Subject: 505Hr VPN throughput

Is this wired or wireless?

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: May 10, 2021 01:02 PM
From: Tony Marques
Subject: 505Hr VPN throughput

The specs for a 505Hr is up to 500Mb for VPN encryption. We've purchased a dozen or so of the 505Hr in order to provide remote users with more then 100Mb of throughput back to our 7210 mobility controller. Speedtest have shown to be getting around 80-90 Mb of throughput. I do have a case open with Aruba, but no findings yet. We've tested with a host device directly connected to an open port on said 7210 on the subnet in questions and speedtest is well over 800 Mb (our ISPs are at 1Gb). We've also tested with a 505Hr port configured in bridge mode (whereas the traffic gets offloaded to the local ISP) and speedtests are close to 500 Mb (the amount provided by the ISP at test location). At same test location, the tunneled VPN data back to the 7210 isn't getting anywhere close to the 500Mbs. Does anyone have 505Hr in deployment in a mobility controller scenario and are you getting expected speed and if so, do you have to implement any special configuration?

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------

We've had TAC case open for few months now and seems TAC does not have much idea what might cause it but we've randomly tried everything to see if something happens. It's Central managed but connecting to 7210. We've used both wireless and wired uplink, and even when using wireless uplink we can get decent speeds for bridge SSID but not when using tunneled SSID.

So far most difference has been with different versions. For example newest 8.7.1.3 was really slow with wireless uplink, then again 8.8.0.0 is sort of OK. We only use those behind max 100Mbps uplinks but even with those we've seen something like 5-30Mbps speeds with some software versions. Then again 8.7.1.3 works with wired uplink...
Original Message:
Sent: May 10, 2021 01:02 PM
From: Tony Marques
Subject: 505Hr VPN throughput

The specs for a 505Hr is up to 500Mb for VPN encryption. We've purchased a dozen or so of the 505Hr in order to provide remote users with more then 100Mb of throughput back to our 7210 mobility controller. Speedtest have shown to be getting around 80-90 Mb of throughput. I do have a case open with Aruba, but no findings yet. We've tested with a host device directly connected to an open port on said 7210 on the subnet in questions and speedtest is well over 800 Mb (our ISPs are at 1Gb). We've also tested with a 505Hr port configured in bridge mode (whereas the traffic gets offloaded to the local ISP) and speedtests are close to 500 Mb (the amount provided by the ISP at test location). At same test location, the tunneled VPN data back to the 7210 isn't getting anywhere close to the 500Mbs. Does anyone have 505Hr in deployment in a mobility controller scenario and are you getting expected speed and if so, do you have to implement any special configuration?

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------

Hi pubjohndoe,

Sorry to hear you've encountered the same issue and that TAC hasn't been able to resolve it. Seems like they need to go back to the developers to see how they were able to certify it for 500MBs. My TAC engineer ask that I change the RAP MTU to 1500 on the AP System Profile. I'm going to try that as well as cjoseph's recommendation. I'll keep the post updated with my findings.

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------

Original Message:
Sent: May 11, 2021 02:40 AM
From: Jukka Aaltonen
Subject: 505Hr VPN throughput

We've had TAC case open for few months now and seems TAC does not have much idea what might cause it but we've randomly tried everything to see if something happens. It's Central managed but connecting to 7210. We've used both wireless and wired uplink, and even when using wireless uplink we can get decent speeds for bridge SSID but not when using tunneled SSID.

So far most difference has been with different versions. For example newest 8.7.1.3 was really slow with wireless uplink, then again 8.8.0.0 is sort of OK. We only use those behind max 100Mbps uplinks but even with those we've seen something like 5-30Mbps speeds with some software versions. Then again 8.7.1.3 works with wired uplink...
Original Message:
Sent: May 10, 2021 01:02 PM
From: Tony Marques
Subject: 505Hr VPN throughput

The specs for a 505Hr is up to 500Mb for VPN encryption. We've purchased a dozen or so of the 505Hr in order to provide remote users with more then 100Mb of throughput back to our 7210 mobility controller. Speedtest have shown to be getting around 80-90 Mb of throughput. I do have a case open with Aruba, but no findings yet. We've tested with a host device directly connected to an open port on said 7210 on the subnet in questions and speedtest is well over 800 Mb (our ISPs are at 1Gb). We've also tested with a 505Hr port configured in bridge mode (whereas the traffic gets offloaded to the local ISP) and speedtests are close to 500 Mb (the amount provided by the ISP at test location). At same test location, the tunneled VPN data back to the 7210 isn't getting anywhere close to the 500Mbs. Does anyone have 505Hr in deployment in a mobility controller scenario and are you getting expected speed and if so, do you have to implement any special configuration?

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------

Hi pubjohndoe,

This is my latest with my TAC case:

We have reported the issue to Engineering with the logs/data collected so far, Engineering ticket number - AOS-221325.

If any further logs/data is required, we would let you know.

Will keep you informed on updates. Another update would be shared in couple of days.

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------

Original Message:
Sent: May 11, 2021 02:40 AM
From: Jukka Aaltonen
Subject: 505Hr VPN throughput

We've had TAC case open for few months now and seems TAC does not have much idea what might cause it but we've randomly tried everything to see if something happens. It's Central managed but connecting to 7210. We've used both wireless and wired uplink, and even when using wireless uplink we can get decent speeds for bridge SSID but not when using tunneled SSID.

So far most difference has been with different versions. For example newest 8.7.1.3 was really slow with wireless uplink, then again 8.8.0.0 is sort of OK. We only use those behind max 100Mbps uplinks but even with those we've seen something like 5-30Mbps speeds with some software versions. Then again 8.7.1.3 works with wired uplink...
Original Message:
Sent: May 10, 2021 01:02 PM
From: Tony Marques
Subject: 505Hr VPN throughput

The specs for a 505Hr is up to 500Mb for VPN encryption. We've purchased a dozen or so of the 505Hr in order to provide remote users with more then 100Mb of throughput back to our 7210 mobility controller. Speedtest have shown to be getting around 80-90 Mb of throughput. I do have a case open with Aruba, but no findings yet. We've tested with a host device directly connected to an open port on said 7210 on the subnet in questions and speedtest is well over 800 Mb (our ISPs are at 1Gb). We've also tested with a 505Hr port configured in bridge mode (whereas the traffic gets offloaded to the local ISP) and speedtests are close to 500 Mb (the amount provided by the ISP at test location). At same test location, the tunneled VPN data back to the 7210 isn't getting anywhere close to the 500Mbs. Does anyone have 505Hr in deployment in a mobility controller scenario and are you getting expected speed and if so, do you have to implement any special configuration?

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------

Been working with TAC and providing logs and more logs and latest is "Got an update from Engineering that, there were no traces for any anomalies on the logs collected during last remote session. Working on an plan to collect the required logs/data to find the root cause." How have you made out on your end?

------------------------------
Tony Marques
------------------------------

Original Message:
Sent: May 11, 2021 02:40 AM
From: Jukka Aaltonen
Subject: 505Hr VPN throughput

We've had TAC case open for few months now and seems TAC does not have much idea what might cause it but we've randomly tried everything to see if something happens. It's Central managed but connecting to 7210. We've used both wireless and wired uplink, and even when using wireless uplink we can get decent speeds for bridge SSID but not when using tunneled SSID.

So far most difference has been with different versions. For example newest 8.7.1.3 was really slow with wireless uplink, then again 8.8.0.0 is sort of OK. We only use those behind max 100Mbps uplinks but even with those we've seen something like 5-30Mbps speeds with some software versions. Then again 8.7.1.3 works with wired uplink...
Original Message:
Sent: May 10, 2021 01:02 PM
From: Tony Marques
Subject: 505Hr VPN throughput

The specs for a 505Hr is up to 500Mb for VPN encryption. We've purchased a dozen or so of the 505Hr in order to provide remote users with more then 100Mb of throughput back to our 7210 mobility controller. Speedtest have shown to be getting around 80-90 Mb of throughput. I do have a case open with Aruba, but no findings yet. We've tested with a host device directly connected to an open port on said 7210 on the subnet in questions and speedtest is well over 800 Mb (our ISPs are at 1Gb). We've also tested with a 505Hr port configured in bridge mode (whereas the traffic gets offloaded to the local ISP) and speedtests are close to 500 Mb (the amount provided by the ISP at test location). At same test location, the tunneled VPN data back to the 7210 isn't getting anywhere close to the 500Mbs. Does anyone have 505Hr in deployment in a mobility controller scenario and are you getting expected speed and if so, do you have to implement any special configuration?

Regards,
Tony Marques

------------------------------
Tony Marques
------------------------------