Had not worked at the time I wrote the post as indicated by the TAC. During the whole troubleshooting process, other problems arose in connection with the Mobility Master/Mobility Controller Cluster/RAP with 4G uplink where, depending on the firmware version, it was from moderate to impossible to establish a connection from the RAP to the Mobility Controller Cluster via 4G.
After escalation of the case regarding the connection problem of the RAP's via 4G to a controller cluster, it was determined that a bug is present which was only fixed with the firmware version 8.7.1.7 to 95%. The fix is not yet included in the latest versions of 8.6, 8.8 and 8.9.
Only with this version it was possible in my case to establish a stable connection from a RAP via 4G to a controller cluster without any problems. Currently there is still the problem that with an AP325 in the connection variant only two SSID and one Wired VLAN are possible. As soon as a third SSID is added, the RAP cannot fully establish the connection. So far, however, this only affects the AP325.
------------------------------
Christoph Rizzo
------------------------------
Original Message:
Sent: Dec 04, 2020 04:41 AM
From: Milan Knizek
Subject: RAP: Use ETH0 port as Access Port
Hi Christoph,
did it work for you? I worked on this with TAC about two years ago and they told me it wasn't possible.
------------------------------
Milan Knizek
Original Message:
Sent: Nov 27, 2020 08:02 AM
From: Christoph Rizzo
Subject: RAP: Use ETH0 port as Access Port
According to TAC Support the configuration is possible.
The Link Priority Cellular and Link Priority Ethernet in the Provisioning Profile should be adjusted so that the connection can be established without problems over a 4G connection.
The configuration can be done via the GUI or in the CLI in the Provisioning Profile.
CLI Example:
(host) (config) #ap provisioning-profile default
(host) (Provisioning profile "default") #link-priority-cellular <[0=min; 255=max]>
(host) (Provisioning profile "default") #link-priority-ethernet <[0=min; 255=max]>
(host) (Provisioning profile "default") #write memory
I have set the following values
(host) (Provisioning profile "default") #link-priority-cellular 100
(host) (Provisioning profile "default") #link-priority-ethernet 0
------------------------------
Christoph Rizzo
Original Message:
Sent: Nov 13, 2020 05:16 AM
From: Christoph Rizzo
Subject: RAP: Use ETH0 port as Access Port
Hi
I'm trying to tunnel user traffic to the controller via ETH0 using the 4G uplink (4G USB stick).
I am aware that normally an access point with two ports must be used for this case. If it is a customer request, the technical documentation is not so informative whether this is possible or not.
Christoph
------------------------------
Christoph Rizzo
Original Message:
Sent: Nov 12, 2020 01:23 PM
From: Colin Joseph
Subject: RAP: Use ETH0 port as Access Port
I have never seen that done (using eth0 for wired traffic), but are you trying to tunnel all the wired user traffic from eth0 back to a controller or are you trying to bridge it locally to another switch?
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
Original Message:
Sent: Nov 12, 2020 11:10 AM
From: Christoph Rizzo
Subject: RAP: Use ETH0 port as Access Port
Is it possible to provide the ETH0 port as access ports for clients or printers on a RAP with a 4G WiFi uplink? In the documents of Aruba I found after a long search the hint that the ETH0 can only be used as uplink unless the AP establishes the uplink via MESH.
Image: Aruba AOS 8.6.0.4
The complete profile for the ETH0 port is configured and provisioned for the respective RAP group. As soon as a device is connected, the ETH0 port will come up and is also indicated as active by the controller. But the client does not get a connection, the configured VLAN is not active on the ETH0 port.
wired-ap-profile on eth0:
wired-ap-enable
trusted
switchport access vlan 35
We use the same configuration for a second RAP group via the ETH1 port. Here only RAP with two ETH ports are assigned. Clients or printers can be connected here without any problems and get the IP address from the assigned VLAN via DHCP.
Christoph