Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

7010 w/ - Trying to figure out AOS

  • 1.  7010 w/ - Trying to figure out AOS

    Posted 20 days ago

    Hey Everyone,

    I'm trying to learn AOS and am not getting the results I expect. I recently got a 7010 controller and some old APs from my work. The controller has the latest AOS installed but has on the inactive partition. I am mostly a systems admin but know a little about network (not much) but want to learn on AOS and this controller.

    My goal is to set it up so it can be used with a cable modem/ethernet dhcp internet connection and have 4 separate VLANs.

    I can get the APs to see the controller if I connect it to an existing DHCP server but I'm trying to get the controller to be standalone from the rest of the network.

    I've configured the VLANs that I'm hoping to use at the "Mobility Controller" level of the WebUI. Within the CLI I'm trying to figure out how to view the full details of the VLAN, DHCP and other settings as I can't seem to find the correct command to show me all the details.

    Some areas I could use some advice on:

    1. DHCP Pools - When I create the DHCP pool, I set it to dynamic and I specify the Start and End address along with the Hosts (not sure why it doesn't calculate that for you). Everything looks good but when I click Submit the WebUI shows the DHCP Pool as static with no network specified. I can't figure out why it's not saving the settings I'm wanting to use.

    2. Routing - how do I get the different VLANs to have a gateway on the controller so I can route traffic between a few of them and set up ACLs to control the traffic?

    3. Do I need to Trunk the ports the APs are plugged into and specify the different VLANs or will the default settings with "1-4094" trunked VLANs work for the different SSIDs (1 per VLAN).

    I'm new to this, if there is a resources online on how to set up a similar environment I'm willing to work through the info. I've been watching youtube videos and reading other sites which have helped me learn a lot about AOS so far. I think I just need a nudge in the right direction to be off an running with the configuration.

    Thank you in advance for the help! Happy Holidays!

    Josh Mikow

  • 2.  RE: 7010 w/ - Trying to figure out AOS

    Posted 20 days ago
    Do you have IP addresses assigned to each of the VLANs that need to route traffic on the controller? If not, that may be a reason that the dhcp server configuration is rejected.
    If you have IPs assigned to the controller, enter that IP in the default router of your DHCP configuration or to the static default gateway configuration of your clients.
    If you don't disable routing, it is enabled between VLANs. Please note that you will need to add a route to the subnets configured on the controller in your cable modem in order to get internet traffic back to clients in those subnets.

    With the recommended tunneled SSID configuration you don't need to put any tagged VLANs to your APs, the client VLANs just need to be present on the controller. It doesn't hurt either to have VLANs tagged to your AP, they are just not used.

    This stuff is covered in Aruba training, and I don't know if there is video material on it freely available on this level as most controllers are deployed in L2 mode and leave routing to an external router/L3 switch device. It can be done, but just is not so common. Others may have suggestions on learning/training material.

    Herman Robers
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

  • 3.  RE: 7010 w/ - Trying to figure out AOS

    Posted 16 days ago

    I do have IPs assigned to each VLAN. Originally I didn't and once I set an IP things worked better. 

    I have a VLAN setup just for the internet connection and it is defined in the WANs. Seems to be working but I don't see it on the dashboard. 

    I have the inter VLAN routing enabled but will eventually add firewall rules or ACLs to restrict traffic between them. 

    still learning and trying to figure it all out. It's a bit different than what I've done before. 

    Josh Mikow