I have 2 x Demo IAP-325 18.104.22.168-22.214.171.124 in a VC cluster with employee type WLAN and Local, L2 DHCP on the VC. The Client Gateway is a Cisco FW to the Internet. The DHCP Client scope options have the DNS Server to 126.96.36.199 and the IAP DNS Server settings is to the internal corporate DNS Server. This is basically a BYOD WLAN to the Internet to access Corporate services.
On a wireless client, I can nslookup to a corporate FQDN, but get two different DNS responses randomly:
1 - DNS response with the correct Internet IP address from the Cisco FW mac address
2 - DNS response with the internal IP address from the Aruba AP mac address.
I am not doing any VPN as far as I know and tried the Enterprise Domains settings with no success.
Is it a firmware bug or wrong setting somewhere?????
Did you try configuring * instead of a domain name in the Enterprise domain list?
Yes, tried * in the Enterprise Domain list as well with no luck.
Note that I will have another Guest WLAN as well for self registering guests with a CP captive Portal so I need the Aruba AP DNS Server to be internal.
Any other solutions?
Is there a way to disable AP DNS interception per WLAN??
As a test, can you have something else besides the IAP supply the DHCP addresses? I don't exactly know your setup, but is the Cisco firewall the default gateway for those clients?
I've removed the DHCP scopes to the GW Firewall with no change. The problem still existed.
I power cycled the APs which fixed the problem. I have not seen the problem since. So a combination of DHCP scope removal and reboot may have fixed the issue???
Contacted our BDM and there is no bug of this type. Received a later version of firmware and upgraded APs as well.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.