Wireless Access

last person joined: 27 minutes ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

simple AP175 mesh

Jump to Best Answer
  • 1.  simple AP175 mesh

    Posted Mar 22, 2019 01:00 PM

    We used to have a mesh running under AOS6 between two AP175. It was pretty straightforward with 5GHz for the mesh and 2.4GHz for the SSID broadcast. Roughly 300 feet between the two APs.

    I've redone the mesh since our upgrade to AOS8. However, I cannot get the mesh point to connect. When I do a "show ap mesh neighbors ap-name Mesh-Portal" I see the MAC address of the point...

     

    Neighbor list
    -------------
    MAC                Portal             Channel  Age  Hops  Cost  Relation                 Flags  RSSI  Rate Tx/Rx  A-Req  A-Resp  A-Fail  HT-Details       Cluster ID
    ---                ------             -------  ---  ----  ----  -----------------        -----  ----  ----------  -----  ------  ------  ----------       ----------
    d8:c7:c8:01:44:b9  24:de:c6:7e:2c:38  157+     9    1     1.00  C 45s                    HZ     27    27/6        3      3       0       HT-40MHzsgi-2ss  mesh

    After a minute, It changes from a "child" to a "neighbor"...

    Neighbor list
    -------------
    MAC                Portal             Channel  Age  Hops  Cost   Relation                 Flags  RSSI  Rate Tx/Rx  A-Req  A-Resp  A-Fail  HT-Details       Cluster ID
    ---                ------             -------  ---  ----  ----   -----------------        -----  ----  ----------  -----  ------  ------  ----------       ----------
    d8:c7:c8:01:44:b9  00:00:00:00:00:00  -        6    1     65535  N 1m:49s                 H      27    -           4      4       0       HT-40MHzsgi-2ss  RecoveryiefGpKd40cjUa9ex

    ...and then it reboots.

     

    Before taking it out to the field, I set it up in my office and it worked just fine. Thoughts?



  • 2.  RE: simple AP175 mesh

    Posted Mar 22, 2019 01:03 PM

    Also, I thought it might be helpful to increase the signal of the mesh 5GHz but no matter which settings I change (dot11a or arm) it never seems to go beyond an EIRP of 18 as seen below.

     

    Mesh Cluster Name: mesh
    ---------------------------
    Name                  Group        IP Address       BSSID              Band/Ch/EIRP/MaxEIRP    MTU   Enet Ports  Mesh Role  Parent  #Children  AP Type  Uptime
    ----                  -----        ----------       -----              --------------------    ---   ----------  ---------  ------  ---------  -------  ------
    Mesh-Portal-Softball  zMeshPortal  140.103.138.237  24:de:c6:7e:2c:38  802.11a/157+/18.0/26.5  1500  -           Portal     -       0          175P     50m:31s
    
    Total APs :1


  • 3.  RE: simple AP175 mesh

    Posted Mar 23, 2019 08:21 AM

    You will need to open a TAC case and/or get a console cable on the point to determine why it's rebooting. The mesh link SNR is 27 so you have plenty of RF. Things to check, ensure the point upgraded code, has the right mesh keys still, etc.

     



  • 4.  RE: simple AP175 mesh

    Posted Mar 27, 2019 10:02 AM

    This turned out to be the port config at the mesh portal's switch. We do MAC/802.1x on every port on campus. APs authenticate with their MAC. On a whim, I decided to turn off "aaa port-access" on that specific port and voila, it worked. I assume that, because the mesh point wasn't physically plugged into the switch, it never authenticated and could not pass the needed traffic. Any thoughts on another way to accomplish this?



  • 5.  RE: simple AP175 mesh
    Best Answer

    Posted Mar 27, 2019 12:25 PM

    So the mechanics of the portal's wired interface is that the mac address of the portal and all points asociated to it, are presented on the portal's wired interface. As such, if you're doing MAC auth, or if you're doing port security to raise the mac limit to Portal + N points (in your case 2).



  • 6.  RE: simple AP175 mesh

    Posted Mar 27, 2019 01:23 PM

    Sure enough. That is (I thought) a standard config on our switches, but apprently not on this one. I added "aaa port-access mac-based xx addr-limit 2" and re-enabled auth. No drops. Thanks!