Wireless Access

last person joined: 4 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

HA and remote AP

This thread has been viewed 1 times
  • 1.  HA and remote AP

    Posted Apr 01, 2019 10:51 AM

    Good day community! 


    I have a question. I was doing some changes in my controller and we migrated from VRRP to HA configuration. Nevertheless, my remote APs did not form a standby tunnel with my controllers. Based on the docummentation that I have read so far, RAp does not support HA configuration so it is most likely to fail if the master controller goes down. My question is this: 


    Is there any way that I can provide failover to my RAp without configuring HA in my controllers? Going back to VRRP maybe an option but is not the idea. 


    I was thinking about re-aprovision them but I want to be 100% sure. 

  • 2.  RE: HA and remote AP

    Posted Apr 01, 2019 04:05 PM

    The best way to provide HA for RAPS is:


    (1) Make both controllers have a public ip address

    (2) Provision your RAPs with a DNS a-record that resolves to both of those public ip addresses.

    Result:  The AP will obtain either one or both ip addresses upon cold boot.  If it cannot reach the first address, it will try the second one.


    You will run into issues if you are using master-redundancy because the RAP has no way to tell which controller is the master and which is backup (non-functional).


    The steps above are just an idea based on your post and might not work as intended in your environment, so you should test it.

  • 3.  RE: HA and remote AP

    Posted Apr 02, 2019 06:06 PM

    Good day! Thanks for your reply.


    I see that trying to make this work is kinda hard.


    Is there any other way that does not involve DNS and public IP addresses?

  • 4.  RE: HA and remote AP

    Posted Apr 02, 2019 07:51 PM

    The problem is that the RAP needs to get both ip addresses upon cold boot.  If it doesn't find the first ip address, it is dead in the water.  There is no other way, unless the VRRP is in front of the firewall.  If it is behind the firewall, it doesn't work.

  • 5.  RE: HA and remote AP

    Posted Apr 05, 2019 03:08 PM

    Hello Community!


    Basically, I am dead in the water. I will be testing one last configuration of "backup LMS IP" and see if I can get something from there. If not, well, I may have to change the solution that the customer has.


    I really appreciate your help!