Last week I noticed after some undetermined amount of time, the web interface for my virtual controller will stop working. When I try to access it, it says the webpage is not available. If I reboot the access point that is the home of the virtual controller, it will start working again but apparently stop working again after some time. I even tried upgrading the APs to the newest 184.108.40.206 firmware last Thursday night, but coming in this morning the interface again is not working. No apparent 'error' in our syslog from the controller either.
I would just keep rebooting it, but I really shouldn't have to. People are connected to it so the access point is working fine.
edit: I have five IAP-115.
By IP. Local management.
The VC IP does ping. SSH brings back no reply when I try to connect, though I am pretty sure it did that before I started having problems with the web interface.
Edit: I've also opened TAC issues in the past and gotten pretty poor support. I ended up finding solutions to my problems with a deep Google search after it took them a week to answer me. So I figured I would try here first.
Is your VC ip different from the IAP itself? I know from experience from when a customer forgot to exclude the VC ip from the dhcp and one of the IAPs took that address, things went a bit wonky.....similar to the symptoms you describe.
Nope. All IAP are static assigned. VC is .2 on a /24, IAPs are .248-252. DHCP range is .100-229
Thanks for the reply.
Opened a case with Aruba support. Got a few initial replies, but now it's been days since the last reply. =\
I'm having the same issue with Instant AP 103's. VC is on the same subet at the other instants but fails to keep a stable connection on the GUI.
Please let me know if you found a solution.
No solution yet. The GUI was working yesterday afternoon during a meeting, but then this morning found it to not be working again.
Support has been no help thus far as usual.
How many IAPs in that cluster and what is the user count like?
Five IAPs. Right now We have around 20 client machines and 20 mobile devices.
I just found out something interesting though...
I noticed that yesterday in my meeting it started working, which is on the other side of the office. So if I roam to another IAP that is NOT the master running the virtual controller, I can connect to the Web GUI. I just tested this with another laptop of mine. I walked to the other side of the office and can access the Web GUI while roaming to another AP. My two other machines connected to the master are still unable to load the Web UI.
My first thought was access list, but looking at my configuration I don't see much access control. Mostly the only access control I have is setting VLANs for specific users authenticating via RADIUS. The management control wasn't even enabled. I just turned it on to see if it made a difference but it didn't. I'd think any ACLs I do have in place would be in place across all of the IAPs though.
In my situation the IAPs have been deployed in to different locations (remote small warehouses) with 3-5 IAP’s (103’s).
We have the virtual master controller IP set as a static. When I loss connection or becomes unstable to the static address, I can still reach the GUI from one of other AP’s that have a DHCP address. I have jump from on AP to AP to find one that finally responds and loads properly.
What is your instant AOS currently running ?
Same issue i have faced few weeks back. Then i upgraded the AOS of all IAP's to 220.127.116.11-18.104.22.168_44126. After upgradation same issue doesnt comes again.
Have you tried putting a lesser used AP as the master controller?
It is already one of the lesser used IAPs. There were three devices connected to it last night when I checked.
Are your clients on the same management VLAN as the APs? If yes then try sepearting the client VLAN and the PA Management VLAN then see if it helps.
Check if you have Drop broadcast / multicast?
There shouldnt be anything dropped if they are on the same network segment, unless I am not clear on what you are asking. Thanks for the help.
@mcgillicutty wrote:There shouldnt be anything dropped if they are on the same network segment, unless I am not clear on what you are asking. Thanks for the help.
Hi, i have the same problem here.
What browser are u using?
I see the issue with IE and Firefox. Google Chrome worked perfectly..
I've tried rebooting the access point also and he returns to work for only some time. I'll try to update the firmware to version 22.214.171.124 on Saturday.
Thanks. Not a browser issue. First thing I ruled out. Does it on both my OS X systems in Safari, Chrome and Firefox and my linux laptop using Firefox and Chrome. Works when I roam to a non-master IAP.
I'm on wired and trying to access.For me the login screen but does not load when I try to access via Firefox and IE arrives to appear. :smileysad:
Completely different issue.
really can;t think of anything else. Try upgrading and change the VC Master and see if it helps.
I figured out what was causing the problem with the GUI not repsonding.
I had assigned a DHCP reserveration for the master AP that was tied to its MAC address. I assumed that virtual controller IP and master AP needed the same address.
When the master role was changed to another AP, all communtication was lost to my orginal master. I basically had to AP's trying to use the VAC IP address.
I removed the DHCP and MAC address entry from my pool and just excluded the VAC IP address from the pool. Now all my AP's have a different IP address then the VAC IP address and communication to VAC GUI has not been lost.
My IPs are all static. No DHCP.
try patch to the latest firmware via the support site else do a sniffer trace to see what is stopping the GUI from loading,
Try patch to the latest firmware via the support site else do a sniffer trace to see what is stopping the GUI from loading,
I'm not sure how that would help... but they are on separate VLANs.
We are facing same problem like yours. There are two clusters of 10 APs in a building segmented into two VLANs, but apparently one or the other or both controllers are in-accessible after random amount of time. Only way to access the VCs is to reboot the AP clusters. One forum suggested me that there may be IP conflict with the IP address of VCs. I think the issue is not at all related to IP address conflicts.
I also tried changing the VC's preferred master setting, still the problem persists. I tried ssh to the master but it is of no help.
Aruba support says that "devices doesn't have a valid support contract anymore". But as far as I know things are purchased in two phases. One lot is about 1year six months (30 Nos. of IAP93) old and second lot (100 Nos. of IAP93) is about 5 Months old. Moreover, AirWave licenses augmented with 150 licenses during 2nd lot purchase which is 5 months ago.
Since we are not using any controller and all deployments are Virtual Controller based and well within the specified limit of 16 IAPs cluster.
Could you share 'show tech-support' from both VCs?
Pl. see the attached tech support dump.
Did you try enabling "Broadcast Filter All" in the SSIDs? I don't see it enabled.
I'll try that also.
Do you have problems getting to it, if your PC is wired, instead of wireless, to rule out RF issues?
No, it is done wirelessly. Let me observe for a few hours with "broadcast filter all" enabled.
Thanks Colin Joseph
Question: Is there a reason why the access points are at full power? By default the minimum is 18 and the max is 127, but you could start at min 12 and max 18 to avoid interference if you have good coverage. That might improve your performance, as well.
Adjusted powers to Min 12 to Max 18. Let us see further.
As suggested in your previous posts, I did change "broadcast filtering" to all & adjusted the power level in between 12 and 18. But, the problem has not gone yet.
Pl., see the screen shot of Airwave.
One more thing I also noticed that some network activity still goes on from that problem area though the Virtual Controllers arce inaccessible(unable to get ping response or login).
Could you pl. throw some light on the issue to be investigated further.
A few questions:
- For the wired port profile, why do you have the speed auto and duplex full? Can you make both auto, OR check to see on the switchport what speed and duplex they negotiated? Check to make sure there are no errors on the ports of the APs:
- Can you please remove the bandwidth contracts on the pataki temporarily?
wlan access-rule patkai
rule any any match any any any permit
bandwidth-limit peruser downstream 1500
bandwidth-limit peruser upstream 1500
- Can you possibly upgrade the IAP firmware? (4.1.x.x), etc...?
Aruba Operating System Software.
ArubaOS (MODEL: 93), Version 126.96.36.199-188.8.131.52
- Can you please set the clock correctly? I am not sure your NTP server is working. This will make it easier to troubleshoot:
Current Time :2000-01-01 07:20:19
end of show clock
- Please turn of spectrum monitoring if possible to normalize things and possibly improve performance. Also, interference immunity should be at 2 by default. Please change it back to 2. Increasing it to more than 2 decreases your effective range in an attempt to :
- You do have alot of RF activity on the 2.4ghz band, but since this is a single-band access point that is all you have. Hopefully the changes reduce things some:
Ch Busy perct @ beacon intvl 46 53 29 30 43 35 38 39 29 23 26 46 47 32 48 47 37 30 41 44
These suggestions are to just normalize to deployment and to see if things change.
Now the things are stable and not seen any VC outage since last 3 days. The things have worked after reducing the default radio power between 12 and 16 and disabled per user bandwidth reservation. Thanks once again for reviewing our configuration.
Man did my thread get seriously hijacked or what? :P
Man did my thread get seriously hijacked or what? :P
Please tell us your latest. Did you upgrade the firmware?
Firmware is 184.108.40.206-220.127.116.11_45063. I see today that 18.104.22.168 is out but I see no changelog on it or posts yet, so I don't want to update it yet.
Basically I cannot connect to the web interface of the virtual controller while I am connected to it. If I roam to another IAP that it controls, I am able to get to the VC web interface. My first thought was some sort of ACL but I'm not sure that explains why I can connect to it via another IAP.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.