Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Wired Network Clients Cannot Reach WiFi Clients

Jump to Best Answer
  • 1.  Wired Network Clients Cannot Reach WiFi Clients

    Posted Jun 29, 2020 03:19 PM

    Hello,

     

    I'm setting up model AP-505 access points and would like to use them for a DHCP server as well.  I have one AP running with DHCP Local 1 Scope running.  I'm using Vlan 50 for this network and it's already assigned on the switchport.  I can connect to all network resources over Wifi, however I cannot connect to Wifi Clients when I'm back on the wired network.  Do I need to enter a static route in my router back to the Wifi Gateway to make this work?  Or am I going about it the wrong way?

     

    Thanks,

    Jason



  • 2.  RE: Wired Network Clients Cannot Reach WiFi Clients

    Posted Jun 30, 2020 01:46 PM

    Can the wireless clients reach the wired client your testing from? If so, it shouldn't be a routing issue. From there I would look at the rules on the role/roles.

     

     



  • 3.  RE: Wired Network Clients Cannot Reach WiFi Clients

    Posted Jun 30, 2020 02:07 PM

    Dustin,

     

    Thanks for the reply.  Yes the wireless users can access the same wired users, but not vice-versa.  When you say to look at the rules on the rules/roles do you mean in the AP Virtual controller?

     

    Thanks,

    Jason



  • 4.  RE: Wired Network Clients Cannot Reach WiFi Clients

    Posted Jun 30, 2020 02:16 PM

    Yes. Are there any ACLs in the wireless roles that would only be allowing the communication in one direction?

     

     

     



  • 5.  RE: Wired Network Clients Cannot Reach WiFi Clients

    Posted Jun 30, 2020 02:19 PM

    I don't believe there are any rules at all, but let me double check and I will verify.



  • 6.  RE: Wired Network Clients Cannot Reach WiFi Clients
    Best Answer

    Posted Jun 30, 2020 08:52 PM

    It sounds like you're setting your DHCP server up on the Instant Virtual Controller (VC), is this correct?

     

    What DHCP server type have you currently set? You have used the word Local which should be OK. Local and Local,L3 set the VC to act as the DHCP server and Gateway. With Local, traffic is passed through the VC which performs Network Address Translation (NAT) - this probably isn't ideal if you want access to the wireless clients from the wired side.

    With Local,L3 the VC will act more like a router but is more likely useful if you are using IPsec tunnels from the VC to another site or gateway/controller.

     

    I would suggest you try Local,L2. The gateway can be configured as a device other than the VC - such as your router. With this mode it would be possible to have all wired and wireless clients in the same subnet. Some more information may be useful about the other subnets if that is not your goal.

     

    Here is a useful resource which describes the different Local DHCP modes: https://www.arubanetworks.com/techdocs/Instant_86_WebHelp/Content/instant-ug/dhcp-conf/local-dhcp-sco.htm?Highlight=dhcp%20server

     

    Another useful link: Configuring DHCP Scopes - Aruba Instant 



  • 7.  RE: Wired Network Clients Cannot Reach WiFi Clients

    Posted Jul 01, 2020 08:02 AM

    I've verified that there are no rules programmed into the Virtual Controller.

     

    As of now the DHCP setting is set to Local (not L2 or L3).  We aren't using IPSec tunnels to another site or gateway.  The entire network is Metro Ethernet with an Aruba layer three switch serving as the gateway at each remote location.

     

    It sounds like the Local, L2 will accomplish communication between wireless and wired clients.  I appreciate the help with this and I will also keep those two documents you included for future reference.

     

    I didn't fully understand the documentation on those settings, but this makes sense.

     

    Thanks again for the help!