I have some issues in a costumer that it is working with a client-wireless TP-Link TL-WA801ND. They have 3 servers behind this device.
They worked with IAP-93 and it seems they worked so fine.
Now we've installed a controller and convert the IAP to Campus AP and they experiment some issues (strange issues).
The main problem is that servers behind TP-Link don't reach the wired LAN on this VLAN. For example, I don't get response from this servers to the IP address of WLAN in this interface.
But when I do ping from wired network to servers, sometimes work but with high loss.
In WLAN user-table I see 3 TP-Link MAC address with the IP address of servers.
I disabled "IP spoofing" on firewall and "Suprressed ARP" on interface and it seems it worked better. I can do ping from servers behind TP-Link but it works in bursts and with high loss.
do you have any experience with clients behind this type of devices?
You might want to try disabling "Broadcast Filter ARP" in the Virtual AP for this to work: http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Web_Help_Index.htm#ArubaFrameStyles/1CommandList/wlan_virtual_ap.htm
"Beginning with ArubaOS 220.127.116.11, the broadcast-filter arp parameter is enabled by default. Behaviors associated with these settings are enabled upon upgrade toArubaOS 18.104.22.168. If your controller supports clients behind a wireless bridge or virtual clients on VMware devices, you must disable the broadcast-filter arp setting to allow those clients to obtain an IP address. In previous releases of ArubaOS, the virtual AP profile included two unique broadcast filter parameters; the broadcast-filter all parameter, which filtered out all broadcast and multicast traffic in the air except DHCP response frames (these were converted to unicast frames and sent to the corresponding client) and the broadcast-filter arp parameter, which converted broadcast ARP requests to unicast messages sent directly to the client.
Starting with ArubaOS 22.214.171.124, the broadcast-filter arp setting includes the additional functionality of broadcast-filter all parameter, where DHCP response frames are sent as unicast to the corresponding client. This can impact DHCP discover/requested packets for clients behind a wireless bridge and virtual clients on VMware devices. Disable the broadcast-filter arp setting using the wlan virtual-ap <profile> no broadcast-filter arp command to resolve this issue and allow clients behind a wireless bridge or VMware devices to receive an IP address."
I tested too disabling broadcast arp but I didn't notice that PCs worked better.
I'm working on release 126.96.36.199, I have this parameters configured:
Virtual AP profile "xxxxxxx"----------------------------Parameter Value--------- -----AAA Profile AAAxxxxxxx802.11K Profile defaultHotspot 2.0 Profile defaultSSID Profile ssid_xxxxxxVirtual AP enable EnabledVLAN 312Forward mode tunnelAllowed band allBand Steering DisabledSteering Mode prefer-5ghzDynamic Multicast Optimization (DMO) DisabledDynamic Multicast Optimization (DMO) Threshold 6Drop Broadcast and Multicast DisabledConvert Broadcast ARP requests to unicast DisabledAuthentication Failure Blacklist Time 3600 secBlacklist Time 3600 secDeny inter user traffic DisabledDeny time range N/ADoS Prevention DisabledHA Discovery on-association EnabledMobile IP EnabledPreserve Client VLAN DisabledQinQ Outer VLAN 0Remote-AP Operation standardStation Blacklisting DisabledStrict Compliance DisabledVLAN Mobility DisabledFDB Update on Assoc DisabledWMM Traffic Management Profile N/A
May be other combination with ARP?
I would turn "Broadcast Filter ARP" and "Broadcast Filter ALL" both back to enabled.
I couldn't update before.
It seems that the configuration I put before is good. The better configuration is:
Drop Broadcast and Multicast DisabledConvert Broadcast ARP requests to unicast Disabled
The last day I tried some configurations so fast and I didn't notice that the problem was solved.
Thanks a lot for your help,
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.