hi all, i am doing config in my new aruba controller 650 an acess points ap-135. there is a problem that Unprovisioned Access Points is not detected in my controller. i have already configured dhcp server in my controller and the ap is get dynamic ip from controller. i can ping the controller from acces points. i have read the forum and CP Sec disabled.
this is the ping :
PING 10.200.50.253 (10.200.50.253): 56 data bytes64 bytes from 10.200.50.253: icmp_seq=0 ttl=64 time=2.4 ms64 bytes from 10.200.50.253: icmp_seq=1 ttl=64 time=1.0 ms64 bytes from 10.200.50.253: icmp_seq=2 ttl=64 time=1.0 ms64 bytes from 10.200.50.253: icmp_seq=3 ttl=64 time=1.5 ms64 bytes from 10.200.50.253: icmp_seq=4 ttl=64 time=1.4 ms
--- 10.200.50.253 ping statistics ---5 packets transmitted, 5 packets received, 0% packet loss
this is controller ip :
Switch IP Address: 172.16.0.254
Switch IP is configured to be Vlan Interface: 1
Switch IPv6 address is not configured.
this is ap database :
#show ap database
AP Database-----------Name Group AP Type IP Address Status Flags Switch IP---- ----- ------- ---------- ------ ----- ---------
Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = UnlicensedI = Inactive; H = Using 802.11n license; D = Dirty or no configX = Maintenance Mode; P = PPPoE AP; B = Built-in APR = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP; c = CERT-based RAP; 1 = 802.1x authenticated AP; 2 = Using IKE version 2M = Mesh node; Y = Mesh Recovery
Yes is detected...
Look check that its not in access denied on the monitoring tab on the summery it should appear in read you click on it and it will say access denied...
Now at this poing you need to give it permission.
If you want to do it the easy way you can go to the configuration tab, and go to the control security plane
Check autocert provisioning... and then click ok
When you done then you revert that change... thats for security reasons... but well you can do it like that faster...
Oh didnt read you have CP off...
IF you dont see it on the controller try consoling the AP to see if he find the Aruba master with the correct ip address
I see you got the AP on another network
Did you put the aruba-master record on the DNS pinting to 172.16.0.254
So when the AP comes up he knows thats the ip of the master?
And of course ont he DHCP server did you configured the DNS server i mean the internal DNS server which tells the AP which will be the aruba master?
how to find the Aruba master with the correct ip address in ap console ?
I still using default ip address for the controller.
i have already set vlan 800 with ip address 10.200.50.253 with dhcp server and the ap get an ip 10.200.50.252
i have already set gi1/5 access with vlan 800 and connect my ap to that.
sorry if i ask a basic question :)
this is ap log :
cli| ADRS provision failed, code: connection-failedJan 1 00:32:22 cli: <341004> <WARN> |AP 6c:f3:7f:c3:67:email@example.com| Isc_send_requestJan 1 00:32:53 cli: <341005> <ERRS> |AP 6c:f3:7f:c3:67:firstname.lastname@example.org| ADRS provision failed, code: connection-failedJan 1 00:33:24 cli: <341004> <WARN> |AP 6c:f3:7f:c3:67:email@example.com| Isc_send_request
okay let see
you got set this way up
you got the Controller set on 172.16.0.254
You also did an interface vlan with the ip 10.200.50.253
Okay go the webgui go to configuration go to controller and on the controller ip details you will see this address on it
172.16.0.254 which should be on vlan 1
On the dropdown choose vlan800 10.200.50.253 it should appear
save the configuration
And you will need to reboot the controller...
Now the thing is that you should always point the AP to the master IP address and now the master ip address is 172.16.0.254
For him aruba-master = 172.16.0.254 not 10.200.50.253
With the change i just told you the aruba-master will be 10.200.50.253 and it should find it correctly after you reboot
Now if you trunking that vlan 800 to your internal network then you shoud put the default gatway of that network pointing to the switch that is routing that vlan...
But for now just do the change i just told you and the AP should come up...
Before rebooting you can put another port on vlan 800 if you would like and you can plug your laptop or computer there and well save the config
Im guessing you are doing this offline you your pc and the controller and the AP just to test though....
But when you connect it ot the real Network you will have your APs on another vlan
You got your controller with vlan 800 with the ip you said 10.200.50.253
You got that vlan trunked to your switch core and then trunked that vlan 800 back and on the switch core an ip interface vlan which will be the default gateway of that Wireless controller... let say you will have an ip interface vlan with the ip 10.200.50.1 on the SwitchCORE
And your default gateway will be the CORE switch which is routing that vlan(for now thecontroller should be just a layer 2 at this momment which is recommended.
Now just with that you should have aministration on the network of the Wireless contorller.
Now the APs might not be on that vlan... they will be in X vlan...
So now you got the dilema that you need your APS can find the controller.
It can be done in many ways....
1-By statically configuring it
4-with ADP protocol(which will find it if the AP is on the same vlan of the Wireless controller)
I llike the DNS one
On the DNS server you put a new record aruba-master which willl be 10.200.50.253
Now if you connect the AP on any vlan that has a DHCP server that distribute the DNS server ip on that dhcp scope he willl get the IP in X vlan and also but as he will resolve with the DNS server that the master is 10.200.50.253 he willl find the controller and you should see it ont he screen.
Hope this help you
@ Im guessing you are doing this offline you your pc and the controller and the AP just to test though....
you are right :)
I am still looking for how to configure this stuff
Can you explain in details this :
1-By statically configuring it >> might be this is the easy way but i have to do it on ap's console ?
Lets go step by step
Can you see the AP now you did what i told you ?
i have done this :
but still cant detect it
this is tha ap sum
# show sum
Name :AP1Domain :Address :0.0.0.0Content Filtering :disableTerminal Access :disableOrganization :Airwave Address :0.0.0.0Airwave Shared Key :Airwave Config Via :DHCPSyslog Server :0.0.0.0Syslog Level :warnBand :allMaster *:10.200.50.252Master Key :6191342201c1e2d5c326e7e9c7023749e56da72af4c1e967daElected Time :12m:51sMesh :enableDynamic Radius Proxy :disableNTP Server :Configuration Dirty :disableAllow New APs :enableClassification :disableWireless Containment :disableWired Containment :disableRogue Containment :disableLED Off :disableAirwave :Not Set UpImage Server State :successImage Server Message :SuccessNew Image Version :New Image URL :Factory SSID :instantImage Sync Via :MasterClient Alerts :0Active Faults :0IP Address :10.200.50.252Serial Number :AX0141813OpenDNS Status :Not connectedTFTP Dump Server :0.0.0.0VPN Status :Not Set Up0 Clients---------MAC Name IP Address Network Access Point--- ---- ---------- ------- ------------1 Network---------Key Name Clients--- ---- -------instant instant 01 Access Point--------------MAC IP Address Name Clients Need Antenna Config--- ---------- ---- ------- -------------------6c:f3:7f:c3:67:28 10.200.50.252 6c:f3:7f:c3:67:28 0 NoRADIUS Servers--------------Name IP Address Port KeyTimeout Retry Count NAS IP Address NAS Identifier RFC3576---- ---------- ---- ---------- ----------- -------------- -------------- -------InternalServer 127.0.0.1 1616 4b4f5340018718468e84e46eebb559ae8fbcb438a87415bb05 5 3RTLS Servers------------Type IP Address Port Key Frequency---- ---------- ---- --- ---------Aeroscout 0.0.0.0 0Airwave 0.0.0.0 0 01 AP Class----------Name APs---- ---Cassiopeia 1Uplink type :EthernetUplink status :UPManual Blacklist Count :0Dyn Blacklist Count :0Certificate Installed: :NoInternal Radius Users: :0Internal Guest Users: :0Info timestamp :813
wait a second! is that an instant AP???
When you connect it do you see on the wireless a instant SSID?
Look if its an instant AP and you DO NOT want to use it as instant AP and it will be a managed AP by the wireless controller you need to convert it to managed AP...
Remenber this is if you dont want to use it as Instant AP.
Let say you dont want it to use it as INSTANT AP and you would like to use it as a AP managed by the wireless controller which i see is what you want
You connect to the SSID instant,
Go to maintanience tab i think its the name
And you should see a tab in there to convert it... he will ask you whats the IP of the controller you put in there.. and he will convert...
yes i thought that this thread http://community.arubanetworks.com/t5/Access-Points-and-Mesh-Routers/AP-105-s-are-unable-to-be-provisioned-anymore/td-p/35213 is have a problem same with me right?
Yes thats what i think!
how i can convert user console because i have tried it using web but still cant convert it
See if the access point is broadcasting the "Instant" wireless network. If it is connect to it using your laptop and see if you get an ip address....
If you get an ip address with your laptop, open a browser and try to go to http://instant.arubanetworks.com. If a page comes up for the Instant virtual controller, login with "admin" and "admin". If you get in go to Maintenence> Convert and Convert to Campus AP and point it to the ip address of your controller to convert it.
thank you, now i can convert my 135 ap's
Awesome. Happy Holidays!
now ia have a problem with this one.
Model: AP-13xCPU: 88F6560 A0 (DDR3)Clock: CPU 1600MHz, L2 533MHz, SysClock 533MHz, TClock 200MHzDRAM: 256MBPOST1: passedFlash: 16 MBPower: DCLAN: donePHY: donePEX 0: RC, link up, x1bus.dev fn venID devID class rev MBAR0 MBAR1 MBAR2 MBAR300.00 00 11ab 6560 00005 02 f1000000 00000000 00000000 0000000000.01 00 168c 0030 00002 01 90000000 00000000 00000000 00000000PEX 1: RC, link up, x1bus.dev fn venID devID class rev MBAR0 MBAR1 MBAR2 MBAR301.00 00 11ab 6500 00005 02 f1000000 00000000 00000000 0000000001.01 00 168c 0030 00002 01 94000000 00000000 00000000 00000000Net: eth0, eth1Radio: ar9390#0, ar9390#1
Hit <Enter> to stop autoboot: 0Checking image @ 0xf8100000Invalid image format version: 0xffffffffChecking image @ 0xf8800000Invalid image format version: 0xc
This AP is delivered without os image. Can i copy the os image from another ap? I have already searching ap's os image but still cant find it.
Is that the only AP with the problem? What is the controller's OS version?
The controller should deliver the OS to the AP.
this is my cotroller
Copyright (c) 2002-2012, Aruba Networks, Inc.
i have config 2 of them but this one is came with that messege
On the console of that AP, press enter to interrupt the boot until you get to the "apboot>" prompt.
type "clear os" and reboot.
It should come up as an instant AP again. Connect to the "instant" SSID and try to convert once more...
still with that message :
apboot> clear osErasing flash sector @ 0xf8100000....doneErased 1 sectorsapboot> ?? - alias for 'help'boot - boot the OS imageclear - clear the OS image or other informationdhcp - invoke DHCP client to obtain IP/boot paramsfactory_reset - reset to factory defaultshelp - print online helpmfginfo - show manufacturing infoosinfo - show the OS image version(s)ping - send ICMP ECHO_REQUEST to network hostprintenv - print environment variablespurgeenv - restore default environment variablesreset - Perform RESET of the CPUsaveenv - save environment variables to persistent storagesetenv - set environment variablestftpboot - boot image via network using TFTP protocolupgrade - upgrade the APBoot or OS imageversion - display versionÿpboot> reset
APBoot 188.8.131.52 (build 30025)Built: 2011-08-30 at 17:41:16
Hit <Enter> to stop autoboot: 0Checking image @ 0xf8100000Invalid image format version: 0xffffffffChecking image @ 0xf8800000Invalid image format version: 0xceth0: downeth1: downADP multicast 1ADP broadcast 1
Don't worry about that message. Type "dhcp" at the apboot> prompt to see if it gets an ip address. I don't see that happening...
I also do not see the link coming up on eth0...
apboot> dhcpeth0: up, 100 Mb/s, full duplexDHCP broadcast 1DHCP IP address: 10.200.50.251DHCP subnet mask: 255.255.255.0DHCP def gateway: 10.200.50.254DHCP DNS server: 10.200.50.254DHCP DNS domain: xxxxxxxxxxxController address: 2xx.1xx.2xx.4x
okay. type "boot" and let us see the output..
apboot> bootChecking image @ 0xf8100000Invalid image format version: 0xffffffffChecking image @ 0xf8800000Invalid image format version: 0xceth0: up, 100 Mb/s, full duplexUsing eth0 deviceTFTP from server 2xx.1xx.2xx.4x; our IP address is 10.200.50.251; sending through gateway 10.200.50.254Filename 'armv5te.ari'.Loading: ###########T ######T #########T ##T ###T ######T ############T #T ###T##T ##T #T #TdoneBytes transferred = 3858304 (3adf80 hex)
Image is signed; verifying checksum... passedSigner Cert OKPolicy Cert OKRSA signature verified.Automatic boot of image at addr 0x02000000 ...## Booting image at 02000200 ...Uncompressing... done
Aruba NetworksArubaOS Version 184.108.40.206 (build 35523 / label #35523)Built by firstname.lastname@example.org on 2012-09-28 at 07:20:25 PDT (gcc version 4.3.3)Memory: 256MB = 256MB totalMemory: 245376KB available (2564K code, 8864K data, 2768K init, 0K highmem)Calibrating delay loop... 1597.44 BogoMIPS (lpj=1597440)PEX0 interface detected Link X1PEX1 interface detected Link X1wdt: registered with refreshEnabling Watchdogi2c /dev entries driveri2c-arran: using default base 0xf1018100
Starting Kernel SHA1 KAT ...Completed Kernel SHA1 KATStarting Kernel HMAC-SHA1 KAT ...Completed Kernel HMAC-SHA1 KATStarting Kernel DES KAT ...Completed Kernel DES KATStarting Kernel AES KAT ...Completed Kernel AES KAT
Domain Name: arubanetworks.comNo panic info availableEthernet port 1 mode: active-staEthernet Channel Bonding Driver: v3.5.0 (November 4, 2008)ndbyeth0: link up, full duplex, speed 100 MbpsADDRCONF(NETDEV_UP): bond0: link is not readyeth0: link up, full duplex, speed 100 Mbpsbonding: bond0: making interface eth0 the new active one.bonding: bond0: first active interface up!bonding: bond0: enslaving eth0 as an active interface with an up link.ADDRCONF(NETDEV_CHANGE): bond0: link becomes readyeth1: link downADDRCONF(NETDEV_UP): eth1: link is not readyeth1: link downbonding: bond0: enslaving eth1 as a backup interface with a down link.AP xml model 51, num_radios 2 (jiffies 1845)init_asap_mod: installation:0radio 0: band 1 ant 0 max_ssid 16radio 1: band 0 ant 0 max_ssid 16ethernet_device_event: dev eth0 is registerethernet_device_event: dev eth0 is upsetting bond0 as bridge childsetting gre0 as split childStarting watchdog process...Got all network params from APboot env. Skipping DHCP172.16.1.3 255.255.255.0 172.16.1.1Running ADP...eth0: link up, full duplex, speed 100 Mbps >>>> i press ctrl+c^C~ #
That looks right...
On the controller, type "show log system 50" and then type "show ap database"
Cotroller log :
Dec 21 14:18:43 KERNEL: 2:<4>process `trapd' is using obsolete setsockopt SO_BSDCOMPATDec 21 14:18:52 :304001: <ERRS> |stm| Unexpected stm (Station management) runtime errorat data_path_handler, 642, data_path_handler: recv - Network is downDec 24 09:48:30 :303022: <WARN> |AP d8:c7:c8:cc:36:email@example.com nanny| Reboot Reason: No reboot message found.Dec 24 09:50:58 :311010: <WARN> |AP d8:c7:c8:cc:36:firstname.lastname@example.org sapd| AP could not boot from flash -- bad checksum >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> i think this the one right ?Dec 24 13:35:16 :303022: <WARN> |AP 6c:f3:7f:c3:67:email@example.com nanny| Reboot Reason: AP rebooted Sat Jan 1 00:13:00 UTC 2000; Image Upgrade SuccessfulDec 24 13:58:39 :311002: <WARN> |AP 6c:f3:7f:c3:67:firstname.lastname@example.org sapd| Rebooting: SAPD: Rebooting after provisioningDec 24 13:58:39 :303086: <ERRS> |AP 6c:f3:7f:c3:67:email@example.com nanny| Process Manager (nanny) shutting down - AP will reboot!Dec 24 13:59:17 :303022: <WARN> |AP 6c:f3:7f:c3:67:firstname.lastname@example.org nanny| Reboot Reason: AP rebooted Mon Dec 24 13:58:39 SAST 2012; SAPD: Rebooting after provisioningDec 24 14:04:29 :311002: <WARN> |AP 6c:f3:7f:c3:67:email@example.com sapd| Rebooting: SAPD: Rebooting after provisioningDec 24 14:04:29 :303086: <ERRS> |AP 6c:f3:7f:c3:67:firstname.lastname@example.org nanny| Process Manager (nanny) shutting down - AP will reboot!
AP Database :
# show ap database
AP Database-----------Name Group AP Type IP Address Status Flags Switch IP---- ----- ------- ---------- ------ ----- ---------AP-135-01 xxxxxxx 135 220.127.116.11 Up 54m:38s R 2xx.1xx.2xx.4xAP-135-02 xxxxxxx 135 18.104.22.168 Down R 2xx.1xx.2xx.4x
Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = UnlicensedI = Inactive; H = Using 802.11n license; D = Dirty or no configX = Maintenance Mode; P = PPPoE AP; B = Built-in APR = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP; c = CERT-based RAP;1 = 802.1x authenticated AP; 2 = Using IKE version 2M = Mesh node; Y = Mesh Recovery
I have already configured 2 aps
the new one is not detected
The message "Dec 24 09:50:58 :311010: <WARN> |AP d8:c7:c8:cc:36:email@example.com sapd| AP could not boot from flash -- bad checksum" just says why it rebooted. The fact that the message is there means that it recovered and it contacted the controller. It should show up in "show ap database"
at the "apboot>" prompt, type "purge" then "save", then "boot"
how i can change the boot method from tftp boot to flash. i still looking for the image of the ap but cant find it. can i copy the image ap from the other one?
so it will be the same with other ap that i have configured
When the AP boots with the message:
ArubaOS Version 22.214.171.124 (build 35523 / label #35523)Built by firstname.lastname@example.org on 2012-09-28 at 07:20:25 PDT (gcc version 4.3.3)Memory: 256MB = 256MB totalMemory: 245376KB available (2564K code, 8864K data, 2768K init, 0K highmem)Calibrating delay loop... 1597.44 BogoMIPS (lpj=1597440)
It already has an image.... The next thing you need to see is if it is finding the controller.
At the beginning of this thread you sent this output:
That means if the AP contacts the controller on ANY ip address, it will redirect the AP to 172.16.0.254. That happens because the controller by default assigns its switch IP to the LOWEST vlan on the box. You can change this by:
controller-ip vlan <vlan#>
thank you verry much, you are verry helpfull. i have configured all of the APs
AP Database-----------Name Group AP Type IP Address Status Flags Switch IP---- ----- ------- ---------- ------ ----- ---------AP-135-01 Indosat 135 126.96.36.199 Up 1h:33m:31s R 188.8.131.52AP-135-02 Indosat 135 184.108.40.206 Down R 220.127.116.11AP-135-03 Indosat 135 18.104.22.168 Up 3m:1s R 22.214.171.124
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.