Wireless Access

 View Only
last person joined: 4 days ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Expand all | Collapse all

About AP-503

This thread has been viewed 42 times
  • 1.  About AP-503

    Posted Jun 01, 2023 06:46 AM

    Hello.
    I received AP-503 for the first time and am testing it.

    But there's a problem.

    Question 1

     When I try to upgrade firmware, I get an error message

    =  image_check_internal error 001 code 2.

    Question 2

    I created an SSID, but the SSID does not appear in the Clients.

    I tested two APs and they have the same symptoms.
    I'd like to know what kind of problem is.

    I ask for your help me.



  • 2.  RE: About AP-503

    EMPLOYEE
    Posted Jun 01, 2023 06:55 AM

    Hi,

    this is a cosmetic error and means "there is no firmware update available".

    Minimum operating system software versions • ArubaOS and Aruba InstantOS 8.11.1.0, ArubaOS 10.5.0.0

    8.11.1.0 is the latest Release in the 8.11 Code Train and 10.5. is not released yet (Cloud Operating System).

    Can you please show an CLI output of

    show network

    to verify if networks are configured




  • 3.  RE: About AP-503

    Posted Jun 01, 2023 07:08 AM

    The cli command cannot be executed because there is no console cable.

    The current configuration values are as follows.

    version 8.11.1.0-8.11.1
    virtual-controller-country KR
    virtual-controller-key 214e9a2001fe9a181a080d30a19bb9ef0f68d079e3e8e20fd0
    name SetMeUp-CF:0D:8C
    terminal-access
    clock timezone none 00 00
    rf-band all
    
    allow-new-aps
    
    allowed-ap 34:3a:20:cf:0d:8c
    allowed-ap 34:3a:20:cf:0d:5e
    
    
    
    arm
     wide-bands 5ghz
     80mhz-support
     min-tx-power 9
     max-tx-power 127
     band-steering-mode prefer-higher-band
     air-time-fairness-mode default-access
     channel-quality-aware-arm-disable
     client-aware
     scanning
    
    
    syslog-level warn ap-debug 
    syslog-level warn network 
    syslog-level warn security 
    syslog-level warn system 
    syslog-level warn user 
    syslog-level warn user-debug 
    syslog-level warn wireless 
    
    
    
    extended-ssid
    web-server
     ssl-protocol tlsv1_2
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    hash-mgmt-password
    hash-mgmt-user admin password hash 04361bc8022b092df120e15a3812e5e0e849a5f0c595b6aa9a22980e5afe19dac01e6c8f5e
    
    
    wlan access-rule default_wired_port_profile
     index 0
     rule any any match any any any permit
    
    wlan access-rule wired-SetMeUp
     index 1
     rule masterip 0.0.0.0 match tcp 80 80 permit
     rule masterip 0.0.0.0 match tcp 4343 4343 permit
     rule any any match udp 67 68 permit
     rule any any match udp 53 53 permit
    
    wlan access-rule test
     index 2
     rule any any match any any any permit
    
    wlan access-rule freetest
     index 3
     rule any any match any any any permit
    
    wlan ssid-profile test
     enable
     index 0
     type employee
     essid test
     wpa-passphrase c801cd058396f4f618dfc287b8f28669c2c5e7d28add10d8
     opmode wpa2-psk-aes
     max-authentication-failures 0
     rf-band all
     captive-portal disable
     dtim-period 1
     broadcast-filter arp
     dmo-channel-utilization-threshold 90
     local-probe-req-thresh 0
     max-clients-threshold 64
     download-role
    
    wlan ssid-profile freetest
     enable
     index 1
     type guest
     essid freetest
     opmode enhanced-open
     max-authentication-failures 0
     rf-band all
     captive-portal disable
     dtim-period 1
     broadcast-filter arp
     dmo-channel-utilization-threshold 90
     local-probe-req-thresh 0
     max-clients-threshold 64
    
    auth-survivability cache-time-out 24
    
    
    
    
    
    
    wlan external-captive-portal
     server localhost
     port 80
     url "/"
     auth-text "Authenticated"
     auto-whitelist-disable
     https
    
    
    blacklist-time 3600
    auth-failure-blacklist-time 3600
    
    
    ids
     wireless-containment none
    
    
    
    wired-port-profile wired-SetMeUp
     switchport-mode access
     allowed-vlan all
     native-vlan guest
     no shutdown
     access-rule-name wired-SetMeUp
     speed auto
     duplex auto
     no poe
     type guest
     captive-portal disable
     no dot1x
    
    wired-port-profile default_wired_port_profile
     switchport-mode trunk
     allowed-vlan all
     native-vlan 1
     shutdown
     access-rule-name default_wired_port_profile
     speed auto
     duplex full
     no poe
     type employee
     captive-portal disable
     no dot1x
    
    
    enet0-port-profile default_wired_port_profile
    
    uplink
     preemption
     enforce none
     failover-internet-pkt-lost-cnt 10
     failover-internet-pkt-send-freq 30
     failover-vpn-timeout 180
    
    
    
    airgroup
     disable
    
    airgroupservice airplay
     disable
    
    airgroupservice airprint
     disable
    
    
    
    
    
    
    cluster-security
     allow-low-assurance-devices
    
    
    
    

    SSID 1 : test 

    SSID 2 : freetest 







  • 4.  RE: About AP-503

    EMPLOYEE
    Posted Jun 01, 2023 08:05 AM

    What I see is that you configured "download-role" which I doubt. Do you download those Roles from ClearPass?

    Why don´t you do an SSH Connection to those AP and issue the "show network" command?

    If you are not that familiar with the Aruba Instant Solution you can have a look here - https://www.youtube.com/playlist?list=PLsYGHuNuBZcaIbCB58Qc42Nu_sxakFnFk

    It is a Video Series from a couple of years ago with the old GUI.




  • 5.  RE: About AP-503

    Posted Jun 01, 2023 08:32 PM

    It has been resolved.
    Thank you for your help.

    The solution is
    Maintenance > Regulatory > Automatic
    Download the new version and installed it and rebooted AP.

    Thank you.







  • 6.  RE: About AP-503

    EMPLOYEE
    Posted Jun 02, 2023 03:02 AM

    Yes, that would be the next thing on my List. Regulatory Update. Since this is a brand new AP Series the initial loading of Software could be with a default DRT File. Upgrading it to the most recent makes sense.

    In that File stand the allowed Channel List and allowed Power Levels for that Region you are using this AP.

    Have fun with you new toy!