Controllerless Networks

Hi,

I have three Aruba AP-315 access points running in the same subnet. One of them acts as the conductor, and I manage the entire setup from there. Here's the setup:

• AP1 – 10.11.1.42 (conductor)
• AP2 – 10.11.1.43
• AP3 – 10.11.1.44

The issue is that when I'm connected to the WiFi network provided by these APs, I can only access the web interface of AP2 and AP3. I cannot log in to AP1 (the conductor) via WiFi - the management page doesn't load. It only works when I connect my computer using a wired connection.

It's definitely not a firewall issue - all APs are in the same subnet and VLAN. Two are accessible, one isn't. Could this be some sort of built-in security feature on the conductor that blocks management access over WiFi? If so, how can I disable or reconfigure it?

You are getting a User-Role when you access to WiFi. Check the Access List of that User role, if it permits access to 10.11.1.42

Hi,

I have three Aruba AP-315 access points running in the same subnet. One of them acts as the conductor, and I manage the entire setup from there. Here's the setup:

• AP1 – 10.11.1.42 (conductor)
• AP2 – 10.11.1.43
• AP3 – 10.11.1.44

The issue is that when I'm connected to the WiFi network provided by these APs, I can only access the web interface of AP2 and AP3. I cannot log in to AP1 (the conductor) via WiFi - the management page doesn't load. It only works when I connect my computer using a wired connection.

It's definitely not a firewall issue - all APs are in the same subnet and VLAN. Two are accessible, one isn't. Could this be some sort of built-in security feature on the conductor that blocks management access over WiFi? If so, how can I disable or reconfigure it?

also what firmware version are you running?

You are getting a User-Role when you access to WiFi. Check the Access List of that User role, if it permits access to 10.11.1.42

Hi,

I have three Aruba AP-315 access points running in the same subnet. One of them acts as the conductor, and I manage the entire setup from there. Here's the setup:

• AP1 – 10.11.1.42 (conductor)
• AP2 – 10.11.1.43
• AP3 – 10.11.1.44

The issue is that when I'm connected to the WiFi network provided by these APs, I can only access the web interface of AP2 and AP3. I cannot log in to AP1 (the conductor) via WiFi - the management page doesn't load. It only works when I connect my computer using a wired connection.

It's definitely not a firewall issue - all APs are in the same subnet and VLAN. Two are accessible, one isn't. Could this be some sort of built-in security feature on the conductor that blocks management access over WiFi? If so, how can I disable or reconfigure it?

You are getting a User-Role when you access to WiFi. Check the Access List of that User role, if it permits access to 10.11.1.42

Hi,

I have three Aruba AP-315 access points running in the same subnet. One of them acts as the conductor, and I manage the entire setup from there. Here's the setup:

• AP1 – 10.11.1.42 (conductor)
• AP2 – 10.11.1.43
• AP3 – 10.11.1.44

The issue is that when I'm connected to the WiFi network provided by these APs, I can only access the web interface of AP2 and AP3. I cannot log in to AP1 (the conductor) via WiFi - the management page doesn't load. It only works when I connect my computer using a wired connection.

It's definitely not a firewall issue - all APs are in the same subnet and VLAN. Two are accessible, one isn't. Could this be some sort of built-in security feature on the conductor that blocks management access over WiFi? If so, how can I disable or reconfigure it?

Hi,

I have three Aruba AP-315 access points running in the same subnet. One of them acts as the conductor, and I manage the entire setup from there. Here's the setup:

• AP1 – 10.11.1.42 (conductor)
• AP2 – 10.11.1.43
• AP3 – 10.11.1.44

The issue is that when I'm connected to the WiFi network provided by these APs, I can only access the web interface of AP2 and AP3. I cannot log in to AP1 (the conductor) via WiFi - the management page doesn't load. It only works when I connect my computer using a wired connection.

It's definitely not a firewall issue - all APs are in the same subnet and VLAN. Two are accessible, one isn't. Could this be some sort of built-in security feature on the conductor that blocks management access over WiFi? If so, how can I disable or reconfigure it?

Hi,

I have three Aruba AP-315 access points running in the same subnet. One of them acts as the conductor, and I manage the entire setup from there. Here's the setup:

• AP1 – 10.11.1.42 (conductor)
• AP2 – 10.11.1.43
• AP3 – 10.11.1.44

The issue is that when I'm connected to the WiFi network provided by these APs, I can only access the web interface of AP2 and AP3. I cannot log in to AP1 (the conductor) via WiFi - the management page doesn't load. It only works when I connect my computer using a wired connection.

It's definitely not a firewall issue - all APs are in the same subnet and VLAN. Two are accessible, one isn't. Could this be some sort of built-in security feature on the conductor that blocks management access over WiFi? If so, how can I disable or reconfigure it?

I even wrote here about it:

https://community.arubanetworks.com/discussion/iap-325-gui-unreachable-via-wi-fi-side-but-wi-fi-internet-access-works

Hi,

I have three Aruba AP-315 access points running in the same subnet. One of them acts as the conductor, and I manage the entire setup from there. Here's the setup:

• AP1 – 10.11.1.42 (conductor)
• AP2 – 10.11.1.43
• AP3 – 10.11.1.44

The issue is that when I'm connected to the WiFi network provided by these APs, I can only access the web interface of AP2 and AP3. I cannot log in to AP1 (the conductor) via WiFi - the management page doesn't load. It only works when I connect my computer using a wired connection.

It's definitely not a firewall issue - all APs are in the same subnet and VLAN. Two are accessible, one isn't. Could this be some sort of built-in security feature on the conductor that blocks management access over WiFi? If so, how can I disable or reconfigure it?

Hi

I created a rule from this thread: "Allow app https to AP IP all", in order to access the GUI while connected to the Wi-Fi network. Access to the controller works correctly, as does internet access. Unfortunately, the controller is also accessible from other Wi-Fi networks, not just the one I intended. Another issue is that traffic to the controller no longer passes through the firewall (I have a Palo Alto at the network edge); instead, it seems to be handled locally by the access point, which means I have no control over this traffic.

I even wrote here about it:

https://community.arubanetworks.com/discussion/iap-325-gui-unreachable-via-wi-fi-side-but-wi-fi-internet-access-works

Hi,

I have three Aruba AP-315 access points running in the same subnet. One of them acts as the conductor, and I manage the entire setup from there. Here's the setup:

• AP1 – 10.11.1.42 (conductor)
• AP2 – 10.11.1.43
• AP3 – 10.11.1.44

The issue is that when I'm connected to the WiFi network provided by these APs, I can only access the web interface of AP2 and AP3. I cannot log in to AP1 (the conductor) via WiFi - the management page doesn't load. It only works when I connect my computer using a wired connection.

It's definitely not a firewall issue - all APs are in the same subnet and VLAN. Two are accessible, one isn't. Could this be some sort of built-in security feature on the conductor that blocks management access over WiFi? If so, how can I disable or reconfigure it?

Please check this post I made earlier today. Disable local-routing in order to force all traffic through your firewall; it may also solve the problem that the management interface is accessible from other networks. Please let us know the results after you tried.

Hi

I created a rule from this thread: "Allow app https to AP IP all", in order to access the GUI while connected to the Wi-Fi network. Access to the controller works correctly, as does internet access. Unfortunately, the controller is also accessible from other Wi-Fi networks, not just the one I intended. Another issue is that traffic to the controller no longer passes through the firewall (I have a Palo Alto at the network edge); instead, it seems to be handled locally by the access point, which means I have no control over this traffic.

I even wrote here about it:

https://community.arubanetworks.com/discussion/iap-325-gui-unreachable-via-wi-fi-side-but-wi-fi-internet-access-works

Hi,

I have three Aruba AP-315 access points running in the same subnet. One of them acts as the conductor, and I manage the entire setup from there. Here's the setup:

• AP1 – 10.11.1.42 (conductor)
• AP2 – 10.11.1.43
• AP3 – 10.11.1.44

The issue is that when I'm connected to the WiFi network provided by these APs, I can only access the web interface of AP2 and AP3. I cannot log in to AP1 (the conductor) via WiFi - the management page doesn't load. It only works when I connect my computer using a wired connection.

It's definitely not a firewall issue - all APs are in the same subnet and VLAN. Two are accessible, one isn't. Could this be some sort of built-in security feature on the conductor that blocks management access over WiFi? If so, how can I disable or reconfigure it?