Simply because using default GRE tunnels are giving us very bad client download speeds (like 10% of what should be possible.
Testing with RAP, bridged mode and wired does not give any issues.
Mind you not all sites (with GRE tunnels to the same VMC's and connected to the same MPLS) exhibit this issue.
On top of that, the most likely culprits are in a DC where getting access to take pcap sis taking weeks if at all possible. The only FW in play is also situated in that DC and is managed by 3rd party, so no visibility on settings or config other than than rule set.
And since the customer is nog willing to spend more time investigating or even pressuring FW guys, we need 'a' solution that doesn't use GRE.
RAPs would allow us to make the switch very easily.
Original Message:
Sent: Nov 14, 2022 12:12 PM
From: Colin Joseph
Subject: roaming on remote AP
We first need to figure out why you are doing what you plan to do first. There could be other better options.
Converting to an IAP is reversible for AP-305s.
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
Original Message:
Sent: Nov 14, 2022 11:58 AM
From: Koen V
Subject: roaming on remote AP
So we either convert our AP-305 (non-IAP and non-UAP) to IAPs through an unsupported -and non-reversible as i understand it- method or use unsupported RAPs.
Sigh.. neither looks too great to be honest.
Original Message:
Sent: Nov 14, 2022 11:40 AM
From: Colin Joseph
Subject: roaming on remote AP
You would get better performance by running all of those access points as Iaps and tunneling the traffic back to the controller using IAP-VPN. Also, some routers cannot pass more than 4 ipsec tunnels to the same ip address, so I wouldn't even try. The Remote AP was designed around having a single AP at a site. Whatever you are doing might work today with a few access points, but would not scale to 100 because it wasn't designed or tested for that. EDIT: and no we cannot guarantee that everything works in that setup because it has not been tested through customer use regularly. You could run into issues unforseen and make things difficult.. Or think could be okay... Who knows?
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
Original Message:
Sent: Nov 14, 2022 09:02 AM
From: Koen V
Subject: roaming on remote AP
So.. due to some other issues I am considering migrating a CAP setup with a few 100 APs to RAP.
I am thinking that since we will be running the RAPs in tunneled mode the controller has all the info and support should be pretty much identical to the CAP setup, right?
Can someone confirm proper roaming (.11r, OKC, PMKID caching, client match, ...) for users connected to RAPs from the same controller cluster will work as I expect? Without issue that is?