Below you find the configuration of switch what I did for UBT.
Clearpass auth is working fine so didn't provide that.
I confirm that system IP is used for the config in the cx switch.
I see that the tunnel is up and running on the gateway & switch.
Also see the user on the gateway, but I can not send any traffic.
Feels like the allowall of the role isn't there. or something blocks all traffic.
The role on the gateway has an allow-all policy.
What I also find odd, is that in aruba-central there are clients connected which doesn't show up on the cli of both gateways.
show user on gateway shows only 1 client which is using the UBT tunnel.
I checked and the vlan and interface are trusted. (in central & CLI.)
Original Message:
Sent: Aug 01, 2024 08:19 PM
From: ariyap
Subject: UBT no data traffic out of gateway
Please share the switch configuration.
Note that when configuring UBT on the the Cx switches, the "primary-controller ip" should be the system-ip or controller-ip on the gateway.
------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
Original Message:
Sent: Aug 01, 2024 09:00 AM
From: EnzoJ
Subject: UBT no data traffic out of gateway
The trace buf above wasn't correct. here is a correct one.
Original Message:
Sent: Aug 01, 2024 08:28 AM
From: EnzoJ
Subject: UBT no data traffic out of gateway
Hey,
I'm setting up a new UBT for a client.
We have 2x 9240 gateways & AOS-CX6300M switches.
Both gateway & switch has ip addresses in the same L2 subnet.
I see that the tunnels comes up, but the client can not send or receive any traffic.
Pinging to the default gateway doesn't work.
If I place the client into the same user- vlan directly via the switch everything works.
Switch & Gateway are managed by Aruba Central.
I see following output in the CLI.
Has someone an idea what is going wrong?
I use DUR's with gateway zone push from clearpass.
Dur's are working fine with local breakout, so DUR setup isn't the issue.