Wired Intelligent Edge

 View Only
last person joined: 16 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

UBT no data traffic out of gateway

This thread has been viewed 11 times

  • 1.  UBT no data traffic out of gateway

    Posted 22 hours ago

    Hey,

    I'm setting up a new UBT for a client.
    We have 2x 9240 gateways & AOS-CX6300M switches.
    Both gateway & switch has ip addresses in the same L2 subnet.
    I see that the tunnels comes up, but the client can not send or receive any traffic.
    Pinging to the default gateway doesn't work.
    If I place the client into the same user- vlan directly via the switch everything works. 

    Switch & Gateway are managed by Aruba Central.
    I see following output in the CLI.
    Has someone an idea what is going wrong?

    I use DUR's with gateway zone push from clearpass.
    Dur's are working fine with local breakout, so DUR setup isn't the issue.



  • 2.  RE: UBT no data traffic out of gateway

    Posted 22 hours ago
      |   view attached

    The trace buf above wasn't correct. here is a correct one.


    Original Message


  • 3.  RE: UBT no data traffic out of gateway

    EMPLOYEE
    Posted 11 hours ago

    Please share the switch configuration.

    Note that when configuring UBT on the the Cx switches, the "primary-controller ip" should be the system-ip or controller-ip on the gateway.



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------

    Original Message


  • 4.  RE: UBT no data traffic out of gateway

    Posted 3 hours ago

    Hi Ariyap,

    Below you find the configuration of switch what I did for UBT.
    Clearpass auth is working fine so didn't provide that.

    I confirm that system IP is used for the config in the cx switch.
    I see that the tunnel is up and running on the gateway & switch.
    Also see the user on the gateway, but I can not send any traffic.
    Feels like the allowall of the role isn't there. or something blocks all traffic.

    The role on the gateway has an allow-all policy.

    What I also find odd, is that in aruba-central there are clients connected which doesn't show up on the cli of both gateways.
    show user on gateway shows only 1 client which is using the UBT tunnel.
    I checked and the vlan and interface are trusted. (in central & CLI.)


    Attachment(s)

    txt
    debug ubt.txt   2 KB 1 version
    txt
    switch config.txt   1 KB 1 version
    Original Message