ArubaOS and Controllers

Reply
Highlighted
Occasional Contributor II

Re: Bride mode not working after 5.0.3.1 upgrade

Hi Colin,

After troubleshooting with Aruba to no end (they haven't gotten back to me since Friday), I decided to work around the issue.

On these wired profiles I changed the mode to tunnel and trusted the port and changed the access VLAN. No AAA profile was needed.

So, yes, it works now, but it is not ideal.

Before (Good):
- Wired users get dropped into a wired VLAN (by this I mean the same VLAN as anyone would if they were to connect to any other network drop in this location)
- Users do not ever hit the Aruba controllers.

Now (Acceptable):
- Wired users dropped into a "wireless" VLAN. Because of this, they DHCP from a different address pool.
- Users are tunneled to the controllers

There must be performance differences between the two, but I have yet to do any testing.

Any other thoughts?

Perhaps it is time for some Aruba training...
Highlighted
Guru Elite

Re: Bride mode not working after 5.0.3.1 upgrade

When you say "wired users", are these users plugging into the access point wired, or are they connecting wirelessly? I do not understand...

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Occasional Contributor II

Re: Bride mode not working after 5.0.3.1 upgrade

They are plugging into ETH1 on an AP-70.
Highlighted
Guru Elite

Re: Bride mode not working after 5.0.3.1 upgrade

Okay,

I think I understand now. The forward mode on the Wired Profile should be bridged and the VLAN should match the Native VLAN parameter in the AP system profile. There should be a AAA profile attached to the wired profile which has an initial role of that has "allowall" in the ACL.

How is yours setup?

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Occasional Contributor II

Re: Bride mode not working after 5.0.3.1 upgrade

AP System Profile
----------------------
Native VLAN ID: 1 (This is the same as it has always been)

Wired AP Profile
----------------------
Trunk mode native VLAN: 1 (This is the same as it has always been)
Access mode VLAN: xxx (not "1". This changes based on location)

We don't use VLAN one, but this is the way it has always been set up and working... until 5.0.3.1.

Thanks for your continued help.
Dave
Highlighted
Frequent Contributor I

Re: Bride mode not working after 5.0.3.1 upgrade

I think the earlier poster referencing needing to enable cpsec is what you are running up against.

We are doing somethingng similar with Rap5's. Running them as campus ap's and bridging the wired users to vlans on the uplink. Upgrading to 5.0.3 broke our configuration.

Enabling cpsec for the unencrypted cap tunnels fixed the issue ( will look up specific command and edit post) - but alas for me is not " supported" in 5.x for rap5's

Also we did need a permissive wired role as also mentioned above.

Also needed session acll for the ap profile to be set to allow all - to permit the bridged traffic on the uplink port...
Highlighted
Guru Elite

Re: Bride mode not working after 5.0.3.1 upgrade

He did mention that it was configured as a RAP here: http://airheads.arubanetworks.com/vBulletin/showpost.php?p=10838&postcount=3

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Frequent Contributor I

Re: Bride mode not working after 5.0.3.1 upgrade

Wow, I missed the first line of that post..... Besides that (and not being a rap5) sounds very similar to what I found in testing 5.0.3 from 5.0.1
Highlighted
Occasional Contributor II

Re: Bride mode not working after 5.0.3.1 upgrade

The Aruba tech came back and suggested changing the Native VLAN ID to match the Access VLAN ID, as Colin said.

I have not had an opportunity to test this yet, but I still find it odd that I need to change this as of OS 5, and it has been working since early OS 3.
Highlighted
Guru Elite

Re: Bride mode not working after 5.0.3.1 upgrade

The issue is that OS 3.x would just bridge user traffic to the local network without being aware of VLANs on a trunk. ArubaOS 5.x and above is now aware and allows you to switch to different VLANs, so that is a change in functionality, as well as behavior. The 3.x code did not make you specify that but the 5.x code does.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: