Wired Intelligent Edge

last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

tunneled-node on 2960 switch

This thread has been viewed 18 times

  • 1.  tunneled-node on 2960 switch

    Posted Nov 21, 2016 04:53 PM

    Hi all,

    I'm trying to set up tunneled-node ports on my new 2960 switch.

    I've followed the documentation I found (HPE ArubaOS-Switch Management and Configuration Guide WB.16.02) as well as a PowerPoint that someone posted, and I have it to the point where the tunnel-node status is "complete" on both the switch and the controller, but the test client is not able to get a DHCP address.

     

    Anyone out there successfully configure tunnel-node on a 2960?



  • 2.  RE: tunneled-node on 2960 switch

    EMPLOYEE
    Posted Nov 21, 2016 04:58 PM
    What is the exact model switch?


  • 3.  RE: tunneled-node on 2960 switch

    Posted Nov 21, 2016 05:00 PM

    The switch is:

    HP 2920-24G-PoE+ Switch (J9727A)

    Version: WB.16.02.0014, ROM WB.16.03

     

     



  • 4.  RE: tunneled-node on 2960 switch

    EMPLOYEE
    Posted Nov 21, 2016 05:02 PM
    What role is the user in on the controller? Does that role allow DHCP?


  • 5.  RE: tunneled-node on 2960 switch

    Posted Nov 21, 2016 05:20 PM

    How would I find the user-role?  All I have is the tunnelled node port information.  

    "show user-table | in wired" does not show my client, but does show all my happy MAS users in other sites.



  • 6.  RE: tunneled-node on 2960 switch

    EMPLOYEE
    Posted Nov 22, 2016 02:34 AM

    Martin,

     

    This video may help you: https://www.youtube.com/watch?v=6Foxl7xnXNc

    It shows how to setup tunneled node between ArubaOS switch (version 16.02 and up). Your 2920 is a switch capable for tunneled node.



  • 7.  RE: tunneled-node on 2960 switch

    Posted Nov 22, 2016 09:30 AM

    Thanks for the link - it makes it very clear.  

    Unfortunately I have already done exactly what is done in the video (minus the captive portal / dot1x piece) and my client still is unable to get a DHCP address.

    When I connect my laptop to the port which is set to "untagged VLAN 170", the tunnel comes up but no address.  The client never shows up in the controller, in any role.  I don't know what I'm missing, but I'm not doing anything really different than I was doing with their S1500 switches, but it's just not working.

     

    <begin rant>

    TAC has been exceptionally unhelpful in this.  When I call, it takes over 20 minutes just to create the ticket, and then another 10 minutes to get an engineer. Then the Aruba engineer points the blame on the switch and passes the buck over to HP support.  HP support says the switch is only covered by warranty and refuses to help further.  The customer that I'm working for is not impressed.  They never had this issue with their older Aruba switches.

    I sincerely hope that this isn't a sign of things to come or I predict HPE will lose a lot of customers.

    </end rant>



  • 8.  RE: tunneled-node on 2960 switch

    EMPLOYEE
    Posted Nov 22, 2016 10:54 AM

    Martin,

     

    Sorry to hear that you need to go through this pain, that does not sound like the white-glove support that conforms to the Aruba standards.

    If you work for a partner, please contact your local (channel) SE to help you out.

     

    I hope you are aware of the following as well:

    How to Escalate an Issue?
    Customer concerns about support usually involve missed expectations on product performance or support delivery where a technical issue is not resolved in a reasonable manner. Attending to customer concerns is very critical to Aruba. To ensure the quickest resolution, please contact the engineer that is working the support case and request for an escalation. If you have any specific comments or concerns regarding our products, support and/or services, and would like to escalate to Aruba support management, please contact us at Aruba-Escalations@hpe.com.



  • 9.  RE: tunneled-node on 2960 switch

    EMPLOYEE
    Posted Nov 22, 2016 11:01 AM

    Martin,

    It is probably better to have someone look together with you in your environment (if you followed the same steps in the video and it does not work). It should be something small...

    What you can try as well, is if you have an available port on the controller, put that on the same VLAN170 and make the port untrusted. Plug in your client there. That is a similar situation as the tunneled port, but just without the tunnel ;-) Then first make sure that works, before you configure the tunnel. You probably are aware that you will need to create a AAA profile and attach that to VLAN170.



  • 10.  RE: tunneled-node on 2960 switch

    EMPLOYEE
    Posted Nov 22, 2016 01:03 PM

    Hi Martin, 

     

    Did you try putting an IP address in the same subnet on the contoller-side Tunnel VLAN?  Is the controller running the DHCP server?  If not, did you setup a DHCP-relay address?

     

    Regards, 

     

    Justin

     

    JUSTIN NOONAN
    TECHNICAL MARKETING ENGINEER – ARUBA CAMPUS TECHNOLOGIES
    O: +1 916 540 1748   |   justin.noonan@hpe.com

    8000 FOOTHILLS BLVD  |  ROSEVILLE, CA 95747 USA

     



  • 11.  RE: tunneled-node on 2960 switch

    Posted Nov 23, 2016 01:07 PM

    There is an IP address on the controller VLAN 170.

    The DHCP server is not running on the controller, but an external server.

    Yes, there is a DHCP helper address on that VLAN on the controller.

     

    I should point out again that tunnel-node works flawlessly with the Aruba S1500 switches, so it's unlikely a problem on the controller.   The 2920 switch just refuses to let the client get a DHCP address across the tunnel.



  • 12.  RE: tunneled-node on 2960 switch

    Posted Apr 12, 2023 04:05 PM

    martinpoulin, 

    Did you ever find a solution to this problem? I'm having he exact same issue with a 2930M (WC.16.10.0001) connecting to a 7210 (8.10.0.5).


    Original Message


  • 13.  RE: tunneled-node on 2960 switch

    EMPLOYEE
    Posted Apr 13, 2023 06:36 AM

    You respond to a very old discussion. Please create a new one and include details on what you configured and what issue you see. Also if you try to configure tunneled-node (PBT) or user based tunnels (UBT). And have you seen the following videos?
    For PBT check this video.
    For UBT check this video.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message