We have a remote site that is connected via a site to site VPN tunnel. We have some existing Aruba APs (105, 135 and 225 models) at the site that were connected back to AOS 6 wireless controllers and working ok over the VPN.
When we point these APs to our new AOS 8 controllers the APs boot up, upgrade as expected and can be provisioned into an AP group on the new controllers but do not work once provisioned. They will boot and be visible as ‘Up’ APs but do not broadcast any SSID and clients cannot connect. Looking at the APs on the new controllers some models will report they are broadcasting SSIDs and working ok but will not actually be functioning and others will report they are not broadcasting any SSIDs at all even though all are provisioned in a group that is working and in use across the rest of our campus.
We have reset the access points and wiped config and reprovisioned and experience same results. We have taken one of the access points from the site to another site that is not behind a VPN and the device works ok so doesn’t look to be issue with the APs. Having wiped it and tested it as working ok and returning it back to the site on the VPN it still does not work so it would appear there is an issue running these APs over a VPN specific to AOS 8 or our environment.
Has anyone encountered issues like this before? When looking at the logs of traffic over the site to site VPN tunnel for some reason I still some IPSec traffic from the APs to the old AOS 6 controller IPs when they are terminating on the new AOS 8 controllers. This still occurs even when the AP has been wiped and only ever provisioned on the new AOS 8 cluster.
Thanks.