Wireless Access

Contributor I

AOS 8 issues with APs at remote site connecting via VPN

We have a remote site that is connected via a site to site VPN tunnel. We have some existing Aruba APs (105, 135 and 225 models) at the site that were connected back to AOS 6 wireless controllers and working ok over the VPN.


When we point these APs to our new AOS 8 controllers the APs boot up, upgrade as expected and can be provisioned into an AP group on the new controllers but do not work once provisioned. They will boot and be visible as ‘Up’ APs but do not broadcast any SSID and clients cannot connect. Looking at the APs on the new controllers some models will report they are broadcasting SSIDs and working ok but will not actually be functioning and others will report they are not broadcasting any SSIDs at all even though all are provisioned in a group that is working and in use across the rest of our campus.


We have reset the access points and wiped config and reprovisioned and experience same results. We have taken one of the access points from the site to another site that is not behind a VPN and the device works ok so doesn’t look to be issue with the APs. Having wiped it and tested it as working ok and returning it back to the site on the VPN it still does not work so it would appear there is an issue running these APs over a VPN specific to AOS 8 or our environment.


Has anyone encountered issues like this before? When looking at the logs of traffic over the site to site VPN tunnel for some reason I still some IPSec traffic from the APs to the old AOS 6 controller IPs when they are terminating on the new AOS 8 controllers. This still occurs even when the AP has been wiped and only ever provisioned on the new AOS 8 cluster.



Guru Elite

Re: AOS 8 issues with APs at remote site connecting via VPN

Change the MTU in the AP system profile to 1200 and see if it works. The VPN might be fragmenting the GRE.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Contributor I

Re: AOS 8 issues with APs at remote site connecting via VPN

Thanks you were correct. Old controllers had an MTU of 1200 and new were set to default. Changed and works ok now.

Search Airheads
Showing results for 
Search instead for 
Did you mean: