Wireless Access

Hi,

 

We have 3pcs  AP 105 ,a few pcs remote AP and one controller 620. Previously, we installed the controller and 2 AP 105 in the same Office LAN, now we move the controller to the data center.  In order to maintain the current ip addresses, we use doulbe NAT on both site firewalls, and create a site to site VPN.   Now both sites use the ip address 172.16.1.0x/24 , and office lan nat to 172.16.10.x,/24 data center lan nat to 172.16.20.x/24.  So the ip address of controller in data center is 172.16.1.10,  On APs in office ,we set the master controller ip address to 172.16.20.10, the AP in office can connect to the controller (site to site vpn) and registered on the controller, but the LEDs (Ethernet, Wirelesss) on the AP shows "RED".  And the client pc can see the SSID, but cannot get the IP address from dhcp server ( on controller). Pls advise what are the possible the cause. The "RED" LED means "GRE" tunnel not working fine ,right?

 

Thanks a lot in advance. 

Campus Access points in general will not work if there is a NAT boundary between the access points and the controller.  This is because of GRE.

 

Thanks for so fast reply.  

So can we just remove one NAT to let it work? I mean just use normal site to site vpn, it will work fine for AP 105?  office lan 172.16.1.x  (AP 172.16.1.10), data center 192.168.1.x  (controller 192.168.1.2)

 

regards

 

 

Removing NAT increases possibility that it will work.  If you are using site to site VPN, you might have to lower the MTU in the AP system profile to maybe 1100 to make it work.

Besides to change the ip address of master controller on AP and lower the MTU, is there any additional configuration requirement for campus AP go through site to site VPN? 

 

Thanks

Removing the Nat is the key. You should only consider lowering the MTU after that if the access points do not come up on the controller.

thanks a lot for your kind reply. we will try it

Hi, one more question.  the GRE tunnel need to be configured on the controller manually? or the AP will auto use initial GRE tunnel with the controller? Thanks

Hi, one more question.  the GRE tunnel need to be configured on the controller manually? or the AP will auto use initial GRE tunnel with the controller? Thanks

Once you provision the AP under AP Installation the controller automatically initiates the GRE tunnel to the AP. There is no need to build a manual GRE tunnel.

thanks a lot 

Hi, 

 

Good morning. One more question, how to set MTU in AP system? at AP installation (privisioning) page? I don't see can set the MTU for AP. 

Looking forward to your kind reply again. Thanks a lot .

AP system profile.

 

Got it, thanks  a lot for so fast reply. 

Hi ,

 

how about RAP? better to reduce MTU to 1100 also? we have some RAP , and use them at home to connect the controller in office.  The user feed back the connection for RAP sometime INT . 

another question about the ap configuration lose,  some ap will lose the configuraiton after a few times power on/off. what are the possible causes?

thanks 

The RAP MTU is already lowered by default.  If the MTU was not low enough, the RAP would just never connect.

 

If you are having problems with RAPs, please open another thread so that can be focused on.

ok, thanks for your kind reply.