Wireless Access

Reply
Highlighted
Occasional Contributor II

Re: AP provision through vpn tunnel

I'm having a similar issue. I've got AP93s on the back on a route based VPN between 2 fortinet firewalls. The APs discover the master using DHCP options from the Fortinet and connect to the controller. They upgrade their image ok and are provisioned in the "default" ap group.

However, when I try and provision the AP into a different ap group, they just seem to hang. They still show as up on the controller but I can't re-provision them (I'm assuming this is because the controller knows it's tried to push down a new config). Ultimately I have to power-cycle the the remote campus APs and then try the re-provisioning process all over again, unfortunately with the same result.

 

I have changed the MTU value in the default ap group to 1400 but this was after the APs initially connected to the controller.

Highlighted
Guru Elite

Re: AP provision through vpn tunnel

Does that different AP-Group have an LMS-IP in the AP system profile?

 

Please type "show log system 50" to determine what is going on.

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Occasional Contributor II

Re: AP provision through vpn tunnel

Hi Colin,

 

Yes the ap-group does have an lms-ip address, outputs from a system log and ap-debug are as follows

 

system-log

May 15 10:26:09 :303022: <WARN> |AP d8:c7:c8:c8:92:4d@192.168.4.112 nanny| Reboot Reason: AP rebooted Tue May 15 10:15:20 gmt 2012; SAPD: Reboot after image upgrade failed: -1
May 15 10:38:33 :303022: <WARN> |AP d8:c7:c8:c8:92:4d@192.168.4.112 nanny| Reboot Reason: Reboot caused by kernel panic: assert

 

ap-debug

May 15 10:38:52 :305006: <INFO> |stm| AP d8:c7:c8:c8:92:4d rebooted
May 15 10:38:52 :305026: <DBUG> |stm| sapm_ap_init: AP d8:c7:c8:c8:92:4d: NOT setting auth timeout, auth = 1, by_user = ap_auth_not_required
May 15 10:38:52 :305026: <DBUG> |stm| sapm_ap_init: AP d8:c7:c8:c8:92:4d: is NOT a mesh node
May 15 10:38:52 :305026: <DBUG> |stm| sapm_ap_adjust_radios: AP d8:c7:c8:c8:92:4d
May 15 10:38:52 :305026: <DBUG> |stm| sapm_check_arm_multiband: AP d8:c7:c8:c8:92:4d: ARM multiband disabled
May 15 10:38:52 :305026: <DBUG> |stm| sapm_set_rf_band: AP d8:c7:c8:c8:92:4d: radio 0 using band 0 source: Configuration
May 15 10:38:52 :305026: <DBUG> |stm| sapm_ap_adjust_radios: AP d8:c7:c8:c8:92:4d
May 15 10:38:52 :305026: <DBUG> |stm| sapm_check_arm_multiband: AP d8:c7:c8:c8:92:4d: ARM multiband disabled
May 15 10:38:52 :305026: <DBUG> |stm| sapm_set_rf_band: AP d8:c7:c8:c8:92:4d: radio 0 using band 0 source: Configuration
May 15 10:38:52 :305026: <DBUG> |stm| sapm_check_arm_multiband: AP d8:c7:c8:c8:92:4d: ARM multiband disabled
May 15 10:38:52 :305026: <DBUG> |stm| sapm_set_rf_band: AP d8:c7:c8:c8:92:4d: radio 0 using band 0 source: Configuration
May 15 10:38:52 :305026: <DBUG> |stm| sapm_ap_adjust_radios: AP d8:c7:c8:c8:92:4d
May 15 10:38:52 :305026: <DBUG> |stm| sapm_check_arm_multiband: AP d8:c7:c8:c8:92:4d: ARM multiband disabled
May 15 10:38:52 :305026: <DBUG> |stm| sapm_set_rf_band: AP d8:c7:c8:c8:92:4d: radio 0 using band 0 source: Configuration
May 15 10:38:52 :305026: <DBUG> |stm| sapm_override_ap_radio_prof: AP d8:c7:c8:c8:92:4d radio 0: enabled 1 mode 1 chan 6 pwr 30
May 15 10:38:52 :305026: <DBUG> |stm| sapm_ap_get_vap_config: AP d8:c7:c8:c8:92:4d radio 0
May 15 10:38:52 :305026: <DBUG> |stm| sapm_ap_assign_vaps: AP d8:c7:c8:c8:92:4d radio 0 enabled 1 mode 1 (16 VAPs) VAPs to assign 1
May 15 10:38:52 :305026: <DBUG> |stm| sapm_proc_hello_req: AP d8:c7:c8:c8:92:4d: Sending response to (192.168.4.112) with result 0
May 15 10:38:52 :305026: <DBUG> |stm| sapm_ap_generic_req_proc: AP d8:c7:c8:c8:92:4d: req FLASHING setting last_activity to 1337078332
May 15 10:38:52 :305026: <DBUG> |stm| sapm_proc_flash_reboot_req: AP d8:c7:c8:c8:92:4d: Sending response with result 0
May 15 10:38:52 :305010: <INFO> |stm| AP d8:c7:c8:c8:92:4d upgrading flash image.
May 15 10:39:05 :305026: <DBUG> |stm| sapm_ap_ageout: AP ip 192.168.4.112: state 8: long_ageout 0
May 15 10:39:49 :305026: <DBUG> |stm| sapm_ap_ageout: AP ip 192.168.4.112: state 8: long_ageout 0
May 15 10:41:03 :305026: <DBUG> |stm| sapm_ap_ageout: AP ip 192.168.4.112: state 8: long_ageout 0
May 15 10:42:16 :305026: <DBUG> |stm| sapm_ap_ageout: AP ip 192.168.4.112: state 8: long_ageout 0
May 15 10:43:29 :305026: <DBUG> |stm| sapm_ap_ageout: AP ip 192.168.4.112: state 8: long_ageout 0
May 15 10:44:43 :305026: <DBUG> |stm| sapm_ap_ageout: AP ip 192.168.4.112: state 8: long_ageout 0

 

We are having various levels of success by interupting the ap boot sequence and adding the serverip manually. The ap database on the controller looks like this

 

AP Database
-----------
Name Group AP Type IP Address Status Flags Switch IP
---- ----- ------- ---------- ------ ----- ---------
00:1a:1e:cc:a7:21 Glangwili_ap_group 61 192.168.1.117 Up 11d:23h:49m:45s 192.168.1.2
00:1a:1e:cc:a7:24 Glangwili_ap_group 61 192.168.1.126 Up 11d:23h:49m:50s 192.168.1.2
00:1a:1e:cc:a7:28 Glangwili_ap_group 61 192.168.1.119 Up 11d:23h:49m:49s 192.168.1.2
00:1a:1e:cc:a7:2e Glangwili_ap_group 61 192.168.1.116 Up 11d:23h:49m:53s 192.168.1.2
00:1a:1e:cc:a7:36 Glangwili_ap_group 61 192.168.1.118 Up 11d:23h:49m:49s 192.168.1.2
00:1a:1e:cc:a7:39 Glangwili_ap_group 61 192.168.1.121 Up 11d:23h:49m:46s 192.168.1.2
00:1a:1e:cc:a7:3c Glangwili_ap_group 61 192.168.1.123 Up 11d:23h:49m:52s 192.168.1.2
00:1a:1e:cc:a7:3d Glangwili_ap_group 61 192.168.1.114 Up 11d:13h:43m:49s 192.168.1.2
00:1a:1e:cc:a7:3f Glangwili_ap_group 61 192.168.1.115 Up 11d:23h:49m:44s 192.168.1.2
00:1a:1e:cc:a7:40 Glangwili_ap_group 61 192.168.1.124 Up 11d:23h:49m:36s 192.168.1.2
00:1a:1e:cc:a7:96 Glangwili_ap_group 61 192.168.1.120 Up 11d:23h:49m:7s 192.168.1.2
00:1a:1e:cc:a7:c0 Glangwili_ap_group 61 192.168.1.122 Up 11d:23h:49m:51s 192.168.1.2
d8:c7:c8:c8:8f:ca default 93 192.168.4.110 Down 192.168.1.2
d8:c7:c8:c8:91:88 default 93 192.168.2.111 Up 2h:57m:5s D 192.168.1.2
d8:c7:c8:c8:92:1d default 93 192.168.2.110 Up 2h:57m:6s D 192.168.1.2
d8:c7:c8:c8:92:4d default 93 192.168.4.112 Upgrading ID 192.168.1.2
d8:c7:c8:c8:92:e2 default 93 192.168.4.111 Down 192.168.1.2
d8:c7:c8:c8:92:eb Glangwili_ap_group 93 192.168.0.31 Up 1h:37m:34s 192.168.1.2
d8:c7:c8:c8:92:f0 default 93 192.168.3.112 Down 192.168.1.2
d8:c7:c8:c8:93:04 default 93 192.168.2.114 Up 2h:57m:5s D 192.168.1.2
d8:c7:c8:c8:93:9a Bronglais_ap_group 93 192.168.1.110 Down 192.168.1.2
d8:c7:c8:c8:93:a5 Glangwili_ap_group 93 192.168.0.27 Up 1h:1m:36s 192.168.1.2
d8:c7:c8:c8:96:f5 default 93 192.168.3.110 Up 18h:35m:20s D 192.168.1.2

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: