Wireless Access

Reply
Occasional Contributor II

AP with Flag ID

Hello need some help.


I have a Master and Local controller. Which initally had AP's split equally 50/50.

 

However due to circumstances I needed to send all AP's that had been connected on the Local to the Master.

So re-provisioned them to use the Master IP address.

 

Since doing so all the AP's that had been on the Local controller still have the "Switch IP" as the Local IP address and they all have the flags ID. Although the flags seem to come and go depedning on how often I refresh the page......

 

Basically those AP's that had been on the Local AP do not allow clients to connect.

 

Regards,

Red.


Accepted Solutions
Highlighted
Occasional Contributor II

Re: AP with Flag ID

Hello All,

 

Just wanted to update this post with a solution.

 

To recap..... We have two controllers

   North-(Local (Backup))   &   South-(Master)

 

We originally configured (via console) our AP's according to which controller was the closest e.g.

 

Northern-AP                                              Southern-AP

  setenv ipaddr 10.3.1.1                          10.2.1.1
  setenv netmask 255.255.0.0               255.255.0.0
  setenv gatewayip 10.3.0.1                    10.2.0.1
  setenv serverip 192.168.1.10             192.168.0.10
  setenv master 192.168.1.10               192.168.0.10

 

Everything was working until.....

We then needed to change (re-provision) all Northern AP's to use the Southern controller.

Doing this via the GUI lead to the Northern AP's constatnly flapping between both controllers and showing/flapping the flags D (Dirty) & I (inactive).

 

The solution-

Disbale ADP on the Northern-(Local) controller.

Although configured manually we found that ADP was not helping our setup.

This fixed the majority of re-provisioned AP's

 

Next for those stuborn AP's  that still kept falpping. We re-re-provisioned with a new IP in the same range.

E.g for an AP that had IP 10.3.1.1 we moved it to 10.3.1.10.

 

All AP's are now using the Southern-(Master) controller.

 

View solution in original post


All Replies
Highlighted
Moderator

Re: AP with Flag ID

That means inactive, dirty config. On the controller, can you run show profile errors

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Highlighted
MVP Expert

Re: AP with Flag ID

How are your APs discovering the controller ?

Do you have enough licenses on your master ?

How do you have configured the AP system profile ? Are you using VRRP ?
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Highlighted
MVP Expert

Re: AP with Flag ID

Try running the show log system all | include <ap Mac >
Show ap debug status ap-name <ap name>
this will give some idea why your are getting that flag
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Highlighted
Occasional Contributor II

Re: AP with Flag ID

Hi Thank you for the quick response.

There was no messages  form "show profile-errors" see below-

 

 Invalid Profiles
 ----------------
 Profile  Error
 -------  -----

Highlighted
Aruba Employee

Re: AP with Flag ID

The D flag is usually temporary. If its persistent, you should call TAC. The I flag can be caused by a number of things, but most of them show up under profile-errors. Check to make sure you have the AP group created on the controller. The APs store the name of their AP group in flash and then try to join that same group. If it doesn?t exist, the AP will be ?I? flagged. It will also be I flagged if you don?t have any VAPs assigned to the AP group the AP joins. It might also be due to CPSec being disabled, but the VAPs assigned to the AP group are in bridge mode.
Highlighted
Aruba Employee

Re: AP with Flag ID

Another big one? if you use VLAN pool names in the VAP, make sure that name exists on the controller where the AP is trying to terminate.
Highlighted
Occasional Contributor II

Re: AP with Flag ID

Q: How are AP's discovering controller?

 A: Via IP address manually set when initially configured by console. E.g. Some AP's with Master IP, then some with Local IP.

   Since then I tried re-provisioning to set them all to the Master conrtollers IP address.

 

Q: Do you have enough licenses?
 A: 145 License on each controller. 76 AP's deployed in totoal.

 

Q: How is AP system profile configured? VRRP?
 A: VRRP is not used. We have a Primary and a Backup LMS specified

  e.g. Master AP with Primary IP as Master and backup as Local.
            Local AP had Primary IP as Local and Master as backup.

 

The Master has a AP-profile and the Local a different one.

So im at the point now where I want all APs to use the Mater AP proflile and the Master Switch. Which I set on re-provisioning.

 

I've not had much time on this and being thrown in at the deep end....

 

Thank you for your help.

Highlighted
Occasional Contributor II

Re: AP with Flag ID


show log system all | inc <ap MAC>

 Jul 3 08:50:48 :311004:  <WARN> |AP Burton-1stFlr-24:de:c6:c4:d4:da@10.41.11.4 sapd|  Missed 8 heartbeats; rebootstrapping

 

Which suggests it keeps loosing sight on the Master controller?!!

Highlighted
MVP Expert

Re: AP with Flag ID

That's is correct , those APs are having issues reaching the master controller so they keep going back and forth between the master / local

Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: