Wireless Access

Our company has an Aruba 620 controller and an Aruba AP105 access point for testing.

The APs create a WiFi network (ssid ArubaTest) in a VLAN (id 1) with private addresses in the 172.16.0.0/12 range. Both the APs (well... AP, because I only have one) and the Controller receive an IP in that range (the controller is static on 172.16.0.254). Clients can connect to the ArubaTest network and receive and IP in that 172.16.0.0/12 range (the controller is behaving as a DHCP server)

The Controller has access to the “outside world” (internet) through the uplink (port 8). In our office space there is an external router that provides internet access. I have no access to said equipment. On our office's wall there is a bunch of Ethernet ports that when something is plugged in, provide an IP address (in the range 10.0.0.0/8) and the routing information through DHCP (pretty typical setup for an office shared by many people, I would say). The uplink is assigned to another VLAN (id 2) and configured to get its IP though DHCP.

If I log in the controller's web interface and I go to the Configuration > Network > IP > IP routes tab, I can see that the Default Gateway is that external router we have in our office space: its IP is 10.192.7.1

Now, something that has been bugging me a bit is that if I go to Configuration > IP > IP Interfaces tab, the VLAN with id 2 (where the Uplink is assigned) is not getting an 10.0.0.0/8 address but 172.17.9.1, which I don't think its an IP our office router provides.

Here's what I see on Config > Network > IP > IP Interfaces tab:

It almost looks (to me, who has no idea) that the second VLAN is getting its addresses from the controller itself, not from the external router the uplink is connected to, but I don't really know whether this is normal or not...

Thanks to the replies in this conversation, all the clients connected to the VLAN 1 have now access to the internet (enabling source NAT did the trick). Everything is working fine for the clients connected to that network (as a matter of fact, I'm writing this on a laptop connected to the ArubaTest wifi network). From my laptop, I can ping 8.8.8.8, or google.com and I get a proper reply:

savir@savir-machina:~$ ping -c5 8.8.8.8

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

64 bytes from 8.8.8.8: icmp_req=1 ttl=51 time=50.2 ms

64 bytes from 8.8.8.8: icmp_req=2 ttl=51 time=39.8 ms

64 bytes from 8.8.8.8: icmp_req=3 ttl=51 time=119 ms

64 bytes from 8.8.8.8: icmp_req=4 ttl=51 time=41.0 ms

64 bytes from 8.8.8.8: icmp_req=5 ttl=51 time=42.6 ms

--- 8.8.8.8 ping statistics ---

5 packets transmitted, 5 received, 0% packet loss, time 4005ms

rtt min/avg/max/mdev = 39.804/58.619/119.476/30.644 ms

The question now is: how come that the controller itself can not ping hosts? If log in the controller's web interface, Diagnostics tab and try to ping 8.8.8.8, I get:

.....Sent 5, 100-byte ICMP Echos to 8.8.8.8, timeout 2 seconds:

Success rate is 0 percent (0/5)

How can I make the controller be able to reach external Ips?

In case it helps, from the controller's web interface I can ping the AP, my own computer (the laptop I'm writing this from), but not the default gateway (10.192.7.1)

Thank you in advance!

do this:

config t

ip default-gateway import dhcp

Hi cjoseph. Thanks for your reply.

I tried that, and it didn't seem to work. I still can't ping 8.8.8.8 from the Diagnostics > Network > Ping page. I'm still not that familiar with the CLI interface (I'm on it, though). I did the following:

(Aruba620-US) >enable
Password:*******
(Aruba620-US) #configure t
Enter Configuration commands, one per line. End with CNTL/Z

(Aruba620-US) (config) #ip default-gateway import dhcp
(Aruba620-US) (config) #
(Aruba620-US) #exit
(Aruba620-US) >exitConnection closed by foreign host.
Connection to 172.16.0.254 closed.

Did I need to save it... somehow? I also tried rebooting the controller after doing this.

Thank you again

Do two things:

config t

interface vlan 1

ip nat inside

Also remove the static default gateway that you had before.

Wow. Thanks for the fast reply!

I did what you mentioned, I rebooted the controller... Still same result (not able to ping 8.8.8.8)

The VLAN2 (where the Uplik is connected to) keeps getting the IP 172.17.9.1 (still, not sure if this is supposed to happen)

Also (and maybe it's relevant) the controller's role is set to Master.

I have:

    Enable source NAT for this VLAN

    Enable Inter-VLAN Routing

activated for both VLANs

You should not have to reboot anything.

Did you say that the clients in the 172.16.0.0 can get to the internet?  What is their default gateway?

It looks like it's the controller itself:

savir@savir-machina:~$ route -n

Kernel IP routing table
Destination   Gateway       Genmask        Flags Metric Ref Use Iface
0.0.0.0       172.16.0.254  0.0.0.0        UG    0      0   0   wlan0
169.254.0.0   0.0.0.0       255.255.0.0    U     1000   0   0   wlan0
172.16.0.0    0.0.0.0       255.255.255.0  U     2      0   0   wlan0 

Hi,

Good morning, :smileyhappy:

1.Are your sure that the port that u connected your uplink port to (your VLAN2) is a port that acting as a ACCESS port and not as a TRUNK PORT with native VLAN? (In the other equitment - not on the controller - check your switch port settings)

*CHECK IT*

*THIS MIGHT BE YOUR ISSUE*

2.Delete all the routes that u created (STATICS) and let the controller it own gw(via dhcp) or config u controller port as static address and not a DHCP address. <- Check it agian please

3.do a bit reading here:

http://www.arubanetworks.com/techdocs/ArubaOS_60/UserGuide/Network_Parameters.php

Let's us know - if some of thoese tips helped u.

If you would like to be sure - Disconnect the controller port  (from the switch you connected it to) and connect your laptop to this port - and check what ip details are u getting / and if u getting the right vlan/ip's...