Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Bridge mode AP without controller

This thread has been viewed 3 times

  • 1.  Bridge mode AP without controller

    Posted Sep 22, 2016 12:36 PM

    Hi, I have 7205 controller with 205 APs. The controller is at central location and I have VAP in remote office configured in bridge mode, putting corporate users on a local VLAN on the campus switch.

     

    Is there a way to enable the authenticated corporate users to continue using the local vlan, even if the AP loses connection to the controller?



  • 2.  RE: Bridge mode AP without controller

    EMPLOYEE
    Posted Sep 22, 2016 12:45 PM

    You would need to set that AP up as a Remote AP, then set the Remote AP Operation Setting to Persistent or Always:  http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Content/ArubaFrameStyles/Remote_AP/Advanced_Configuration_O1.htm#remote_ap_1516596501_1062709



  • 3.  RE: Bridge mode AP without controller

    Posted Sep 22, 2016 02:57 PM

    Nice one. Thanks for the quick answer.

    Is there any implications in enable RAP mode? I mean,  is it better to enable RAP on all access points with bridge mode, just in case they loose connection to the controller?



  • 4.  RE: Bridge mode AP without controller

    EMPLOYEE
    Posted Sep 22, 2016 04:15 PM

    When you say "just in case they lose connection" are your APs separated from your controller by an unreliable  WAN?  If you have quite a few access points that require you to bridge user traffic locally, when the time comes to purchase more APs, you should purchase Aruba Instant APS, that do not require a controller, for that site...

     



  • 5.  RE: Bridge mode AP without controller

    Posted Sep 23, 2016 04:05 AM

    Yes, we have head office and multiple sites. The plan was to move the controllers in our hosted datacentre, which connects to all sites via MPLS. Is there any implications of configuring all AP as RAP?

     

    How will this change if we purchuase IAPs, but continue managing them via the controllers? Will IAP behave differently if it uses connection to the controller?



  • 6.  RE: Bridge mode AP without controller

    EMPLOYEE
    Posted Sep 23, 2016 04:18 AM
    How many SSIDs do you have and what do you do with them? Are all of your SSIDs bridged?

    Iaps cannot be managed by a controller. They will have their own individual cluster at a site.


  • 7.  RE: Bridge mode AP without controller

    Posted Sep 23, 2016 04:30 AM

    It is company with a small data centre, a large Head Office and number of small to medium branches.

    The APs will be IAP capable anyway, but due to the number of offices, we want all APs to be centrally managed, so multiple IAP with virtual controllers is not the best option.

    Each AP will have 4 SSID, some bridged to the local networks and a guest SSID tunnelled back to the controller.

    A requirement is for the bridged ones to continue to operate in case connection to controller is lost. The tunnelled guest networks are not critical.



  • 8.  RE: Bridge mode AP without controller

    EMPLOYEE
    Posted Sep 23, 2016 04:41 AM
    You can centrally manage Instant APs and controller with Airwave at the data center. IAPs can bridge your SSIDs locally and form an IAP-VPN back to the controller to tunnel your guest traffic.

    Please speak to your local Aruba representative or reseller for design information specific to your deployment.

    You can do all remote APs at a site, and if anything happens on the WAN, your SSIDs will stay up. Unfortunately, with remote APs you will lose the ability to manage them or change anything. With an IAP-VPN cluster at that site, it is not dependent on the data center and you can manage, monitor or change IAPs at that site... This is the reason IAPs were created in the first place.


  • 9.  RE: Bridge mode AP without controller

    Posted Sep 23, 2016 10:51 AM

    Your comment: "You can do all remote APs at a site, and if anything happens on the WAN, your SSIDs will stay up.  "

     

    I did some LAB testing and indeed the SSID stays up, the authenticated user stays connected, however the AP stops forwarding IP packets a few minustes after the connection to the controller is lost.

     

    The VAP is configured in bridge mode and I tested with "alwasy-on" and "persistent" modes. I am testing by pinging the default gateway on the same subnet.



  • 10.  RE: Bridge mode AP without controller

    Posted Sep 22, 2016 12:49 PM

    RAP bridge mode SSIDs are configurable to stay up indefinitely using operational modes on the SSID profile (always-on / persistent). 

     

    (Aruba3200) (config) #wlan  virtual-ap test


    (Aruba3200) (Virtual AP profile "test") #rap-operation ?
    always Enable virtual-AP permanently
    backup Enable virtual-AP when remote AP cannot contact
    controller
    persistent Enable virtual-AP permanently after remote AP
    initially contacts controller
    standard Enable virtual-AP when remote AP can contact
    controller

    (Aruba3200) (Virtual AP profile "test") #rap-operation always 

     

     

    Pls refer Table 38 Remote AP Modes of Operation and Behavior 

     

    http://www.arubanetworks.com/techdocs/ArubaOS_60/UserGuide/Remote_AP.php

     

    Thanks,

    Sai