Wireless Access

We had to throw together a solution very quickly for a remote office we were standing up, so we leveraged our existing RAP environment to extend our network to this physical location. This site is rather large and build like a fortress, so a single RAP with it's wireless won't be enough. From the RAP, we have a small 8-port switch with (3) AP-325's running off of it. 

I noticed in testing, when they were configured as standard Campus APs, the would often show "ID" flags, indicating they were not getting their config and they were inactive. I decided to convert them to RAPs instead, using the internal IP of the controller since we are tunneling all traffic through the RAP. This seems to have stabilized the connectivity.

So far this is working, but I'm curious, has anybody else leveraged a solution like this to get a remote location up and running? If so, any pointers or suggestions? 

Hi,

Usually RAPs are intended for one AP per site. Using IAPs in the branch is recommended especially if there is a requirement for roaming. The IAPs can establish a VPN back to your controller in HQ.

IAP-VPN is well explained in section 4 here...

https://community.arubanetworks.com/t5/Video/Introduction-to-Remote-Access-Solutions-by-Aruba-Networks/ta-p/647010

How remote is this location? Are you going through some MPLS or other type of private WAN connection?  It's possible there's something between the controller and AP that is restricting MTU a bit and so the APs can't get their tunnels fully built, RAPs default to a lower MTU by default and may be why it's working.

Another thing to look at is 'show ap debug counters' to see if the APs are ack'ing the configs.