Cannot ping APs

Out of 473 APs, I can only ping 20 of them.  For those that I cannot ping, they are pingable from the same subnet, but not from outside the subnet.  


The APs are configured exactly the same and I cannot see any difference between the ones that are pingable and the ones that are not.  In all cases I can ping other devices that are in the same subnet as the AP.  It is only the APs that do not respond to ping.


I've checked firewall logs and confirmed that the pings are getting through.


It seems to me that the pings are reaching the APs, but for whatever reason they are not getting back.  Any ideas of what may be the issue or where to look?

Re: Cannot ping APs

Ddi you check the default gateway of the APs?

If they are not correctly set you wont be able to ping them from another network....

Did you statically put the IP to the AP? or its through a DHCP?


If the controller is in the same vlan than the APS then they wont need a default gateway to work in tunnel mode.... you will see everything working perfectly as all the traffic is send to the Wireless controller...


If you manually set it... you can check the AP default gateway under ap installation and checking it there on the configuration.




Re: Cannot ping APs

I've confirmed that the default gateways are correct.  The IPs are all set statically and the APs are not on the same VLAN as the controller.


The APs function normally except for the fact that I cannot ping most of them.

Re: Cannot ping APs

are yout pinging it from your computer? can you try pinging it from the wirrless controller instead? if it work from the controller then it must be a routing issue... do you know if the aps that you can ping are on an specific vlan or vlans? and the ones you cannot ping are on other specific vlans

Re: Cannot ping APs

I'm unable to ping them from anywhere outside of the VLAN, including my computer and the controller.  It can't be a routing issue because I can ping other devices in the same VLAN.  


All of the APs are remote APs on different VLANs that are specific to each remote location.  I do not see any pattern or difference in configuration between the 20 that are pingable and the 473 that are not.  One thing that I have noticed is that if I can ping one AP in a specific VLAN, I can ping all of the APs from that particular VLAN.


There is no difference between the VLANs that are pinging and the ones that are not other than they are in a different physical location.

Re: Cannot ping APs

Oh all those aps are remote APs?  though they were campuses APs...

Do you mean they are on RAP mode? right?

Because thats different...

ALL of them? are you pinging the outside address ip of the RAP?

Re: Cannot ping APs

Also on the System profile of those RAPS that you cannot ping,  can you tell me what ACL is applied on the paramether Session ACL can you tell me on the access list that selected there the firewall rules of it?

 Also Are those RAPS are going over a private link or over intenret? i suppose they are going through a private link... right?


A nice network diagram will help us to help you.... remenber we are trying to imaginate what you got in there..

Re: Cannot ping APs

Couple of other thoughts/questions:


- You say these are remote APs; I assume you mean true RAPs and not just APs are a remote site?  

- If they are RAPs, are you pinging the AP IP (inner L2TP pool IP) or the Outer AP IP?  The inner IP should respond if the RAP is terminated on the controller that handed out that address.  The outer IP will likely not be pingable from the controller.

- Are you sure the controller you are pinging from is the one the RAPs are terminated on?  If not, you can add a route to the inner IP on the controller (or your network) to direct the next hop to the controller's IP




Re: Cannot ping APs

We have several hundred remote locations and each has anywhere from 2-5 APs.  Our controller is located at our central datacenter.  The APs communicate with our controller via our MPLS network.  They are mostly 125's and a few 105's.


Here is the configuration of our APs:


AP "s012aruba01" Provisioning Parameters
Item Value
---- -----
AP Name s012aruba01
Location name N/A
SNMP sysLocation N/A
IP Addr
Domain Name N/A
Server Name aruba-master
Server IP
Antenna gain for 802.11a N/A
Antenna gain for 802.11g N/A
Antenna for 802.11a both
Antenna for 802.11g both
PAP User Name N/A
PAP Password N/A
PPPOE User Name N/A
PPPOE Password N/A
PPPOE Service Name N/A
USB User Name N/A
USB Password N/A
USB Device Type any
USB Device Identifier N/A
USB Dial String N/A
USB Initialization String N/A
USB TTY device path N/A
USB modeswitch parameters N/A
Remote AP Yes
Link Priority Ethernet 0
Link Priority Cellular 0
Mesh Role none
Installation default
Latitude N/A
Longitude N/A
Altitude N/A
Antenna bearing for 802.11a N/A
Antenna bearing for 802.11g N/A
Antenna tilt angle for 802.11a N/A
Antenna tilt angle for 802.11g N/A
Mesh SAE sae-disable

Re: Cannot ping APs

Here is the configuration of the system-profile:


AP system profile "RETAIL-L1"
Parameter Value
--------- -----
Backup LMS IP
LMS Preemption Enabled
LMS Hold-down Period 600 sec
Number of IPSEC retries 360
LED operating mode (AP-9x/AP-10x/AP-12x/RAP-5x only) normal
RF Band g
Double Encrypt Disabled
Native VLAN ID 11
Bootstrap threshold 8
Request Retry Interval 10 sec
Maximum Request Retries 10
Keepalive Interval 60 sec
Dump Server N/A
Telnet Disabled
SNMP sysContact N/A
AeroScout RTLS Server N/A
RTLS Server configuration N/A
Remote-AP DHCP Server VLAN N/A
Remote-AP DHCP Server Id
Remote-AP DHCP Default Router
Remote-AP DHCP DNS Server N/A
Remote-AP DHCP Pool Start
Remote-AP DHCP Pool End
Remote-AP DHCP Pool Netmask
Remote-AP DHCP Lease Time 0 days
Remote-AP Backup Ports Enabled
Remote-AP uplink total bandwidth 0 kbps
Remote-AP bw reservation 1 N/A
Remote-AP bw reservation 2 N/A
Remote-AP bw reservation 3 N/A
Heartbeat DSCP 0
Session ACL allowall
Corporate DNS Domain N/A
Maintenance Mode Disabled
WISPr Location-ID ISO Country Code N/A
WISPr Location-ID E.164 Country Code N/A
WISPr Location-ID E.164 Area Code N/A
WISPr Location-ID SSID/Zone N/A
WISPr Operator Name N/A
WISPr Location Name N/A
Remote-AP Local Network Access Disabled

