Wireless Access

Hi all,

 

I am working with Aruba controller(7010) and AP 334 with DHCP configured on controller. My issue here is all APs got IP address but clients that connected to that AP didn't.  Did i miss something here? Anyone who can help me  please? 

What is the forwarding mode of the VAP, if it is bridge then the controller cannot provide DHCP since traffic is not tunneled to the controller. You would need a local DHCP Server for this.

 

If the VAP mode is tunnel, does your controller have a L3 interface in the VLAN to assist with the DHCP

functions?

 

EDIT* You may want to change the User Role from 'logon' to your own. This won't affected DHCP since 'logon' permits DHCP but the clients will see a Captive Portal.

Thank you for your response!

VAP forwarding mode is bridge and DHCP is  configured on core switch but still not working.

 

Regarding user role: I already tried to change to 'authenticated' but it shows the following when i try to change it. 

Error processing command 'aaa profile "ICT_Park-aaa_prof" initial-role "authenticated"':Error: Role 'authenticated' is user defined, and can't be applied without Next Generation Policy Enforcement Firewall

 

 

Have you configured the VLAN on the switch port correctly?

 

Untagged = AP Management VLAN

Tagged = Client VLANs.

The reason why you are seeing that error is due to not having a PEF license installed. Do you have a PEF license?

Both APs and Controller were in the same vlan (access vlan 20). I reconfigured the ports that connect core switch and Controller to trunk(tagged) on both side to allowed vlan all. Then the connection between Controller and other devices disconnected.  

 

User Role: I have PEF license, still error come.

Is the switch port (where the AP is connected to) configured correctly? So
tagged/untagged is set? So if the client VLAN is 20, then this is tagged and the AP VLAN is untagged.

Have you installed the PEF license and rebooted?

 

 

I changed forwarding mode to tunnel and now it works. Thank you! But the user role thing is still messing, I have PEF license and installed and rebooted a month ago. its flag also enabled. but i can't see what is wrong with it. Any idea? Installed Expires(Grace period expiry) Flags Service Type 2019-12-30 12:52:35 Never E Policy Enforcement Firewall for VPN user

Glad to hear it! Which version of AOS is this? In v8 you need to enable the PEF feature to use the license.

Sent from my iPhone

AOS is V6 (6.5.1.4).

Can you provide the output of ‘show license’ and ‘show license verbose’. Feel free to obscure the license code

Sent from my iPhone

Find attached

Okay, I can see the issue. You have a PEFV licenses installed instead of a PEF. You will need a PEF licenses to complete the changes and resolve the error you are seeing.

PEFV = License for the IPSEC/SSL VIA client.

https://www.arubanetworks.com/techdocs/ArubaOS_80_Web_Help/Content/LicenseGuide/License_Usage.htm

Thank you!!

attached docs