Wireless Access

Hi,

I saw last week two cases of devices connected to the wifi network but can't communicate and on the taskbar it says limited connection.

When I checked the ip address information on the device all is correct (ip/netmask/gateway,dns) but on the user table on the controller the same ip address is already used by an other device with different mac address and the age time is more than 24h. I deleted the old user on the controller and the device started passing traffic. 

So, the issue is the user is not deleted from the user table on the controller when the entry is outdated. On the controllers, I can see many entries like that, I guess all the devices connected with those ip addresses are not able to pass traffic.

Is there any way to flush the user table of those aged entries like the dhcp does?

Thanks. 

What code are you running ?

What AP is the device connected to ?

Is it only happening to one particular device or several?

Hi,

Sorry, the code is 6.1.2.4 and the APs are 105.

The two cases i mentioned were on two different devices (W7 and Chrome OS).

Thanks.

Do you use VLAN pooling ? if you do how do you have it set it up? Even or Hash?

Also are you doing IP Mobility between controllers ?

Also are you doing IP Mobility between controllers ?

No.

Have you changed the idle timeout settings ?

do a show aaa timers 

And if you haven't I think you should open a TAC case 

Hi Victor,

I did not change the timers.

(wifi_master) #show aaa timers

User idle timeout = 1800 seconds
Auth Server dead time = 10 minutes
Logon user lifetime = 5 minutes
User Interim stats frequency = 300 seconds

I am planning to upgrade to 6.1.3.6-AirGroup to integrate AirGroup in our environment. If the issue is not resolved with the new AOS, i will open a TAC case.

Thanks a lot for your help.

Do you use VLAN pooling ? if you do how do you have it set it up? Even or Hash?

Yes, we are using VLAN pooling. It should be Hash because we are running 6.1.2.4. 

Thanks.

---

@Mario12 wrote:

Hi,

 

I saw last week two cases of devices connected to the wifi network but can't communicate and on the taskbar it says limited connection.

 

When I checked the ip address information on the device all is correct (ip/netmask/gateway,dns) but on the user table on the controller the same ip address is already used by an other device with different mac address and the age time is more than 24h. I deleted the old user on the controller and the device started passing traffic. 

 

So, the issue is the user is not deleted from the user table on the controller when the entry is outdated. On the controllers, I can see many entries like that, I guess all the devices connected with those ip addresses are not able to pass traffic.

 

Is there any way to flush the user table of those aged entries like the dhcp does?

 

Thanks. 

---

Mario,

Please use AAA fast age to age out those entries:

http://community.arubanetworks.com/t5/Command-of-the-Day/COTD-aaa-user-fast-age/td-p/4098

Hi Joseph,

Thanks, I will try that and come back to you on this.

Hi Joseph,

we did not have duplicate sessions.

we have only one entry in the Aruba user-table with the same ip address that is issued by dhcp to the client, but the mac address in the Aruba user table is different from the client mac address.

Please see included file.

Regards,

Hello,

I'm having the same exact issue on 6.1.2.4.  Did you ever resolve this?

Regards,

Dave

Hi - I have the same issue. Been having for the past few releases. Currently on 6.1.3.6-AirGroup.

Any update would be appreciated!

Hi Burbackm,

For us, it turned out to be a bug with the broadcast-filter-arp option in the stateful firewall.  We disabled the option on the stateful firewall and enabled it at the VAP level and didn't have anymore issues.  

I hope this helps!

Regards,

Dave 

Hi Dave -

We've had broadcast-filter ARP turned off, so I don't think that's the issue in my case. Thanks, though.

Mike