Wireless Access

Valued Contributor I

Re: LAN Server Black Listed?

You said this is a flat network yes? No routing?


Whether the controller has an ARP entry for the client is only relevant if the "convert arp" is configured in the VAP.


If you can post a copy of your config, that might help? Take out anything sensitive.


Ok. So .7 is the server?


What I would try is as follows (when you get the issue again, sorry!).


Check the client ARP entry on the server, and the server entry on the client. Do they both exist? And look right?


Very first thing to do next (whilst the issue exists), is take off "Drop Broadcast and Multicast" and "Convert Broadcast ARP requests to unicast" from the VAP.


In the short term (depending how big your flat network is), it will likely run slower, but it might restore the session. And if it does, we will know what the root cause is.


Then, we can work out what to do about it (will need more info).

Kudos appreciated, but I'm not hunting! (ACMX 104)
Contributor II

Re: LAN Server Black Listed?

Well this particular part of the network could be considered flat yes.

The controllers, DHCP clients (120) and this particular server are all on the same network currently.

While the number of devices aren't all that many, the broadcast domain is pretty big which I'm looking to segment once our users go off over the Christmas break.


.7 is indeed the server in question


I've attached the config as per your request.


Just before a change the mcast / ucast settings on the controllers - will there be any downtime from the change of settings or will it be instant?


Interestingly enough, today is the first day that we haven't had the MIS server disappear to the wireless clients. It usually happens around 08:30-45 am.


Best regards,

Valued Contributor I

Re: LAN Server Black Listed?

Right, the watched washing machine never breaks when the engineer visits...


These changes should not impact service. You might notice a minor blip, but I would not expect anything significant. Of course you'll understand I can't promise that, but if I was doing it, I'd just go ahead.


You've got "firewall broadcast-filter arp" enabled globally in the stateful firewall config (I normally do this per VAP rather than global, doing both is redundant). I don't think it shows up in the individual VAP configs as it's on by default in your version (pretty sure of that).


So, you'll need to go into the firewall global config and turn that off, then make the changes to each VAP I described.

Kudos appreciated, but I'm not hunting! (ACMX 104)
Contributor II

Re: LAN Server Black Listed?

Hi guys,


Id like to appologise for leaving this thred hanging for so long, id also like to thank everyone for their help and suggestions.


After examining the ARP logs over and over again, I finally noticed what the issue was.

The logs shown that the MAC address of the host configured for that particualr IP address changed  - so essentially a wireless device was configured with the same IP Address as the server that kept dropping for wireless clients.


So every time this device joined the wireless network the controlers directed all the traffic for the server to the wireless device instead.



Search Airheads
Showing results for 
Search instead for 
Did you mean: