Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Need help setting up a RAP for home use

This thread has been viewed 1 times

  • 1.  Need help setting up a RAP for home use

    Posted Jun 18, 2018 08:32 AM

    Hi all,

    First off, I’m completely new to Aruba technology. Please feel free to explain wide and deep, I’m grateful for any info I can get. I want to configure some of our APs so that that coworkers can use them at home to connect to our internal network without the use of a VPN connection.

    We already use Aruba RAPs from our remote offices. The setup is a little weird though. AP’s are connected to a Cisco switch via a dot1q trunk to VLAN 1 and native VLAN 90. VLAN 1 is our data network and VLAN 90 is connected to the subnet from a simple modem/router combo, the ones you get from ISPs. The SSIDs are in ‘split-tunnel’ as forward mode and put the internal traffic in VLAN 60. The only controller we have for the AP’s is on our main site. The AP has native VLAN set to 90.

    I copied an ap-group in notepad, changed the ap-group name and pasted the whole thing in the CLI. I now have all the SSIDs I need.

    Here come the questions:

    • I suppose I have to change the AP native vlan to 1 since those cheap modem/router combo’s from ISPs don’t speak dot1q. Is that correct?
    • I suppose I need to set the SSIDs into ‘tunnel’ forward mode. Besides that no changes. Is that correct?
    • I need to provision the AP as a RAP, fill in the external address of our main site and set it to receive an IP address via DHCP. Correct?
    • DHCP for the clients: Can I leave the DHCP Server and DHCP Pool blank so the clients get their IP from the modem/switch (problem is that I cannot specify beforehand – we have two local ISPs and one uses 192.168.0.0/24 as subnet and the other only uses 192.168.1.0/24)

    Thanks in advance for any answer :)



  • 2.  RE: Need help setting up a RAP for home use
    Best Answer

    Posted Jun 18, 2018 10:04 AM
    @Koala wrote:

     

    • I suppose I have to change the AP native vlan to 1 since those cheap modem/router combo’s from ISPs don’t speak dot1q. Is that correct?

     

    yes, or just leave it blank/clear it.

    • I suppose I need to set the SSIDs into ‘tunnel’ forward mode. Besides that no changes. Is that correct?

    It is not required to use tunnel mode, you can still use split tunnel if you desire to allow home RAP users to use corp resources

    • I need to provision the AP as a RAP, fill in the external address of our main site and set it to receive an IP address via DHCP. Correct?

    The AP will get it's IP from DHCP by default, so nothing to change there. You can either plug the AP into a network so it comes up in campus mode on the controller, the reprovision it as RAP, or, use the AP serial port and just provision the following

     

    setenv master <ip or fqdn of the controller>
setenv remote_ap 1
saveenv
    • DHCP for the clients: Can I leave the DHCP Server and DHCP Pool blank so the clients get their IP from the modem/switch (problem is that I cannot specify beforehand – we have two local ISPs and one uses 192.168.0.0/24 as subnet and the other only uses 192.168.1.0/24)

    If you want to use split tunnel, then the corporate DHCP will be doing the client dhcp allocation (ditto for tunnel mode). In the case of split-tunnel there is no need to worry about the subnet in use by the residential gateway (router/modem box) as all client IPs will be src-natted to the AP IP address on vlan 1 in this case.

     

    hth.

     

     



  • 3.  RE: Need help setting up a RAP for home use

    Posted Jun 18, 2018 10:20 AM
    Here’s the RAP VRD :
    https://www.arubanetworks.com/assets/vrd/RAPVRD_version_8.pdf

    It explains how to configure / deploy RAPs and best practices



    Thank you

    Victor Fabian

    Pardon typos sent from Mobile