Wireless Access

Reply
Highlighted
Occasional Contributor II

Re: Problems discovering AP's via DNS

Hi All

 

Slight update - but puzzling.


We have now plugged in another 5 AP's at our remote site to total 6.  Two of the APs have now shown up.


The strange thing is - I have always been told by our Aruba partner to copy the existing whitelist settings, and for these two AP's, there were slightly different settings.  From memory, for some reason I could not set all the 6 MAC's to the same settings.

 

The two which are working are set to factory-cert in a state of certified-switch-cert.

The others are factory certs, but a state of certified-factory-cert.  I cannot seem to change the whitelisting to match the working two.

 

Could this be the issue?

 

I should note I have tried putting debug level logging on but see no 'rejects' as such which I would expect to see if the control plane security were rejecting AP's.  Also - they are not RAP's yet, just brand new AP's. 

They are also in the campus whitelist.

Highlighted
Occasional Contributor II

Re: Problems discovering AP's via DNS

Interesting one - but surley proves the IP is valid...


I run a ping to the IP and I get no response, but the show datapath session table shows protocol 1 traffic in both directions - which is ICMP unless I am mistaken.

 

  • What model APs are these?

105

  • Can you just confirm that VRRP is working properly?  Can you runs "show vrrp" on both controllers just to make sure they are both not active?  They are not both active

Virtual Router 20:
    Description
    Admin State UP, VR State MASTER
    IP Address 172.31.200.82, MAC Address 00:00:5e:00:01:14, vlan 1
    Priority 120, Advertisement 1 sec, Preemption Enable Delay 1
    Auth type PASSWORD, Auth data: ********
    tracking is not enabled


Virtual Router 20:
    Description
    Admin State UP, VR State BACKUP
    IP Address 172.31.200.82, MAC Address 00:00:5e:00:01:14, vlan 1
    Priority 110, Advertisement 1 sec, Preemption Enable Delay 1
    Auth type PASSWORD, Auth data: ********
    tracking is not enabled

 

  • Are these APs going to be configured as RAPs or campus APs?   You mention the only instance of the MAC is in the when you added it to the RAP whitelist...just want to clarify. 

RAP's ultimatly, but just hoping to see them as campus AP's in order to configure them.  The only mention of the MAC in the logs was the user commands to add them to the whitelist

  • When you run "show ap database long"; do you see it listed at all?  Make sure you run it while you can see the TFTP requests in your show datapath session table command you posted.

No - and no chaneg during TFTP traffic

  • Do you have existing APs working?  Others at this site?

As per previous post - we have plugged in 5 more AP's and now 2 of the 6 are working and provisioned as RAP's successfully.

  • Do you have any way of getting to the console of one of those remote APs; just to confirm what the AP is seeing?

Not easily - they are mounted on the side of a building, but as a last resort, I could try to arrange

Highlighted
Super Contributor II

Re: Problems discovering AP's via DNS

Check out below thread, I hope it will help you

http://community.arubanetworks.com/t5/Branch-WLAN-and-Remote-Access/RAP-mode-AP/td-p/76908
Thanks & Regards
Syed Murad Ali
ACMP ACMA CCNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: