Wireless Access

Reply
Highlighted
Contributor I

Re: Using GRE Tunnels to centralize L3 access

Yes it is connected to a port and it has an IP.

The default gateway is the firewall IP.

Highlighted
Guru Elite

Re: Using GRE Tunnels to centralize L3 access

Can the controller ping the DHCP server?  Does the DHCP server have a scope setup in the range of VLAN2?  On what interface is the helper address?

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Contributor I

Re: Using GRE Tunnels to centralize L3 access

Yes controller can ping the DHCP server.

Yes the scope is defined on DHCP server for VLAN 2.

 

On VLAN 2 there is a helper address which points to the dhcp running on firewall.

 

Similarly on other vlans on which roaming is working, the dhcp helper address points to the dhcp inside the internal network.

Highlighted
Guru Elite

Re: Using GRE Tunnels to centralize L3 access


admin@rosmini.school.nz wrote:

Yes controller can ping the DHCP server.

Yes the scope is defined on DHCP server for VLAN 2.

 

On VLAN 2 there is a helper address which points to the dhcp running on firewall.

 

Similarly on other vlans on which roaming is working, the dhcp helper address points to the dhcp inside the internal network.



if you are just bridging traffic to an existing VLAN, and that VLAN is on the firewall, why do you need a helper address?  The firewall on should just be providing dhcp, if it is the default gateway.

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Contributor I

Re: Using GRE Tunnels to centralize L3 access

Yes you are right. Even if I remove helper address clients will get an IP. And I can do it no issues. 

 

But again the issue comes for the roaming of clients.

Highlighted
Guru Elite

Re: Using GRE Tunnels to centralize L3 access

Okay.  Let's take this a step back.  What SSID are you having the problems with?

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Contributor I

Re: Using GRE Tunnels to centralize L3 access

Its is the HOTSPOT and GUEST network SSIDs. Both SSIDs are mapped to VLAN2.

Highlighted
Guru Elite

Re: Using GRE Tunnels to centralize L3 access

So you are having problems with one or both SSIDs?  Are all APs in your infrastructure in the same AP-Group?

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Contributor I

Re: Using GRE Tunnels to centralize L3 access

Issue is with the BOTH SSIDs.

Yes APs are in the same AP group. 

 

Does this matter that my APs are on 192.168.x.x network and my clients on hotspot and guest are on 172.16.x.x

 

I have noticed that when client move between APs haveing IPs from same subnet, roaming works on hotspot and guest.

Suppose an AP-1 on 192.168.110.65 and AP-2 is on 192.168.110.55. If client roams between these two APs, roaming works but if he moves onto an AP having IP 192.168.109.80, there is no roaming in such case and browsing stops. The role of the user remain authenticated until idle time out matches the condition.

Highlighted
Guru Elite

Re: Using GRE Tunnels to centralize L3 access

1.  Turn on user debugging

 

config t

logging level debugging user

 

2.  Associate a client to a good AP and then roam to a bad one

 

3.  Look at the log when this happens:

 

show log user all | include <mac address of client>

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: