Wireless Access

Our system:

two 7210 controllers in master, local - OS 6.5.4.7

285 AP 225s

8 AP groups and group profile to direct which group connects to master or local controller

CPPM - OS 6.7.10 - this divides client hardware into OS for bandwidth purposes

3 VLANS - 40, 60 and 80

external Windows box for DHCP

six SSIDs on 3 VLANs

Problem :

VLAN 40 works fine for 2 SSIDS, if I try to add another SSID client connect/disconnect problems arise

I cannot add any SSIDs to VLAN 60

VLAN 80 has 3 SSIDs running fine

- 6 SSIDs is too much.  The airtime consumed by configuring more than 4 SSIDs eventually becomes a bottleneck.  Why six SSIDs?

"CPPM - OS 6.7.10 - this divides client hardware into OS for bandwidth purposes

3 VLANS - 40, 60 and 80" - Why do you have it configured this way?

- How are you deciding what VLAN devices end up in, with a radius attribute (ClearPass) or in the Virtual AP profile?

Thank You for replay

So I should have no more than 4 SSIDs.

1 - I was trying to disperse bandwith across infrastructure depending on client OS.

2 - We are a school district that allows student cell phones to use Aruba wi-fi. Clearpass detects phones and forces to lowest bandwidth, 256K. Also assigns user role to client devices passed on to controller.

3 - VLANs assigned by virtual AP profile

1.  Got it

2.  Got it

3.  Okay.

Do your SSIDs use the same encryption?  Is the bandwidth limit at the internet, to servers or between sites?

256k is painfully slow and I'm not sure we can reliably enforce anything below 512k, really....  In general, if you allow users to get on then off quickly, that deals with congestion better.  Is limiting bandwidth due to a congestion issue?

1 - no, 3 SSIDs use WPA2, two are open - Guest uses captive portal "accept" page and other SSID uses LDAP authentication for access

2 - congestion? yes - phones only for textting, no browsing or wi-fi calling

We don't care if it is painfully slow.

So I should enable "user idle timeout" and input 900 seconds for example?

 - so the overhead problem you wrote about explains decay in connections and dropped clients when too many SSIDs try to use a certain VLAN.

1.  WPA2 preshared key or Enterprise?  Adding different VLANs does not add bandwidth...  The wireless medium will always be the chokepoint.  If you know the operating system in ClearPass, you can write a rule that sends back the aruba-user-vlan radius attribute to override the Virtual AP VLAN.  So you could combine 3 SSIDs into one potentially and use the radius server attribute to put different users into different VLANs.

2.  Got it.

The SSID overhead issue is real and it can certainly contribute to issues.  Look on the controller Dashboard page and see what access points have high utilization to determine what you are dealing with...  If you take a screenshot of the dashboard> access points page both before and after removing those SSIDs, that will advise you if having alot of SSIDs is contributing to your high utilization problem, but it usually does.  Turning down the maximum transmit power 3 clicks in the ARM profile might also deal with your issue.  Use the Dashboard as your guide.

Ok will do cjoseph

Thanks