Wireless Access

last person joined: 21 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Virtual Mobility Controller Issues with VLANS and WLANS

This thread has been viewed 5 times

  • 1.  Virtual Mobility Controller Issues with VLANS and WLANS

    Posted Jan 31, 2019 12:59 PM
      |   view attached

    Hello,

     

    Completely new to Aruba so I apologize ahead of time if I don't know what I am talking about. Coming from Cisco over here. I have 1 Mobility Controller that I am trying to use to manage these AP's. The AP's are on the same vlan as the controller which is on vlan 1. The AP's and the controller are all on trunked ports. I am trying to set up WLAN's for 3 VLAN's. VLAN 21 is for our wireless IP Phones, VLAN 30 is our guest VLAN and VLAN 40 is for the staff. I started with VLAN 40. I was able to get as far as giving the VLAN an ip address and setting up the WLAN but the strange thing is none of the clients can connect. My android phone for example will obtain an IP address and connect but then immediately disconnects and restarts the process. Laptop computers wont join at all. I dont think DHCP is an issue here because like I said my phone does obtain an address and connect. I could be wrong but I am really unsure at this point. Spent 8 straight hours trying to get this working with no luck. I'm sure it is something simple. If anyone has some insight please let me know. I attached my config file to hopefully make things easier. 

     

    Thanks for your help ahead of time,

    Josh

    Attachment(s)

    txt
    config.txt   42 KB 1 version


  • 2.  RE: Virtual Mobility Controller Issues with VLANS and WLANS

    EMPLOYEE
    Posted Feb 01, 2019 03:36 AM

    You appear to be stuck at a very basic level, and having some basic understanding of the Aruba architecture is a big benefit to get this to work.

     

    I have had an issue in the past with Android devices that disconnected which was caused by the gateway IP that was supplied (in my case it was IPv6 and SLAAC, but I'd assume it is similar with IPv4 and DHCP) was not reachable because I had a typing error in what I configured. From your configuration I see something weird in the vlan 40 config:

    interface vlan 40
    ip address 10.20.12.2 255.255.255.0
    ip helper-address 10.20.12.1
    no suppress-arp

    I would not expect a dhcp relay (ip helper) to point in the subnet. What is issuing IP addresses in that VLAN 40? And what is expected to be the default gateway? What I would do is put one of the other interfaces of your controller in VLAN 40, make sure the port is trusted, and connect a client to see if it can connect. What most times helps me is to run a wireshark/tcpdump from the client to validate connectivity. 

     

    What also could be an issue is that you configured 'guest' as the initial role in the aaa profile. The guest role has limited access. You can verify what role a user got with the 'show user' command. And with 'show rights guest' you can see what access rules are in there.

     

    As this is a lot of information, it may make sense to get you guided by an experienced engineer. ArubaOS is very powerful.  Most things are not rocket science, but it makes sense to realize how the configuration parts connect together.