Wireless Access

last person joined: 3 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Why do my RAP's shut down Internet access when my mobility controller is down?

This thread has been viewed 0 times

  • 1.  Why do my RAP's shut down Internet access when my mobility controller is down?

    Posted Mar 14, 2014 02:51 PM

    We utilize a mobility controller and remote access points in order to do site to datacenter vpn's for our remote sites. Teh conenctions are split tunnelled, sending traffic to our domain subnets across the VPN tunnel and all other traffic goes out directly via the local Internet connection. On rare occasion the controller is down and is inaccessible to the RAP's, they no longer allow traffic at all outside the network, ie to Internet.

     

    So we have at this point 30 sites reliant on the controller. If the controller is down, all 30 sites lose Internet access. Certainly there must be a way of configuring this that I am missing. Please help!

     

    Regards,

    Greg



  • 2.  RE: Why do my RAP's shut down Internet access when my mobility controller is down?

    Posted Mar 14, 2014 05:10 PM
    Create another SSID (psk) / VAP (bridge mode/always)

    http://www.arubanetworks.com/techdocs/ArubaOS_60/UserGuide/AP_Config.php


  • 3.  RE: Why do my RAP's shut down Internet access when my mobility controller is down?

    Posted Mar 17, 2014 09:35 AM

    Thank you. We actually do not uutilize the wireless aspects in any way however. Strictly wired.

     

    Internet Connection <-> RAP <-> Network Switch <-> Endpoints



  • 4.  RE: Why do my RAP's shut down Internet access when my mobility controller is down?
    Best Answer

    EMPLOYEE
    Posted Mar 17, 2014 10:18 AM

    The wired interfaces should automatically bridge that traffic out to the internet, BUT you probably have to change your ipsec retries number to 0 so that the access point does not reboot:

     

    http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Web_Help_Index.htm#ArubaFrameStyles/Remote_AP/Advanced_Configuration_O1.htm:

    "

    Backup Configuration Behavior for Wired Ports

    If the connection between remote AP and the controller is disconnected, the remote AP will be exhibit the following behavior:

      All access ports on the remote AP, irrespective of their original forwarding mode will be moved to bridge forwarding mode.
      Clients will receive IP address from the remote AP's DHCP server.
      Client will have complete access to Remote AP's uplink network. You cannot enforce or modify any access control policies on the clients connected in this mode."

     

    What you need to do is Change the number-IPSEC-Retries in that AP system profile to 0, so that the access point does not reboot, it simply tries to restablish itself without rebooting:  http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Web_Help_Index.htm#ArubaFrameStyles/1CommandList/ap_system_profile.htm - "The number of times the AP will attempt to recreate an IPsec tunnel with the master controller before the AP will reboot. A value of 0 disables the reboot."