Wireless Access

This community is currently in a read-only state due to a maintenance window. For more info click here
Reply
Highlighted
Contributor I

Wired Network Clients Cannot Reach WiFi Clients

Hello,

 

I'm setting up model AP-505 access points and would like to use them for a DHCP server as well.  I have one AP running with DHCP Local 1 Scope running.  I'm using Vlan 50 for this network and it's already assigned on the switchport.  I can connect to all network resources over Wifi, however I cannot connect to Wifi Clients when I'm back on the wired network.  Do I need to enter a static route in my router back to the Wifi Gateway to make this work?  Or am I going about it the wrong way?

 

Thanks,

Jason


Accepted Solutions
Highlighted

Re: Wired Network Clients Cannot Reach WiFi Clients

It sounds like you're setting your DHCP server up on the Instant Virtual Controller (VC), is this correct?

 

What DHCP server type have you currently set? You have used the word Local which should be OK. Local and Local,L3 set the VC to act as the DHCP server and Gateway. With Local, traffic is passed through the VC which performs Network Address Translation (NAT) - this probably isn't ideal if you want access to the wireless clients from the wired side.

With Local,L3 the VC will act more like a router but is more likely useful if you are using IPsec tunnels from the VC to another site or gateway/controller.

 

I would suggest you try Local,L2. The gateway can be configured as a device other than the VC - such as your router. With this mode it would be possible to have all wired and wireless clients in the same subnet. Some more information may be useful about the other subnets if that is not your goal.

 

Here is a useful resource which describes the different Local DHCP modes: https://www.arubanetworks.com/techdocs/Instant_86_WebHelp/Content/instant-ug/dhcp-conf/local-dhcp-sco.htm?Highlight=dhcp%20server

 

Another useful link: Configuring DHCP Scopes - Aruba Instant 

View solution in original post


All Replies
Highlighted
Super Contributor II

Re: Wired Network Clients Cannot Reach WiFi Clients

Can the wireless clients reach the wired client your testing from? If so, it shouldn't be a routing issue. From there I would look at the rules on the role/roles.

 

 

Dustin Burns
Senior Mobility and Access Engineer @WEI
ACMX #509 | ACCX #1272 | ACSP | ACDA | ACEP | CCNP | CCDP | CCNA Wireless

If my post address your queries, give kudos and accept as solution!
Highlighted
Contributor I

Re: Wired Network Clients Cannot Reach WiFi Clients

Dustin,

 

Thanks for the reply.  Yes the wireless users can access the same wired users, but not vice-versa.  When you say to look at the rules on the rules/roles do you mean in the AP Virtual controller?

 

Thanks,

Jason

Super Contributor II

Re: Wired Network Clients Cannot Reach WiFi Clients

Yes. Are there any ACLs in the wireless roles that would only be allowing the communication in one direction?

 

 

 

Dustin Burns
Senior Mobility and Access Engineer @WEI
ACMX #509 | ACCX #1272 | ACSP | ACDA | ACEP | CCNP | CCDP | CCNA Wireless

If my post address your queries, give kudos and accept as solution!
Highlighted
Contributor I

Re: Wired Network Clients Cannot Reach WiFi Clients

I don't believe there are any rules at all, but let me double check and I will verify.

Highlighted

Re: Wired Network Clients Cannot Reach WiFi Clients

It sounds like you're setting your DHCP server up on the Instant Virtual Controller (VC), is this correct?

 

What DHCP server type have you currently set? You have used the word Local which should be OK. Local and Local,L3 set the VC to act as the DHCP server and Gateway. With Local, traffic is passed through the VC which performs Network Address Translation (NAT) - this probably isn't ideal if you want access to the wireless clients from the wired side.

With Local,L3 the VC will act more like a router but is more likely useful if you are using IPsec tunnels from the VC to another site or gateway/controller.

 

I would suggest you try Local,L2. The gateway can be configured as a device other than the VC - such as your router. With this mode it would be possible to have all wired and wireless clients in the same subnet. Some more information may be useful about the other subnets if that is not your goal.

 

Here is a useful resource which describes the different Local DHCP modes: https://www.arubanetworks.com/techdocs/Instant_86_WebHelp/Content/instant-ug/dhcp-conf/local-dhcp-sco.htm?Highlight=dhcp%20server

 

Another useful link: Configuring DHCP Scopes - Aruba Instant 

View solution in original post

Highlighted
Contributor I

Re: Wired Network Clients Cannot Reach WiFi Clients

I've verified that there are no rules programmed into the Virtual Controller.

 

As of now the DHCP setting is set to Local (not L2 or L3).  We aren't using IPSec tunnels to another site or gateway.  The entire network is Metro Ethernet with an Aruba layer three switch serving as the gateway at each remote location.

 

It sounds like the Local, L2 will accomplish communication between wireless and wired clients.  I appreciate the help with this and I will also keep those two documents you included for future reference.

 

I didn't fully understand the documentation on those settings, but this makes sense.

 

Thanks again for the help!

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: