Wireless Access

last person joined: 16 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Wired airgroup users unable to access wireless airgroup servers

This thread has been viewed 3 times

  • 1.  Wired airgroup users unable to access wireless airgroup servers

    Posted Aug 27, 2015 03:12 PM

    Hello,

    I can't get wired users to see wireless servers in a fairly simple setup. Seems pretty straight forward, I must be missing something simple but i'm coming up empty and so far it just seems like airgroup is relaying information for servers to wired clients...

     

    AOS 6.4.3.1, 3400 controller connected to a MAS s2500 running 7.4.0.3

    Chromecast, AppleTV, on a wireless PSK on VLAN 10

    MacBook Air - On a PSK or dot1x WLAN on VLAN 10, I can use all services. Airplay and Googlecast work as expected. When I connect my macbook to a wired MAS switch port on VLAN 10, I can't see the wireelss servers any more. If I plug in an appletv to the MAS I can see it and connect to it wired and wirelessly. Obviously the chromecast has no wired option. If I plug my macbook in to a controller vlan 10 port I can't see any airgroup devices wired into the MAS or wireless on the controller. I thought surely i would at least see the wired devices on the same vlan on the other side of the MAS...

     

    There are no dropping ACLs anywhere in the user roles, everything is using allowall.

     

    I dont <yet> need any complicated filtering / lists of users to be able to connect or not, i just need all wired devices to be able to see all wireless servers.

     

    Any help for what seems to be a pretty simple problem needing a simple solution?



  • 2.  RE: Wired airgroup users unable to access wireless airgroup servers

    EMPLOYEE
    Posted Aug 27, 2015 03:24 PM
    For wired Airgroup users, the controller needs to “see” the wired user. So, that means the VLAN needs to terminate on an Untrusted port on the controller. You can do a simple allow all AAA profile on the port on the controller where the switch plugs in.

    Hope that makes sense. Wired devices need to show up in the controllers user table.


  • 3.  RE: Wired airgroup users unable to access wireless airgroup servers

    Posted Aug 27, 2015 05:11 PM

    That kind of worked, chromecast is now showing up, but the appletvs are not. I'll poke some more.

     

    I get it, but I don't know if i like it. Is this solution scalable for hundreds <thousands?> of wired users that don't really need to show up in the controller? Sure seems like a lot of load to put on the controller just to get an mdns message on a few clients that will use it.

     

    Thanks for giving me some direction.



  • 4.  RE: Wired airgroup users unable to access wireless airgroup servers

    Posted Jan 25, 2016 07:28 AM

    James, did you work further with this solution? I was asked by a customer about this today and would like some feedback from real world experience on doing this.