Hi guys!
This is my first post, and I hope you guys can help me with this issue. We sold an Aruba solution using Instant Access Points, Airwave, Aruba S2500 POE switches and ClearPass onboard to a customer with 22 site locations. We are ripping and replacing an HP switch/wifi based solution, with a complete Aruba solution. We now have an issue on a site where we are forced to run parallel infrastructure before we can remove and replace all the old HP kit.
Our Instant 105 AP's are configured for VLAN 17 (the management VLAN) and our switches are also in VLAN 17. So all the AP's and switches get management IP's as assigned in VLAN 17. The Instant Virtual Controller's IP address is assigned statically in VLAN 17, while the member AP's get their IP's assigned dynamically in VLAN 17. The switches all have their management IP's assigned statically in VLAN 17. We then have an existing VLAN 1 (the default VLAN) that provides DHCP to the users on the network. Our S2500 switch is connected from its port 23 to the existing HP Procurve's port 7.
Here is the port confihuration for port 7 on the HP procurve:
Server Room# sh vlans ports 7 detail
Status and Counters - VLAN Information - for ports 7
VLAN ID Name | Status Voice Jumbo Mode
------- -------------------- + ---------- ----- ----- --------
1 DEFAULT_VLAN | Port-based No No Tagged
17 network_man | Port-based No No Tagged
Our problem is that we created SSID's on the Instant AP's, and tagged them for VLAN 1, but when a user connects to the SSID, he gets assigned an IP address from the VLAN 17 IP range, instead of the VLAN 1 IP range.
Here is the configuration for the Aruba S2500 switch:
(Aeroton) #show interface gigabitethernet 0/0/23
GE0/0/23 is administratively Up, Link is Up, Line protocol is Up
Hardware is Gigabit Ethernet, Interface is GE0/0/23, Address is 00:1a:1e:0b:be:59
Encapsulation ARPA, Loopback not set
Configured: duplex (Auto), Speed (Auto), FC (Off), Autoneg (On)
Negotiated: duplex (Full), Speed (100 Mbps)
Interface index: 24
MTU 1514 bytes
Link flaps: 0
Flags: Trunk, Trusted
Link status last changed: 0d 00:02:06 ago
Last update of counters: 0d 00:00:04 ago
Last clearing of counters: 0d 00:02:31 ago
Statistics:
Received 2934 frames, 421315 octets
58 pps, 74.265 Kbps
1657 unicast, 332 multicast, 945 broadcast
0 runts, 0 giants, 0 throttles
0 error octets, 0 CRC frames
Transmitted 2122 frames, 1593510 octets
47 pps, 98.656 Kbps
1999 unicast, 80 multicast, 43 broadcast
0 throttles, 0 errors octets, 0 deferred
0 collisions, 0 late collisions
PoE Information:
Administratively Enable, Port status: Off, Power consumption: 0 mW
PSE port status: Off, PD detection in progress
(Aeroton) #
(Aeroton) #
(Aeroton) #
(Aeroton) #
(Aeroton) #
(Aeroton) #
(Aeroton) #show vlan 1 detail
U - Untagged member, T - Tagged member
* - Active interface
Dot1q tag: 1, Description: DEFAULT_VLAN
Number of interfaces: 26, Active: 2, Non-Blocking: 2
VLAN membership:
Access:
GE0/0/6(U) GE0/0/7(U) GE0/0/8(U) GE0/0/9(U)
GE0/0/10(U) GE0/0/11(U) GE0/0/12(U) GE0/0/13(U)
GE0/0/14(U) GE0/0/15(U) GE0/0/16(U) GE0/0/17(U)
GE0/0/18(U) GE0/0/19(U) GE0/0/20(U) GE0/0/21(U)
GE0/0/22(U) GE0/1/0(U) GE0/1/1(U)
Trunk:
GE0/0/0*(T) GE0/0/1(T) GE0/0/2(T) GE0/0/3(T)
GE0/0/4(T) GE0/0/5(T) GE0/0/23*(U) GE0/0/23*(T)
Guys, I'd appreciate your help. Please excuse my poor English, it is not my first language :-)
Thomas