- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
12-07-2011 10:37 AM
Has anyone ever come across an ap in the ap database that says denied?
#show ap database
AP Database
-----------
Name Group AP Type IP Address Status Flags Switch IP
---- ----- ------- ---------- ------ ----- ---------
00:0b:86:cf:d1:15 default 105 10.20.100.208 Denied 10.20.0.180
00:0b:86:cf:d1:17 default 105 10.20.100.210 Denied 10.20.0.180
Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = Unlicensed
I = Inactive; H = Using 802.11n license; D = Dirty or no config
X = Maintenance Mode; P = PPPoE AP; B = Built-in AP
R = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP; c = CERT-based RAP; 2=Using IKE version 2
M = Mesh node; Y = Mesh Recovery
Total APs:2
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: ap's status is "denied" ?
12-07-2011 10:39 AM
I am going to guess that has something to do with CPS (Control Plane Security). Do you have CPS enabled?
Zach Jennings
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: ap's status is "denied" ?
12-07-2011 10:43 AM
Out of the box controller.
All that was done is:
initial config (ip, mask, gw)
licenses installed.
Code upgraded to 6.1.2.5
So no I don't have CPS unless it was turned on by default.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: ap's status is "denied" ?
12-07-2011 10:45 AM
Pretty sure it is enabled by default.
Zach Jennings
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: ap's status is "denied" ?
12-07-2011 10:52 AM
If the controller had 6.x code on it from the factory then CPSec IS on by DEFAULT
Harold
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
12-07-2011 11:01 AM
I have fixed the issue.
Cleared the ap from the database. Rebooted the ap.
Up acts normal now.
Ok so in 6.1 CPS is on.
Nope no denied here:
Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = Unlicensed
I = Inactive; H = Using 802.11n license; D = Dirty or no config
X = Maintenance Mode; P = PPPoE AP; B = Built-in AP
R = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP; c = CERT-based RAP; 2=Using IKE version 2
M = Mesh node; Y = Mesh Recovery
Would be helpful if DEV is going to use a flag to give us an idea what it does.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: ap's status is "denied" ?
02-13-2012 09:37 AM
Agreed.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: ap's status is "denied" ?
02-13-2012 03:16 PM
@ddipert wrote:
I have fixed the issue.
Cleared the ap from the database. Rebooted the ap.Up acts normal now.
Ok so in 6.1 CPS is on.
Nope no denied here:
Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = Unlicensed
I = Inactive; H = Using 802.11n license; D = Dirty or no config
X = Maintenance Mode; P = PPPoE AP; B = Built-in AP
R = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP; c = CERT-based RAP; 2=Using IKE version 2
M = Mesh node; Y = Mesh RecoveryWould be helpful if DEV is going to use a flag to give us an idea what it does.
You get much more than a flag. You get a big denied when an AP is denied:
(host) #show ap database AP Database ----------- Name Group AP Type IP Address Status Flags Switch IP ---- ----- ------- ---------- ------ ----- --------- 00:0b:86:66:97:46 default RAP-5WN 192.168.1.248 Down 192.168.1.3 00:24:6c:c2:97:1b default 105 192.168.1.240 Down 192.168.1.3 00:24:6c:cb:30:89 default 105 192.168.1.238 Down 192.168.1.3 00:24:6c:cb:30:94 default 105 192.168.1.239 Down 192.168.1.3 00:24:6c:cb:30:ba default 105 192.168.1.245 Down 192.168.1.3 AP105 default 105 192.168.1.251 Down M 192.168.1.3 AP135 default 135 192.168.1.251 Up 10m:8s 2 192.168.1.3 d8:c7:c8:c1:66:ab default 105 192.168.1.242 Down 192.168.1.3 GOC-SHP1-AP125 default 125 192.168.1.243 Denied 192.168.1.3 Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = Unlicensed I = Inactive; H = Using 802.11n license; D = Dirty or no config X = Maintenance Mode; P = PPPoE AP; B = Built-in AP R = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP; c = CERT-based RAP; 1 = 802.1x authenticated AP; 2 = Using IKE version 2 M = Mesh node; Y = Mesh Recovery Total APs:9
*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: ap's status is "denied" ?
02-22-2012 10:05 AM
Hi,
Denied is not a Flag, it is Status like up or down or upgrading.
Principal Network Engineer
Customer Advocacy | Aruba Networks Inc.
Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the bottom right hand corner of the post.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: ap's status is "denied" ?
04-26-2012 02:16 PM
I had same problem, I disabled CPSec and My APs came back up
ACDX #420 | ACCA
[If you found my post helpful, please give kudos!]
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator