Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

"rap-operation always" but AP reboots when controller communication goes down

This thread has been viewed 20 times

  • 1.  "rap-operation always" but AP reboots when controller communication goes down

    Posted Nov 22, 2013 01:14 PM

    Hello,

     

    [Running ArubaOS 6.2.1.4.]

     

    I'm looking at providing an SSID which works even when contact with the controller is lost.  I've set up a separate virtual AP with 'rap-operation always' and 'forward-mode bridge'.  This seems to do the trick: a few seconds after contact with the controller is lost, the SSIDs on tunneled virtual APs stop being advertised, but the bridged SSID one continues to function.

     

    However, after several minutes, the AP reboots to try and reestablish communication with the controller.  After it has completed rebooting, the bridged SSID resumes (and the tunnelled ones not), but then it dies again after about 10 minutes, when the AP reboots to find the controller again.  The result is the bridged SSID is unavailable periodically.

     

    Is there a way to stop the rebooting from happening?

     

     

    Finally, this behaviour is identical across CAPs and RAPs - I assume that when local bridging was added to CAPs (in ArubaOS 5.0, I think), this functionality was retained but the parameter continued to be called 'rap-operation'.

     

    Thanks in advance,

     

      - Bob



  • 2.  RE: "rap-operation always" but AP reboots when controller communication goes down

    EMPLOYEE
    Posted Nov 22, 2013 01:54 PM

    In the AP system profile, set IPSEC Retries to Zero and it will not go down.

     

    RAP-ALWAYS only pertains to RAPS and NOT CAPS.



  • 3.  RE: "rap-operation always" but AP reboots when controller communication goes down

    Posted Dec 04, 2013 01:43 PM

    Thanks for your help - for the IPsec retries, to you mean:

     

    ap system-profile "always-up_sys"

      ...

      number_ipsec_retries 0

     

    ... that doesn't seem to be working for me on either a RAP (or a CAP) -- once I take the VLAN on the upstream switch port away from the RAP, breaking the communication with the controller, the AP reboots after a few minutes.  The AP group has a VAP with 'rap-operation always' although something probably wasn't associated at the time (if that makes a difference).

     

     

    FWIW, the 'rap-operation always' seems to work fine for me on a CAP (with the reboot, but that's the same as a RAP), but I'm guessing this isn't supported or an undefined situation.

     

     

     

    In any case, it was only a query from one of our customers regarding RAPs vs CAPs and it isn't essential, so I'll leave the matter.

     

    Thanks for your help.



  • 4.  RE: "rap-operation always" but AP reboots when controller communication goes down

    EMPLOYEE
    Posted Dec 04, 2013 01:48 PM

    Is that SSID a PSK SSID?



  • 5.  RE: "rap-operation always" but AP reboots when controller communication goes down

    Posted Dec 05, 2013 06:06 AM

    Yes...

     

     

    wlan ssid-profile "hoppy_ssid"

       essid "hoppy"

       opmode wpa2-psk-aes

       wpa-passphrase e08c4184a65f3d18f40fc6e274c561c533692ef1157f3ecb

    !

    wlan virtual-ap "hoppy_vap"

       aaa-profile "bridge-psk-noradius_aaa"

       ssid-profile "hoppy_ssid"

       vlan 499

       forward-mode bridge

       rap-operation always

    !

    ap system-profile "mad-up_sys"

       lms-ip 131.111.1.9

       lms-preemption

       number_ipsec_retries 0

    !

    ap-group "cs-rnb_93h-aps"

       virtual-ap "lapwing-mad_vap"

       virtual-ap "eduroam-mad_vap"

       virtual-ap "hoppy_vap"

       enet0-port-profile "ucs-rnb_wiredport"

       enet1-port-profile "ucs-rnb_wiredport"

       enet2-port-profile "ucs-rnb_wiredport"

       enet3-port-profile "ucs-rnb_wiredport"

       enet4-port-profile "ucs-rnb_wiredport"

       ap-system-profile "mad-up_sys"

     



  • 6.  RE: "rap-operation always" but AP reboots when controller communication goes down

    Posted 29 days ago

    Table 152: Remote AP Modes of Operation and Behavior Remote AP Operation Setting all Forward Mode Setting all bridge Management frames on the AP. Frames are bridged between wired and wireless interfaces. No frames are tunneled to the Managed Device. Station acquires its IP address locally from an external DHCP server. split-tunnel Management frames on the AP. Frames are either GRE tunneled to the Managed Device, to a trusted tunnel or are sent through the NAT and bridged on the wired interface according to user role and session ACL Typically, the station obtains an IP address from a VLAN on the Mobility Master. tunnel Frames al tunneled Managed to an untr tunnel. 100% ofs frames ar tunneled Managed

    Remote AP Operation Setting always Forward Mode Setting ESSID is always up when the AP is up regardless of whether the Managed Device is reachable. Supports PSK ESSID only. SSID Provides an SSID that is always available for local access. Not supported Not supp

    Remote AP Operation Setting backup persistent Forward Mode Setting ESSID is only up when the Managed Device is unreachable. Supports PSK ESSID only. SSID configuration stored in flash on AP. ESSID is up when the AP contacts the Managed Device and stays up if connectivity is disrupted with the Managed Provides a backup SSID for local access only when the Managed Device is unreachable. Same behavior as standard, described below, except the ESSID is up if connectivity to the Managed Device is lost. Not supported Not supported Not suppc Not suppc

    standard ESSID is up only when there is connectivity with the Managed Device. SSID configuration obtained from Behaves like a cla ssic Aruba branch office AP. Provides a bridged ESSID that is configured from the Managed Device and stays up if Split tunneling mode Classic Ar thin AP OF



    ------------------------------
    If my post was useful, please Accept Solution and Give Kudos.

    leo ma

    ACMX
    ------------------------------

    Original Message


  • 7.  RE: "rap-operation always" but AP reboots when controller communication goes down

    Posted 30 days ago

    Hi, I´m Marcelo.  Excuse me, my English is very bad.  I know this post is old, but I have this situation now whit an Aruba 7205 WLC and AP515.  I have only one controller, so I configured bridge mode, AP remote al"always" and IPSEC Retries to Zero.  

    I disconnect the WLC and the AP works during 20 minutes.  Then goes down and looks for the controller again.  What do you think about.  Could yo help me, please?  Thanks


    Original Message


  • 8.  RE: "rap-operation always" but AP reboots when controller communication goes down

    EMPLOYEE
    Posted 27 days ago

    As far as I know, you can set the IPSEC retries to the maximum (think it's 1000) and then you can get to a 1h20m reboot. If you want bridged SSIDs, converting your AP to Instant Mode may be an option.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message