Wireless Access

last person joined: 14 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

wireless clients unable to connect and authenticate when the ap's are shifted to secondary

This thread has been viewed 10 times

  • 1.  wireless clients unable to connect and authenticate when the ap's are shifted to secondary

    Posted Mar 12, 2018 05:22 AM
    Hello Experts,
     
    we have two 7010 controllers in our networks configured as master-standby ,  when we try to shift the ap's from the primary master controller to secondary one, our clients are not able to connect and authenticate.  although since master-redundancy has been enabled on both the controller, they have the same configuration.
     
    there are only two ssid's on the controllers, corp and guest , when a corp client connects to the ap (when the ap's are moved to secondary) , i cant even see it on the secondary controller cli using "show user-table" .  but when a client connected to a guest network , i see it on the cli , but since the guest ssid is layer 3 (the login page for guest is hosted on clearpass server) , it obtains IP address and gets the login page , but it cannot gets past that , it keeps on spinning and remains on the login page.
     
    but as soon as we shift the traffic on the primary wlc , all works well.
     


  • 2.  RE: wireless clients unable to connect and authenticate when the ap's are shifted to secondary

    EMPLOYEE
    Posted Mar 12, 2018 06:20 AM

    How are you moving the access points to the secondary?  If you are configured as master/standby, you should not be using HA fast failover because they are incompatible together.  Just make sure the LMS-IP is pointing to the VRRP ip address between the two controllers, so that when the secondary controller takes over, they will automatically.

     

    A standby controller cannot service access points, if it does not have control of the master vrrp.  If access points end up on the standby, it will not service those access points.

     

     



  • 3.  RE: wireless clients unable to connect and authenticate when the ap's are shifted to secondary

    Posted Mar 12, 2018 11:24 AM

    hi there , i have vrrp configured between the controllers and i do vrro shut/no shut to move the ap's on the secondary wlc . in fact i do see them on the secondary controller when they are moved except that they are not able to service any clients.

     

    also for the LMS IP , i have the following vrrp IP configured on both the controllers as mentioned below

     

     

     

    so let me know if anything else i wud need to check.



  • 4.  RE: wireless clients unable to connect and authenticate when the ap's are shifted to secondary
    Best Answer

    EMPLOYEE
    Posted Mar 12, 2018 01:18 PM

    You should turn on user debug to find out what your problem could be.  It could be a whole range of things.

     

    config t

    logging level debugging user

    show log user 50

     



  • 5.  RE: wireless clients unable to connect and authenticate when the ap's are shifted to secondary

    Posted Mar 16, 2018 09:43 AM

    hi it was the issue on the clearpass side , as the IP address of the scondary wlc was not added on it.