ExtremeWireless (WiNG)

Expand all | Collapse all

Mantener Ap Wing activo si la controladora falla

  Thread closed by the administrator, not accepting new replies.
  • 1.  Mantener Ap Wing activo si la controladora falla

    Posted 12-16-2020 22:31
    No replies, thread closed.

    Buenas tardes, me pueden ayudar indicandome si hay alguna forma de configurar los AP 7662 y 7632 de forma que si la controladora falla, estos se mantengan funcionando, ya que tenemos el detalle de que al fallar la controladora los AP se caen tambien

     

    Saludoss!!!!



  • 2.  RE: Mantener Ap Wing activo si la controladora falla

    Posted 12-17-2020 15:43
    No replies, thread closed.

    Hola, gracias por su tiempo. Por favor, disculpe las posibles errores de traducción. Esos modelos de AP continuarán pasando el tráfico de clientes sin un controlador, a menos que esté utilizando un servicio alojado en el controlador específicamente (como Radius o Captive Web Portal). Es eso lo que estabas buscando?



  • 3.  RE: Mantener Ap Wing activo si la controladora falla

    Posted 12-17-2020 15:57
    No replies, thread closed.
     

    Thank you for your prompt response, but in our case the APs completely lose the service, we want to know if there is any parameter to review or any test that we can perform for this problem.
    We don't have Radius or something like that that can affect the network if the controller goes down

    Cheers!!!



  • 4.  RE: Mantener Ap Wing activo si la controladora falla

    Posted 12-17-2020 22:59
    No replies, thread closed.

    Hello Adrian,

    These APs should be able to operate independently from the controller, unless, as Sam said they are relying on the controller for some type of service. 

    It is not clear what exactly happens to the APs when the controller is down, do the wireless client drop? Are the APs unreachable? Is the SSID not broadcasting? Please elaborate on this point. 

    You can start here:

    1 - Make sure that the DHCP server is local to the APs and not the controller

    2 - Make sure that the wlans bridging is set to local and NOT tunneled. 

    3 - Make sure that each AP has an IP address/DGW/DNS (not layer 2 adoption):

    #show IP int br

    #show IP default-gateway

    We may need to see the config from one of the APs to determine why this may be happening. 

    What type of controller are you using. 

    Rgds,

     

    Chris

     



  • 5.  RE: Mantener Ap Wing activo si la controladora falla

    Posted 12-18-2020 16:10
    No replies, thread closed.

    Después de una revisión más a fondo en si, los AP no permiten las conexiones de nuevos usuarios, es decir, los usuarios conectados antes del fallo se mantienen activos, pero los nuevos que requieran conectarse a la red WIFI no tienen servicio.

    La controladora es VX9000

     

    Esta es la configuración de uno de los equipos,

    EUM-1009-AP23-7632-724B96#show  ip default-gateways

    Source: DHCP-Client Gateway-address: 172.17.49.254
    Monitor-mode: gateway-monitoring Status : reachable
    Priority : 1000 Installed: YES
    DNS Servers : 8.8.8.8 192.168.4.1 192.168.8.1 192.168.3.1
    -------------------------------------------------------------------------------
    EUM-1009-AP23-7632-724B96#show running-config
    !
    ! Configuration of AP7632 version 7.4.0.1-002R
    !
    !
    version 2.7
    !
    !
    client-identity-group default
    load default-fingerprints
    !
    ip access-list BROADCAST-MULTICAST-CONTROL
    permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
    permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit D HCP replies"
    deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-descriptio n "deny windows netbios"
    deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
    deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP l ocal broadcast"
    permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
    !
    mac access-list PERMIT-ARP-AND-IPv4
    permit any any type ip rule-precedence 10 rule-description "permit all IPv4 tra ffic"
    permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
    !
    ip snmp-access-list default
    permit any
    !
    firewall-policy default
    no ip dos tcp-sequence-past-window
    !
    !
    mint-policy global-default
    !
    wlan-qos-policy default
    qos trust dscp
    qos trust wmm
    !
    radio-qos-policy default
    !
    captive-portal Guest
    inactivity-timeout 1800
    server host wingsscc.dyndns.org
    webpage external login https://consultiva.mx/
    webpage external welcome https://consultiva.mx/
    webpage external fail https://consultiva.mx/
    webpage external agreement https://consultiva.mx/
    webpage external acknowledgement https://consultiva.mx/
    webpage external registration https://consultiva.mx/
    webpage external no-service https://consultiva.mx
    webpage internal org-name
    webpage internal org-signature EUM All Rights Reserved.
    webpage internal login description Por favor, ingrese el usuario y password que le fue proporcionado por el departamento de TI.<br>Recuerde que la red WiFi es una cortesia, por un tiempo determinado y puede ser monitoreada y/o bloqueada en caso de hacer mal uso de la misma.
    webpage internal login footer Contacte con el departamento de TI si no se le han proporcionado datos de acceso o si presenta algun problema; puede comunicarse a la ext. 270, 281 o 389.
    webpage internal login header Bienvenido a la red de invitados de Envases Universales
    webpage internal login main-logo logo.png
    webpage internal login small-logo Logo.png
    webpage internal login title Guest WiFi
    webpage internal login org-background-color #ffffff
    webpage internal login org-font-color #990000
    webpage internal login body-background-color #ffffff
    webpage internal welcome header Bienvenido a la red de Envases ahora esta conectado a internet.
    webpage internal welcome main-logo _logo.png
    webpage internal welcome small-logo _logo.png
    webpage internal welcome title Guest WiFi
    webpage internal welcome org-background-color #ffffff
    webpage internal welcome org-font-color #990000
    webpage internal welcome body-background-color #ffffff
    webpage internal fail description Ha ingresado unas credenciales invalidas, por favor verifique que escribio correctamente el usuario y password.
    webpage internal fail footer Contacte con el departamento de TI si no se le han proporcionado datos de acceso o si presenta algun problema; puede comunicarse a la ext. 270, 281 o 389.
    webpage internal fail header El acceso es incorrecto!
    webpage internal fail main-logo _logo.png
    webpage internal fail small-logo _logo.png
    webpage internal fail title FAIL Guest WiFi
    webpage internal fail org-background-color #ffffff
    webpage internal fail org-font-color #990000
    webpage internal fail body-background-color #ffffff
    webpage internal agreement description Recuerde que la red WiFi es una cortesia, por un tiempo determinado y puede ser monitoreada y/o bloqueada en caso de hacer mal uso de la misma.
    webpage internal agreement header Terminos y condiciones:
    webpage internal agreement main-logo _logo.png
    webpage internal agreement small-logo _logo.png
    webpage internal agreement title Guest WiFi
    webpage internal agreement org-background-color #ffffff
    webpage internal agreement org-font-color #990000
    webpage internal agreement body-background-color #ffffff
    webpage internal acknowledgement header Bienvenido de regreso a la red de invitados de Envases
    webpage internal acknowledgement main-logo EUM_logo.png
    webpage internal acknowledgement small-logo EUM_logo.png
    webpage internal acknowledgement title EUM Guest WiFi
    webpage internal acknowledgement org-background-color #ffffff
    webpage internal acknowledgement org-font-color #990000
    webpage internal acknowledgement body-background-color #ffffff
    webpage internal registration description Por favor, tome un momento para realizar su registro:
    webpage internal registration header Bienvenido
    webpage internal registration main-logo EUM_logo.png
    webpage internal registration small-logo EUM_logo.png
    webpage internal registration title EUM Guest WiFi Registration
    webpage internal registration org-background-color #ffffff
    webpage internal registration org-font-color #990000
    webpage internal registration body-background-color #ffffff
    webpage internal no-service description Actualmente el servicio WiFi no esta disponible. Intente de nuevo mas tarde
    webpage internal no-service header El servicio esta temporalmente fuera de servicio
    webpage internal no-service main-logo EUM_logo.png
    webpage internal no-service small-logo EUM_logo.png
    webpage internal no-service title EUM Guest WiFi Fuera de servicio
    webpage internal no-service org-background-color #ffffff
    webpage internal no-service org-font-color #990000
    webpage internal no-service body-background-color #ffffff
    webpage internal registration field city type text enable label "City" placeholder "Enter City"
    webpage internal registration field street type text enable label "Address" placeholder "123 Any Street"
    webpage internal registration field name type text enable label "Full Name" placeholder "Enter First Name, Last Name"
    webpage internal registration field zip type number enable label "Zip" placeholder "Zip"
    webpage internal registration field via-sms type checkbox enable title "SMS Preferred"
    webpage internal registration field mobile type number enable label "Mobile" placeholder "Mobile Number with Country code"
    webpage internal registration field age-range type dropdown-menu enable label "Age Range" title "Age Range"
    webpage internal registration field email type e-address enable mandatory label "Email" placeholder "you@domain.com"
    webpage internal registration field via-email type checkbox enable title "Email Preferred"
    !
    wlan "EUM Wireless"
    description EUM Wireless
    ssid "EUM Wireless"
    vlan 20
    bridging-mode local
    encryption-type ccmp
    authentication-type none
    no multi-band-operation
    wpa-wpa2 psk 0 W1r3L3sS!
    !
    wlan EUM_Portal_Cautivo
    description EUM invitados con portal
    ssid "EUM Invitados"
    vlan 21
    bridging-mode local
    encryption-type none
    authentication-type none
    wireless-client hold-time 3600
    wireless-client inactivity-timeout 3600
    no multi-band-operation
    no protected-mgmt-frames
    client-load-balancing
    client-load-balancing band-discovery-intvl 5
    use captive-portal EUM_Guest
    captive-portal-enforcement
    registration user group-name RADIUS_Portal_EUM expiry-time 4320 agreement-refresh 144000
    use ip-access-list out BROADCAST-MULTICAST-CONTROL
    use mac-access-list out PERMIT-ARP-AND-IPv4
    enforce-dhcp
    proxy-arp-mode strict
    !
    wlan Invitados_apan
    description Invitados_apan
    ssid Invitados_apan
    vlan 15
    bridging-mode local
    encryption-type ccmp
    authentication-type none
    no multi-band-operation
    wpa-wpa2 psk 0 1Nv1T4d0$4P4n
    !
    !
    management-policy EUM
    no telnet
    http server
    https server
    rest-server
    no ftp
    ssh
    user admin password 1 ceccd02b607c208e6285f41ff7b63a0ac93c49cc9e1bf370b805c6c13a1e9cde role superuser access all
    user Consultiva password 1 9550f111421054f142a89fd5de47f91bd8bf7f591473aef61a60382d2de08e73 role superuser access all
    allowed-location EUM locations EUM
    snmp-server manager v1
    no snmp-server manager v3
    snmp-server community 0 public ro
    !
    profile ap7632 EUM-1009-7632
    autoinstall configuration
    autoinstall firmware
    device-upgrade auto ap7632
    crypto ikev1 policy ikev1-default
    isakmp-proposal default encryption aes-256 group 2 hash sha
    crypto ikev2 policy ikev2-default
    isakmp-proposal default encryption aes-256 group 2 hash sha
    crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
    crypto ikev1 remote-vpn
    crypto ikev2 remote-vpn
    crypto auto-ipsec-secure
    crypto load-management
    crypto remote-vpn-client
    interface radio1
    wlan "EUM Wireless" bss 1 primary
    wlan EUM_Portal_Cautivo bss 2 primary
    wlan Invitados_apan bss 3 primary
    interface radio2
    wlan "EUM Wireless" bss 2 primary
    wlan Invitados_apan bss 3 primary
    wlan EUM_Portal_Cautivo bss 4 primary
    interface bluetooth1
    shutdown
    mode le-sensor
    interface ge1
    switchport mode trunk
    switchport trunk allowed vlan 10,15,20-21,25,30,40,45,50,100,110,210,783
    switchport trunk native vlan 10
    interface vlan10
    ip address dhcp
    ip dhcp client request options all
    interface vlan20
    ip address zeroconf secondary
    interface pppoe1
    use management-policy EUM
    use firewall-policy default
    use client-identity-group default
    rf-domain-manager capable
    logging on
    controller host wingeum.dyndns.org level 2
    service pm sys-restart
    router ospf
    adoption-mode controller
    !
    rf-domain EUM_1009
    location APAN
    timezone America/Mexico_City
    country-code mx
    ad-wips-wireless-mitigation disable
    ad-wips-wired-mitigation disable
    channel-list dynamic
    control-vlan 783
    !
    ap7632 DC-B8-08-72-4B-96
    use profile EUM-1009-7632
    use rf-domain EUM_1009
    hostname EUM-1009-AP23-7632-724B96
    !
    !

    Saludos!!!



  • 6.  RE: Mantener Ap Wing activo si la controladora falla

    Posted 12-18-2020 19:46
    No replies, thread closed.

    I believe this is due to the user database which is on the controller. So when the controller is down, so is the user database which will prevent new users from registering via captive portal. 

     

    For redundancy options please refer to the this article under Configuration – Database (CLI Only)

     

    Rgds



  • 7.  RE: Mantener Ap Wing activo si la controladora falla

    Posted 12-23-2020 22:46
    No replies, thread closed.

    De acuerdo muchas gracias por su valioso apoyo, lo revisamos y les damos retro, aunque en nuestro caso el detalle no es en los usuarios de portal cuativo es en los usuarios en la red wifi “normal” de la vlan 20

     

    Saludos!!!