Is it possible to monitor these APs eventhough they are not in one network?


Is it possible to monitor these APs eventhough they are not in one network? Could it possible to connect to the controller without using VPN?

7 replies

Ummm... This post doesn't make any sense.. .. If you are asking if it is possible.. sure... static set controller IP with port forwarding with a public IP... cake.... Or just put an interface on the DMZ and do it that way. Otherwise you could just monitor the AP via PING with Nagios, Cacti, PRTG, Observium, LibreNMS, SmokePING.. etc...
Thanks for the response what the end user wants is that the controller could still get i formation from a remote AP. Eventhough its working on B@AP locally from a remote site.
Userlevel 7
There is one big limitation if you've the controller/AP behind a firewall with port forwarding = the software upgrade of the APs is not supported/working.

Yes you could do it... but it makes no sense in a real production deployment.
Userlevel 5
Ron wrote:

There is one big limitation if you've the controller/AP behind a firewall with port forwarding = the software upgrade of the APs is not supported/working.

Yes you could do it... but it makes no sense in a real production deployment.

Unfortunately this is *still* the case with firmware release 10.11.01.0210. I know from experience, because let's just say, "mistakes were made". 🙂 I am hoping Extreme will fix this some day. It's no trouble all for me to configure an TFTP connection with my public IP. It just doesn't work. Also, having an AP stuck in a boot loop is impossible to fix remotely!
What fo i need to do with the controller to gain access to the remote AP?
Userlevel 7
I'm sorry but could you please be more precise - I don't unterstand the question.
Userlevel 5
Hello Carlo,
You need to:
  1. Create a NAT translation / access rule on your firewall to allow UDP traffic from a public IP address to your controller's IP address. For security you should only allow connections from your remote sites (assuming those remote sites have a static IP address).
  2. Plug in your access point at your main site and let it connect to the controller. This will allow it to show up in the AP list so you can change settings. It will also get the newest firmware. As Ron mentioned - you cannot upgrade the AP remotely. It will fail. And whenever you upgrade your controller(s) - you must first pre-load the firmware to those remote AP's before rebooting the controller with the new firmware.
  3. Configure the controller's IP address on the AP to be the public IP you assigned.
  4. Plug in the AP at the site, connect to it with ssh, and manually set the controller IP to the public IP you assigned. Once it connects, it should retain that IP since you configured it in step #3.
That's a lot of steps and may create a lot more questions. You may want to check out this post.

Hopefully that gives you some idea of how things would work.

Reply