Problems with disconnected AP's / Tunnel down

  • 22 January 2015
  • 7 replies
  • 375 views

We have a customer with a Enterasys WLAN setup, including two C4110 and approx. 80 AP's of the model 3710. SW running is 08.21.04.0024.

The WLC's are located in a Datacenter and connected to six different Branch offices.
In the last few weeks we have some issues with some AP's in different locations:

The customer reports, that WLAN is not working. When we check the WLC, we see that the AP is connected, but the tunnel is not working properly and the radio interfaces are not sending out.

Earlier we could resolve the issue by setting/releasing admin mode, rebooting a few times, on/off transmit power, request channels -> after doing this irregularly for a few times, the AP's came up again. But now even this won't work anymore for two of them.

The AP is available via SSH, it's able to ping the WLC's and vice-versa. It's also correctly authenticating on the WLC according to the log-messages, but the radio simply won't go up.







Is there any known workaround for this? We already tried once to replace the affected AP on one location, without any success. Simply doing the reboot process over and over again helped until now. The affected AP's are always different - sometimes one of a branch, sometimes two, but there is no recognizable pattern for the occurrence. In this case it's a bit dramatic, because the customer has only one AP at the location, which is used for some scanners that are now not working any more.

I hope someone has an idea :/

Thanks in advance & BR,
Xiro

7 replies

Userlevel 7
Hello Xiro,

I would suggest you contact the GTAC for assistance. There are a few things we can look at but for the sake of time it would be best to setup a remote session with one of our Wireless TSE's so they can review the state of wireless system.

http://www.extremenetworks.com/support/contact

Doug Hyde
Userlevel 1
Try reducing the AP's Tunnel-MTU size to 1300.
We found out that the default of 1500 is often a problem for AP37xx in branch-offices / remote-sites.



Let me know if that helps!

Best regards,
Kai
Userlevel 2
Try reducing the AP's Tunnel-MTU size to 1300.
We found out that the default of 1500 is often a problem for AP37xx in branch-offices / remote-sites.



Let me know if that helps!

Best regards,
Kai
Great advice!

I had some problem with connecting APs at branchs with the backup tunnel. But after reducing the MTU to 1300 both tunnels go up

Thanks
Husam
Hi Kai,

thank you for the great advice, it helped instantly!

Thumbs up!
Hoping someone is still montoring this. But i have a similar issue except that I cannot get the AP to show as active at all. I registered it with the controller andt then shut it down and sent it out to the remote office.It will not show up even though i can ping it from the controller and can ping the controller for the same subnet that the AP is now on (did not think to turn on SSH). Will this MTU fix only if it can talk to the AP still? Or is changing the MTU only changing a controller side setting?

I hope this make sense.
Thanks in advance,
Phil
Userlevel 7
Is it across a nat'd interface or through a VPN?
Userlevel 7
if the AP isn't connected to the controller ssh (telnet for old APs) is enabled for troubleshooting by default,
So from the controller ssh/telnet to the AP and set the controller address with
cset authip 1 X.X.X.X
capply
csave

Before you do that enable all logs on the controller GUI > Controller > Logs > System Log Level > set it to infromational

If you have a MTU problem the log will look like the first screenshot in this post.
That is the last message for a successful tunnel connection setup is missing = "Blacklist successfully sent to Wireless APXXXXXXX"

If you now set the MTU to 1300 it should work.

Reply