Hi,
We have 15 aruba IAP devices which I want to use them as 3. party AP on C5210 controller to utilize internal captive portal.
I hook up the esa1 port to the swich and set the vlan tagging. Then I created a wlan on aruba and set it to vlan 60 tagged. Configured all the switches to pass vlan 60 so it can reach controller. I also created a dhcp pool on our dhcp server and configured it so vlan 60 clients use EWC interface ip (10.100.60.2) as their gateway.
So, I tried to connect to aruba but I can't seem to get ip address and connect to wlan. So what is wrong with my setup? Any hint on this is mostly wellcome.
Thanks,
Rahman
We have 15 aruba IAP devices which I want to use them as 3. party AP on C5210 controller to utilize internal captive portal.
I hook up the esa1 port to the swich and set the vlan tagging. Then I created a wlan on aruba and set it to vlan 60 tagged. Configured all the switches to pass vlan 60 so it can reach controller. I also created a dhcp pool on our dhcp server and configured it so vlan 60 clients use EWC interface ip (10.100.60.2) as their gateway.
So, I tried to connect to aruba but I can't seem to get ip address and connect to wlan. So what is wrong with my setup? Any hint on this is mostly wellcome.
Thanks,
Rahman
Thank you Jason, but I can't make it work. Can you also share pre-authenticated role?
I setup every thing as shown here except I used same role for pre-auth role.
Here is how topology filter page looks:
I plug my laptop to the switch with vlan 60. I can't get ip address. I configured static ip 10.100.60.100 on laptop with gateway 10.100.60.2 but I can't even ping 10.100.60.2. I can ping 10.100.60.2 from different subnets so routing seems to work. Even wierd I can see my laptop and switch port mac addresses on clients reports:
Also there is something really wrong here. When I make changes on 3rd party vns setting and save it, all the other vns clients lose connection. When they scan wifi all ssid show up and disappear continuously and new users can't connect. There is no log about any error on EWC. Only rebooting EWC solves this situation.
So I fear to make any furter changes as it affects all users.
I setup every thing as shown here except I used same role for pre-auth role.
Here is how topology filter page looks:
I plug my laptop to the switch with vlan 60. I can't get ip address. I configured static ip 10.100.60.100 on laptop with gateway 10.100.60.2 but I can't even ping 10.100.60.2. I can ping 10.100.60.2 from different subnets so routing seems to work. Even wierd I can see my laptop and switch port mac addresses on clients reports:
Also there is something really wrong here. When I make changes on 3rd party vns setting and save it, all the other vns clients lose connection. When they scan wifi all ssid show up and disappear continuously and new users can't connect. There is no log about any error on EWC. Only rebooting EWC solves this situation.
So I fear to make any furter changes as it affects all users.
Hello Rahman,
You will want to create a Virtual Network Service (VNS), Role and WLAN service in addition to the physical 3rd Party Topology.
I created the Topology, then Role, then the WLAN Service and then the VNS.
Map the VNS to the WLAN Service and Role to allow traffic.
I have this working with a similar setup as your VLAN 60, with a local DHCP server.
Regards,
Jason
You will want to create a Virtual Network Service (VNS), Role and WLAN service in addition to the physical 3rd Party Topology.
I created the Topology, then Role, then the WLAN Service and then the VNS.
Map the VNS to the WLAN Service and Role to allow traffic.
I have this working with a similar setup as your VLAN 60, with a local DHCP server.
- In my setup I have a mgmt IP of 120.120.120.179/16 on esa0 (Port1) and the 3rd Party AP Topology is 20.20.20.1/24 on esa2 (Port3). As you and Ron discussed, I have a route set up to get back to the topology: 20.20.20.0/24 120.120.120.179
- The Role is configured as a Contain to VLAN (for use with a Captive Portal). Make sure that the AP Filter box in the Policy Rules tab is unchecked, since we are filtering at the EWC.
- Once that is set up, you will see any clients that get an IP in the Active Clients by VNS.
- You shouldn't need the IP address of the AP, the mac address can be added by itself, as you will see in the screen shots that follow.
Regards,
Jason
