This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

I can't seem to make 3rd Party AP work.

I can't seem to make 3rd Party AP work.

Rahman_Duran1
New Contributor III

‎06-26-2015 11:07 AM

Hi,

We have 15 aruba IAP devices which I want to use them as 3. party AP on C5210 controller to utilize internal captive portal.

f69baa6377d749d8bcf1a1b4b86f92d3_RackMultipart20150626-12197-fywjn7-authcp_inline.png



I hook up the esa1 port to the swich and set the vlan tagging. Then I created a wlan on aruba and set it to vlan 60 tagged. Configured all the switches to pass vlan 60 so it can reach controller. I also created a dhcp pool on our dhcp server and configured it so vlan 60 clients use EWC interface ip (10.100.60.2) as their gateway.

So, I tried to connect to aruba but I can't seem to get ip address and connect to wlan. So what is wrong with my setup? Any hint on this is mostly wellcome.

Thanks,

Rahman
0 Kudos
33 REPLIES 33

Jason1
Extreme Employee

‎07-01-2015 06:33 PM

Rahman,

Yes, let me know if that works for you. I have a basic set up on a 4110 with no authentication working (with a client directly connected or connected with a VLAN 20 port) .

I suspect the reason for the EWC misbehaving is some type of forwarding path issue where the reboot clears that until another config change?
Also, is it possible that your VLAN 60 has another route back to the 10.100.x.x network that is on the switch side, and not through the 192.x.x.x esa0 port?
I would recommending deleting and re-configuring from the beginning if possible. If not, then we can take a deeper dive into the configuration if need be. I have not seen that behavior in my lab scenario.

Regards,
Jason
0 Kudos

Rahman_Duran1
New Contributor III

‎07-01-2015 02:09 PM

Thank you Jason for your helps. This seems the missing bit in my config. I will try it and inform you if it works.


Btw, any idea why ewc misbehave and need a reboot as I described?
0 Kudos

Jason1
Extreme Employee

‎07-01-2015 12:40 PM

Rahman,

I don't think you can ping the 10.100.60.2 address because your clients are not authenticated. On my client report, there is a "green lock" denoting authentication. (Similar to the Apple device on eduroam with the 172.x.xx. address) On your list, I see the clients have a grey "unlocked" icon.

Can you disable authentication temporarily to test?

For an Internal Captive Portal deployment, you will want a Non-Auth Role (similar to the screen shot below, referenced in the knowledgebase link in my original post)

67b4559b7fdd4563b197b0d02d0e806f_RackMultipart20150701-30556-a0u5ui-3rd_Party_Non-Auth_inline.jpg



Regards,
Jason
0 Kudos

Rahman_Duran1
New Contributor III

‎07-01-2015 09:01 AM

here clients with more columns:

1ec98d687a8f4dc992ceca5b7cb02162_RackMultipart20150701-5143-1557haf-clients_inline.png

0 Kudos

Rahman_Duran1
New Contributor III

‎07-01-2015 08:56 AM

It is the same as what Jason posted. Here all the screenshots

f8508dc543794b319de86238c89310a5_RackMultipart20150701-9512-72mowu-vns_inline.png

:

f8508dc543794b319de86238c89310a5_RackMultipart20150701-3716-ys8dph-wlan-service-1_inline.png


f8508dc543794b319de86238c89310a5_RackMultipart20150701-10832-1pljwdw-wlan-service-2_inline.png


f8508dc543794b319de86238c89310a5_RackMultipart20150701-16888-mp00mz-role-1_inline.png


f8508dc543794b319de86238c89310a5_RackMultipart20150701-14741-7gski4-role-2_inline.png


f8508dc543794b319de86238c89310a5_RackMultipart20150701-17925-en9inq-topology_inline.png


0 Kudos
GTM-P2G8KFN