This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

I can't seem to make 3rd Party AP work.

I can't seem to make 3rd Party AP work.

Rahman_Duran1
New Contributor III

‎06-26-2015 11:07 AM

Hi,

We have 15 aruba IAP devices which I want to use them as 3. party AP on C5210 controller to utilize internal captive portal.

f69baa6377d749d8bcf1a1b4b86f92d3_RackMultipart20150626-12197-fywjn7-authcp_inline.png



I hook up the esa1 port to the swich and set the vlan tagging. Then I created a wlan on aruba and set it to vlan 60 tagged. Configured all the switches to pass vlan 60 so it can reach controller. I also created a dhcp pool on our dhcp server and configured it so vlan 60 clients use EWC interface ip (10.100.60.2) as their gateway.

So, I tried to connect to aruba but I can't seem to get ip address and connect to wlan. So what is wrong with my setup? Any hint on this is mostly wellcome.

Thanks,

Rahman
0 Kudos
33 REPLIES 33

Rahman_Duran1
New Contributor III
In response to Jason1

‎07-10-2015 12:14 PM

Hi, any update on this? I also wrote on GTAC but nobody answred. Case Number: 01138086
0 Kudos

Rahman_Duran1
New Contributor III

‎07-10-2015 11:16 AM

Hi Jason,

No it doesn't work. Now it is in a state that client can't even get an ip. If I set ip address statically it can't reach its gateway 10.100.60.2 either.

I monitored all the traffic, on dhcp server, on swich and on client.

1. Wireshark on the client shows that client send dhcp discover packages but does not receive any other dhcp reply packages.

2. Dhcp logs and tcpdump capture on dhcp server shows that ewc relays dhcp packages to him via 10.100.60.2 relay interface. So dhcp server gets dhcp discover package and reply with dhcp offer to ewc(10.100.60.2)

3. I mirrored ge.2.43 port of S4 which ewc esa1 connected to another port and watched with wireshark. It shows that ewc sends dhcp offer package to dstmac:client mac address and dstip:255.255.255.255. So it seems EWC config of DHCP Relay is working. But the problem is on client, wireshark shows no dhcp offer packages received. So client send dhcp discover continuously.

4. If I set ip address statically on the client and try to open http://10.100.60.2, wireshark shows that client sends ARP packages and asks "show is 10.100.60.2 tell 10.100.60.100" continuously but never gets a reply. So static ip not working either.

If it makes sense network topology is like this: EWC esa0(default route) connected to S4-ge.2.46(vlan 1 untag). EWC esa1(3.rd party vlan 60 untag) connected to S4-ge.2.43(vlan 60 utag). Client connectted to S4-ge.2.42(vlan 60 untag). dhcp server connected to S4-ge.2.45(vlan 1 untag)

Any suggestion to troubleshoot further is mostly welcome.

I tried different browsers. No portal redirection. Directly connect to internet. If I browse https://10.100.60.2 I get a page "Portal Central". There is logoff session button and get current status button. But no login page. I also tried to use logoff button but it does not get login page either.

Thanks,

Rahman
0 Kudos

Jason1
Extreme Employee

‎07-09-2015 12:02 PM

Hi Rahman,

I am looking into this config change problem through the case you have opened with Brahim.

For the portal redirection, can you check your VNS settings and make sure that the client is "unauthenticated" (grey unlocked icon) and try closing any browsers and re-opening?

If that still does not work can you please try opening the browser and inputting the topology ip: http://10.100.60.2 and seeing if that redirects to the portal. If that is the case, then there is a problem resolving DNS on the 10.100.60.x network.

Thank you,
Jason
0 Kudos

Rahman_Duran1
New Contributor III

‎07-03-2015 06:37 AM

Hi,

So it was a broken patch cord. Now when I plug my laptop to vlan 60 port, I get ip adress from dhcp. But if I use;
Non-auth role:Aruba3rdPartyNonAuth
Auth-role:Aruba3rdPartyAuth
Pre-auth:Aruba3rdPartyNonAuth
I have no internet access and no captive portal redirection. If I use;
Non-auth role:Aruba3rdPartyAuth
Auth-role:Aruba3rdPartyAuth
Pre-auth:Aruba3rdPartyNonAuth
then I connect to internet directly without any captive portal redirection.

Also if I change roles, topologies or VNS config of 3rd party vns there is no problem with controller. Only changing and saving WLAN service of 3rd party VNS broke controller and need a reboot.
0 Kudos

Rahman_Duran1
New Contributor III

‎07-02-2015 04:43 AM

Jason,

I created nonauth role and set as pre-auth role:

bef8b1d6501a47b1866dfa16e00adf41_RackMultipart20150702-11165-1oztenq-nonauth_inline.png



I also disabled authentication on WLAN service for testing. Now I see my laptop with "green lock" But again no traffic pass.

I had controller problem again and had to reboot controller again. When the problem appears, I can access EWC, I can ping all APs, APs shown green on ewc availability report. But on ewc reports all AP statistics are lost and shown as zero. On ewc reports all APs shown as they have zero clients. On ewc clients report connected clients AP column shown as N/A.

Here are some screenshots:

bef8b1d6501a47b1866dfa16e00adf41_RackMultipart20150702-32670-m235zt-problem1_inline.png



bef8b1d6501a47b1866dfa16e00adf41_RackMultipart20150702-7508-2tc4if-problem2_inline.png



bef8b1d6501a47b1866dfa16e00adf41_RackMultipart20150702-22547-1ndkfo3-problem3_inline.png



bef8b1d6501a47b1866dfa16e00adf41_RackMultipart20150702-32517-1xqh1dz-problem4_inline.png



bef8b1d6501a47b1866dfa16e00adf41_RackMultipart20150702-17686-120pn3c-problem5_inline.png



I can delete all the 3. party vns configs and restart from starch if you mean this. But I can't factory reset the ewc and start from beginning.
0 Kudos
GTM-P2G8KFN