cancel
Showing results for 
Search instead for 
Did you mean: 

Users connected via rfs are unable to ping internet or gateway

Users connected via rfs are unable to ping internet or gateway

Nilac
New Contributor II

Hello,

I have the following scenario.

Wireless windows 10 client >>Extreme AP621 >> Extreme controller NX5500 version 5.9.4.0-020R >> Meraki firewall
Problem.
I have created a vlan on Meraki (vlan 22) with ip 192.168.22.1. Controller is directly connected into a access vlan on Meraki vlan 22.
Users are able to connect to ssid, but are unable to ping gateway or internet.

 

Controller config

NX5500#sh run
!
! Configuration of NX5500 version 5.9.4.0-020R
!

wlan 22
 ssid "test"
 vlan 22
 bridging-mode local
 encryption-type ccmp
 authentication-type none
 wpa-wpa2 psk 0 XXXXXXXXX
!
wlan work
 ssid work
 vlan 1
 bridging-mode local
 encryption-type ccmp
 authentication-type none
 wpa-wpa2 psk 0 XXXXXXXXX


nx5500 xxxxxxxxxxxxxxxxxx
 use profile default-nx5500
 use rf-domain xxxxxx
 hostname NX5500Secondary
 ip default-gateway 192.168.12.1
 interface vlan1
  ip address 192.168.12.3/24
 cluster name Cluster
 cluster mode standby
 cluster member ip 192.168.12.2
 cluster member ip 192.168.12.3
!
nx5500 XXXXXXXXXXXXXXXXXXXX
 use profile default-nx5500
 use rf-domain xxxxxxxxx
  ip default-gateway 192.168.12.1
 interface ge2
  switchport mode access
  switchport access vlan 22
 interface vlan1
  ip address 192.168.12.2/24
 interface vlan22
  description "test"
  ip address 192.168.22.2/24
 cluster name Cluster
 cluster mode active
 cluster member ip 192.168.12.2
 cluster member ip 192.168.12.3

ap7522 XXXXXXXXXXX
 use profile anyap-XXX-SITE
 use rf-domain XXXX
 hostname AP1
 interface vlan1
  ip address 192.168.12.10/24

 

1 ACCEPTED SOLUTION

Nilac
New Contributor II


Thank you very much Christoph for you`re detailed answer. I will schedule a maintainance hour to set things up.
5 stars for you`re profesionalism!

View solution in original post

6 REPLIES 6

Nilac
New Contributor II


Thank you very much Christoph for you`re detailed answer. I will schedule a maintainance hour to set things up.
5 stars for you`re profesionalism!

Christoph_S
Extreme Employee

Hello Nilac,

Let's address one thing at a time:

VLAN22

This is the VLAN that is mapped to the WLAN. The NX knows about it but the APs don’t seem to have it configured per what I see above. 

1 - On the NX5500 and in profile anyap-TEST-SITE configure VLAN 22

#conf t

#profile anyap-TEST-SITE

#interface vlan 22

2 - Allow said vlans through the ge 1 port

#..

#Interface ge 1

#switchport mode trunk

#switchport trunk allowed vlan 1,22

#com wr

3 - If the wireless clients are assigned static IP addresses add the DGW and DNS IP addresses to the AP profile however if they are pulling DHCP IP addresses, this information will be provided by the DHCP server to the wireless clients and you won’t need to do anything else. 

4 - Make sure that VLANs 1 and 22 are also allowed through the switchports the APs are connected to. 

I hope this helps

 

Christoph

 

Christoph S.

Nilac
New Contributor II

Dear Christpher,

Thank you for youre paticence, please bear with me a little bit.
I am pretty new with Extreme equipments.

This is what i have now:

ap7522 XXX
 use profile anyap-TEST-SITE
 use rf-domain TEST
 hostname AP58
 interface vlan1
  ip address 192.168.12.58/24
  no ip dhcp client request options all

profile anyap anyap-TEST-SITE
 no autoinstall configuration
 no autoinstall firmware

auto-provisioning-policy TEST
 adopt anyap precedence 10 profile anyap-TEST-SITE rf-domain TEST any

--------
I don`t want to affect users from vlan1, this is a working critical enviroment.

I want to do this individually. Should i go under each AP and set :
ip default-gateway 192.168.22.1
ip dhcp client request options all  ?
Access points use static ip address, but clients are using dhcp.

Nilac
New Contributor II


Dear Christopher, thank you for you`re answer. So do i have to configure the port from the switch where the Access point is connected from access (vlan 1) to trunk with vlan 1 and 22?

Or should i need to make modifications on the RFS aswell on the AP config.

GTM-P2G8KFN