Playing around with my new toy 🙂
Just trying to find out what the Controller supports:
Number of APs supported
(Aruba620) #show license-usage ap AP Licenses ----------- Type Number ---- ------ AP Licenses 4 Overall AP License Limit 4 AP Usage -------- Type Count ---- ----- CAPs 0 RAPs 0 Tunneled nodes 0 Total APs 0 Remaining AP Capacity --------------------- Type Number ---- ------ CAPs 4 RAPs 4
Number of Users supported:
(Aruba620) #show license-usage user User License Usage ------------------ Name Value ---- ----- License Limit 256 License Usage 0 License Exceeded 0 License Platform 256
Interesting commands that I know not yet 🙂
(Aruba620) #show license-usage xsec xSec License Usage ------------------ Name Value ---- ----- License Limit 0 License Usage 0 License Exceeded 0 xSec users 0 xSec tunnel 0 (Aruba620) #show license-usage acr ACR License Usage ----------------- Name Value ---- ----- License Limit 0 License Usage 0 License Exceeded 0 802.1x ACR users 0 IPSEC ACR tunnels 0
Install PoE Licence
Configuration -> Wizards -> Licence Wizard.
Disable Control Plane Security so as to allow APs to connect to the Controller automatically. If the feature is Enabled, one has to manually add each of the APs. For a lab setup – we will disable the feature to save time. Disabling this feature allows APs to automatically connect to the Controller.
Configuration > Network > Controller >Control Plane Security
Next we configure VLANs on the controller. We will create the following VLANs:
- VLAN for the APs and Controller Services = Vlan 1 (10.2.221.0/24)
- VLAN for Voice = Vlan 100 (10.10.100.0/24)
- VLAN for the Employee SSID = Vlan 200 (10.10.200.0/24)
- VLAN for the Guest SSID = Vlan 300 (10.10.300.0/24)
Configuration > Network > VLAN > Add New VLAN
Vlan Voice
Employee Vlan
Guest Vlan
Voice, Guest and Management VLANs need DHCP. Enable DHCP and add the pools
ip dhcp pool "Voice-Vlan" default-router 10.10.100.254 lease 1 0 0 0 network 10.10.100.0 255.255.255.0 !
ip dhcp pool "Guest-Vlan" default-router 10.10.30.254 dns-server 4.4.4.4 lease 0 5 0 0 network 10.10.30.0 255.255.255.0 !
ip dhcp pool "AP-Management" default-router 10.2.221.100 dns-server 8.8.8.8 lease 1 0 0 0 network 10.2.221.0 255.255.255.0 !
All the Vlans will use Contoller as the default gateway. we need to add the Controller’s IP addresses.
IP address for the VOIP Subnet
Network > IP > IP Interface
Guest Vlan requires both DHCP and NAT so as to access the internet
interface vlan 300 interface vlan 300 ip address 10.10.30.254 255.255.255.0 ! interface vlan 300 ip nat inside ! interface vlan 300 no bcmc-optimization
Optimally, we would provide a DHCP Server in the Employee network to do the dishing out of IP addresses to the employess, but since I would like to Isolate my Test-Lab, lets also create a DHCP Pool for the Employee Vlan and add IP address to the Interface.
ip dhcp pool "Employee-Vlan" default-router 10.10.200.254 dns-server 10.10.200.2 lease 1 0 0 0 network 10.10.200.0 255.255.255.0 !
interface vlan 200 interface vlan 200 ip address 10.10.200.254 255.255.255.0 ! interface vlan 200 ip nat inside ! interface vlan 200 no bcmc-optimization
Next AP Initial setup wizard.
All APs are in the Local LAN
Hmm, we only found one AP to configure yet there are 4 connected APs.
Consoled into the AP-105 to find out what the issue was. Since my knowledge of Aruba products is close to zero at this point, it took me a while to figure out what exactly i needed to change so as to have the AP associate with the Controller. Anyway, found the catch :). Click the
Maintenance tab > Convert > Campus AP managed by controller
Add the IP address of our contoller
And Walaaah! I see the AP-105 now 🙂
Moving on to the next AP…Console…Connect to Computer …Convert :). Aruba 93..Make me proud 😉
Was able to console using admin/admin
User: admin Password: aruba_ap93# write erase Are you sure you want to erase the configuration? (y/n): y Warning: configuration via CLI is not supported! aruba_ap93 (config) # aruba_ap93 (SSID Profile "instant") # aruba_ap93 (SSID Profile "instant") # aruba_ap93 (SSID Profile "instant") # aruba_ap93 (SSID Profile "instant") # aruba_ap93# Warning: configuration via CLI is not supported! aruba_ap93 (config) # aruba_ap93 (Access Rule "instant") # aruba_ap93 (Access Rule "instant") # aruba_ap93 (Access Rule "instant") # aruba_ap93 (Access Rule "instant") # aruba_ap93 (Access Rule "instant") # aruba_ap93# Warning: configuration via CLI is not supported! aruba_ap93 (config) # aruba_ap93 (config) # aruba_ap93 (config) # aruba_ap93 (config) # aruba_ap93 (ARM) # aruba_ap93 (ARM) # aruba_ap93 (ARM) # aruba_ap93# Erase configuration. aruba_ap93#
Not all is well! AP came up without an IP address and I cannot see the instant wifi so as to configure it 😦
DHCP timed out. Installing default ip. Default IP comes up. ip_time_handler: Got ip and packets on bond0 Started master election 124-0 DHCP timed out. DHCP got ip address. 169.254.212.156 255.255.0.0 Compressing all files in the /etc/httpd directory... Dec 31 16:03:39 udhcpc[864]: send_discover: pkt num 0, secs 0 Dec 31 16:03:39 udhcpc[864]: Sending discover... Done. Starting Webserver bind: Transport endpoint is not connected bind: Transport endpoint is not connected bind: Transport endpoint is not connected bind: Transport endpoint is not connected NTP Server not saved in flash... using default Jan 1 00:03:41 udhcpc[864]: send_discover: pkt num 1, secs 2 ath_hal: module license 'Proprietary' taints kernel. Jan 1 00:03:41 udhcpc[864]: Senath_hal: 0.9.17.1 (ding discover...AR5416 , AR9380, REGOPS_FUNC, PRIVATE_DIAG, WRITE_EEPROM, 11D) ath_rate_atheros: Copyright (c) 2001-2005 Atheros Communications, Inc, All Rights Reserved ath_rate_atheros: Aruba Networks Rate Control Algorithm ath_dfs: Version 2.0.0 Copyright (c) 2005-2006 Atheros Communications, Inc. All Rights Reserved ath_spectrum: Version 2.0.0 Copyright (c) 2005-2006 Atheros Communications, Inc. All Rights Reserved ath_dev: Copyright (c) 2001-2007 Atheros Communications, Inc, All Rights Reserved ath_ahb: 0.9.4.5 (Atheros/multi-bss) ath_pci: 0.9.4.5 (Atheros/multi-bss) wifi0: Base BSSID 24:de:c6:91:ad:c0, 16 available BSSID(s) bond0 address=24:de:c6:c1:1a:dc br0 address=24:de:c6:c1:1a:dc wifi0: AP type AP-93, radio 0, max_bssids 16 wifi0: Atheros 9280: mem=0x10000000, irq=48 hw_base=0xb0000000 Starting FIPS KAT ... Completed FIPS KAT AP rebooted Sat Jan 1 21:07:45 UTC 2000; User reboot shutting down watchdog process (nanny will restart it)... Jan 1 00:03:43 udhcpc[864]: send_discover: pkt num 2, secs 4 Jan 1 00:03:43 udhcpc[864]: Sending discover... <<<<< Welcome to the Access Point >>>>> process `snmpd' is using obsolete setsockopt SO_BSDCOMPAT i am master now (00:04:12) !!! Init ---> Master asap_send_elected_master: sent successfully Useradmin Password: User: admin Password:
Trying a write erase all
aruba_ap93# write erase all Are you sure you want to erase the configuration? (y/n): y Warning: configuration via CLI is not supported! aruba_ap93 (config) # aruba_ap93 (SSID Profile "instant") # aruba_ap93 (SSID Profile "instant") # aruba_ap93 (SSID Profile "instant") # aruba_ap93 (SSID Profile "instant") # aruba_ap93# Warning: configuration via CLI is not supported! aruba_ap93 (config) # aruba_ap93 (Access Rule "instant") # aruba_ap93 (Access Rule "instant") # aruba_ap93 (Access Rule "instant") # aruba_ap93 (Access Rule "instant") # aruba_ap93 (Access Rule "instant") # aruba_ap93# Warning: configuration via CLI is not supported! aruba_ap93 (config) # aruba_ap93 (config) # aruba_ap93 (config) # aruba_ap93 (config) # aruba_ap93 (ARM) # aruba_ap93 (ARM) # aruba_ap93 (ARM) # aruba_ap93# Erase configuration. aruba_ap93# reload
Same thing 😦
Update: Crap! so I have spent the whole morning wondering why nothing seems to work so I have decided to try reset the AP…I really do not understand why it is not acquiring an IP address from the Controller yet the AP 105 and 135 had no problem with DHCP!
Flash: 16 MB PCI: scanning bus 0 ... dev fn venID devID class rev MBAR0 MBAR1 MBAR2 MBAR3 00 00 168c 002a 00002 01 10000004 00000000 00000000 00000000 Net: eth0 Radio: ar9280#0 Hit <Enter> to stop autoboot: 0 apboot> purge Un-Protected 1 sectors .done Erased 1 sectors Writing apboot> save Saving Environment to Flash... Un-Protected 1 sectors .done Erased 1 sectors Writing apboot> boot Checking image @ 0xbf100000
And BANG!!! The AP obtained an IP address 🙂
Getting an IP address... Dec 31 16:01:03 udhcpc[770]: udhcpc (v0.9.9-pre) started Dec 31 16:01:03 udhcpc[770]: send_discover: pkt num 0, secs 0 Dec 31 16:01:03 udhcpc[770]: Sending discover... Dec 31 16:01:05 udhcpc[770]: send_discover: pkt num 1, secs 2 Dec 31 16:01:05 udhcpc[770]: Sending discover... Dec 31 16:01:07 udhcpc[770]: send_discover: pkt num 2, secs 4 Dec 31 16:01:07 udhcpc[770]: Sending discover... Dec 31 16:01:09 udhcpc[770]: No lease, forking to background. Dec 31 16:01:29 udhcpc[860]: send_discover: pkt num 0, secs 0 Dec 31 16:01:29 udhcpc[860]: Sending discover... Dec 31 16:01:30 udhcpc[860]: send_selecting: pkt num 0, secs 0 Dec 31 16:01:30 udhcpc[860]: Sending select for 10.2.221.254... Dec 31 16:01:30 udhcpc[860]: Lease of 10.2.221.254 obtained, lease time 86400 Dec 31 16:01:30 udhcpc[860]: DHCP OPT 43, len: 12, buf: 10.2.221.100 Dec 31 16:01:30 udhcpc[860]: DHCP OPT 43 deleted airwave config ip_time_handler: Got ip and packets on bond0 Started master election 5-0 10.2.221.254 255.255.255.0 10.2.221.100 Compressing all files in the /etc/httpd directory... Done.
Converted the AP 93 to connect to the Controller like the rest of the APs.
And Hurray!
ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 10.2.221.254 255.255.255.0 10.2.221.100 Running ADP...Done. Master is 10.2.221.100 ath_hal: module license 'Proprietary' taints kernel. ath_hal: 0.9.17.1 (AR5416, AR9380, REGOPS_FUNC, PRIVATE_DIAG, WRITE_EEPROM, 11D) ath_rate_atheros: Copyright (c) 2001-2005 Atheros Communications, Inc, All Rights Reserved ath_rate_atheros: Aruba Networks Rate Control Algorithm ath_dfs: Version 2.0.0 Copyright (c) 2005-2006 Atheros Communications, Inc. All Rights Reserved ath_spectrum: Version 2.0.0 Copyright (c) 2005-2006 Atheros Communications, Inc. All Rights Reserved ath_dev: Copyright (c) 2001-2007 Atheros Communications, Inc, All Rights Reserved ath_pci: 0.9.4.5 (Atheros/multi-bss) wifi0: Base BSSID 24:de:c6:91:ad:c0, 16 available BSSID(s) bond0 address=24:de:c6:c1:1a:dc br0 address=24:de:c6:c1:1a:dc wifi0: AP type AP-93, radio 0, max_bssids 16 wifi0: Atheros 9280: mem=0x10000000, irq=48 hw_base=0xb0000000 Starting FIPS KAT ... Completed FIPS KAT AP rebooted Sat Jan 1 00:08:38 UTC 2000; Image Upgrade Successful shutting down watchdog process (nanny will restart it)... <<<<< Welcome to the Access Point >>>>> ~ # ~ #
3 down! One more to go!
Next RAP-3WNP