Hewlett Packard Enterprise aruba Скачать руководство пользователя страница 31 | Manualshive

Страница: 31 / 41

Hewlett Packard Enterprise aruba Скачать руководство пользователя страница 31

Wireless Client Connections |

31

1.

Check the Role Assigned to Client

2.

Check if Client Can Reach the Gateway IP

3.

Check the Firewall Rules of the User Role

Check the Role Assigned to Client

Run the

show clients

command to view clients connected to the AP and verify if the client has inherited

the desired role. For SSIDs with a captive portal, ensure that the client has completed authentication and is
assigned a post auth role.

Check if Client Can Reach the Gateway IP

Routing errors may prevent the client from passing traffic in the network. Ping the default gateway
IP address from the client and check the ping information. If the ping to the default gateway IP address fails,
check the routing profile of the AP.

Check the Firewall Rules of the User Role

Check if the firewall rules of the user role allow the user to pass the desired traffic.

The following procedure describes how to check firewall rules for a user role:

1. Run the

show datapath user

command to view the datapath information of clients connected to

the access point.

2. Identify the ACL number assigned to the client from the

ACLs

column of the

Datapath User Table

Entries

table.

3. Check the access control entries in the ACL using the

show datapath acl <acl number>

command.

4. Verify if the ACL rules are configured to allow the desired traffic.

Wireless Client Fails 802.1X Authentication

The following procedure describes how to troubleshoot issues, if the wireless client fails 802.1X
authentication:

1.

Check Authentication Process Logs on the AP

2.

Check the Status of the RADIUS Server

3.

Debug the RADIUS Packets of the Client

Check Authentication Process Logs on the AP

Check the authentication logs to view and identify errors in the authentication process between the client,
the AP, and the radius server.

Run the

show ap debug auth-trace-buff <MAC address>

command to view the authentication process

logs between the client and the AP. Use the MAC address of the client to filter packets specific to a client.
Any error in the authentication process will be displayed in the output.

Check the Status of the RADIUS Server

Ping the RADIUS server from the AP or run an authentication server test for the RADIUS server.

Run the

aaa test-server

command to the test the authentication server. The following command syntax is

used to test the RADIUS server:

«
...
29
30
31
32
33
...
»

Содержание aruba

Страница 1: ...Aruba Instant AP Troubleshooting Guide Troubleshooting Guide...

Страница 2: ...machine readable copy of the source code corresponding to such code is available upon request This offer is valid to anyone in receipt of this information and shall expire three years following the d...

Страница 3: ...a Central 22 Instant APs Managed by AirWave 23 AP Fails to Connect to AirWave 23 AP Fails to Receive Configurations From AirWave 24 AP Fails to Download Software Image From AirWave 25 AP Fails to Down...

Страница 4: ...Revision History 4 Revision History The following table lists the revisions of this document Revision Change Description Revision 01 Initial release Table 1 Revision History...

Страница 5: ...Documents In addition to this document the Instant AP product documentation includes the following n Aruba AP Software Quick Start Guide n Aruba Instant Access Point Installation Guides n Aruba Instan...

Страница 6: ...hout this guide Indicates helpful suggestions pertinent information and important things to remember Indicates a risk of damage to your hardware or loss of data Indicates a risk of personal injury or...

Страница 7: ...orth American Telephone 1 800 943 4526 Toll Free 1 408 754 1200 International Telephone arubanetworks com support services contact support Software Licensing Site lms arubanetworks com End of life Inf...

Страница 8: ...ctivate 1 Check the Uplink of the AP 2 Check the Status of Activate Connection 3 Check if Access to Activate Server is Allowed in the Network Firewall Check the Uplink of the AP Ensure that the AP has...

Страница 9: ...ate connection information of the AP generated by the show activate status command Instant AP show activate status IAP MAC Address 90 4c 81 c3 28 1e IAP Serial Number USGHK514D1 Cloud Activation Key A...

Страница 10: ...Check if the AP has AirWave IP Configured APs will not use DHCP options for provisioning if AirWave IP is configured as AirWave configuration takes precedence over DHCP options Run the show summary c...

Страница 11: ...Received a Provisioning Rule The Set Me Up SSID is disabled automatically when the AP receives a provisioning rule from Activate AirWave or DHCP server Run show summary command to view the configurati...

Страница 12: ...180 Internet check timeout secs 10 ICMP pkt sent 0 ICMP pkt lost 0 Continuous pkt lost 0 VPN down time 0 AP1X type NONE Certification type NONE Validate server NONE Connect to the SSID Using a Differ...

Страница 13: ...the auto join setting of the cluster generated by the show allowed aps command Conductor AP show allowed aps Allow New APs disable AP Whitelist MAC Address 90 4c 81 c3 28 1e 90 4c 81 cf 77 34 Check if...

Страница 14: ...rk Configuration Action Networks with a DHCP server Ensure that the DHCP server has enough IP addresses for new APs Check the lease period of the IP addresses Conductor AP defined with a static IP Ass...

Страница 15: ...d no Factory default status no Source of system time Image file Config load cnt 1 VC Channel index 1 IDS Client Gateway Detect yes Config Init success cnt for heartbeat 0 Config Init success cnt for r...

Страница 16: ...Aruba Instant AP Troubleshooting Guide 16 Type of Mismatch Cause Log Event NOTE In the event of a regulatory domain mismatch or OEM mismatch the member AP cannot be provisioned in a cluster...

Страница 17: ...details of Aruba Central server Check the Aruba Central Status to identify the state of Central connection The status is displayed as Login_done for successful connections All other status imply that...

Страница 18: ...AP provisioning logs indicate issues faced by the AP when connecting to Activate or Central The following are possible errors that could occur in Activate or Central connections Error Cause Resolutio...

Страница 19: ...Central server at internal central arubanetworks com Thu Apr 23 10 42 03 2020 Activate In progress Attempting provisioning via Activate server device arubanetworks com Thu Apr 23 10 42 03 2020 Centra...

Страница 20: ...has received configurations and a FALSE state implies that the AP has not received configurations The sample below displays the Central connection status generated by the show ap debug cloud server c...

Страница 21: ...s defined for the AP group Verify the Configurations Received from Central Run the show ap debug cloud config received command in the CLI of the AP to view configurations received from Central Verify...

Страница 22: ...initiated the download process Run the show upgrade command in the CLI of the AP to view the status of software upgrade If the AP fails to initiate the download there is an error between the AP and t...

Страница 23: ...tials Organization String Shared Key and the IP address of the AirWave server are entered correctly on the AP Check if the AP is Connected to AirWave Run the show ap debug airwave command in the CLI o...

Страница 24: ...mple below displays details of the AirWave server generated by the show ap debug airwave command Airwave Server List Domain IP Address Type Mode Config only Rapids mode Status 1 1 1 1 Primary Manage N...

Страница 25: ...ded to AirWave in the Device Setup Upload Firmware Files page of the AirWave webUI The AirWave operation mode for the AP must be Manage mode or Allow firmware upgrades in monitor only mode must be ena...

Страница 26: ...The sample below displays details of the AirWave server generated by the show ap debug airwave command Airwave Server List Domain IP Address Type Mode Config only Rapids mode Status 1 1 1 1 Primary M...

Страница 27: ...rsion 2 Serial Number 3D Issuer CN Aruba345 CNFDK5143Q ST California O Aruba Networks OU Instant C US Subject CN securelogin arubanetworks com L Sunnyvale ST California O Aruba Networks OU Instant C U...

Страница 28: ...heck the Authentication Message Exchange Between the AP and Client Check the SSID Configuration of the Wireless Network The SSID settings must be defined to support the desired clients The following a...

Страница 29: ...28 1e show ap bss table Aruba AP BSS Table bss ess port ip phy type ch EIRP max EIRP cur cl ap name in t s tot t flags 90 4c 81 b2 81 e1 test 10 16 21 2 g HT ap 11 10 2 26 2 0 90 4c 81 c3 28 1e 0 20m...

Страница 30: ...the Client Before troubleshooting ensure that the client is connected to the AP Check the VLAN Settings of the Network Incorrect VLAN settings can stop the client from getting an IP address Perform t...

Страница 31: ...ber assigned to the client from the ACLs column of the Datapath User Table Entries table 3 Check the access control entries in the ACL using the show datapath acl acl number command 4 Verify if the AC...

Страница 32: ...thentication Check Authentication Process Logs on the AP Check the authentication logs to view and identify errors in the authentication process between the client and the AP Run the show ap debug aut...

Страница 33: ...browser and navigate to Network Monitor 2 Input a URL in the address bar and press Enter 3 Click on the URL entry in the Network Monitor and check the header messages exchanged between the web server...

Страница 34: ...debug auth trace buff MAC address command to view the authentication process logs between the client and the AP Use the MAC address of the client to filter packets specific to a client Any error in t...

Страница 35: ...ible for clients to join the network Ensure that Hide and Disable options are disabled in the SSID settings n Operating radio bands The SSID must be broadcasted on the RF bands supported by the client...

Страница 36: ...nk connection of the AP is DOWN resolve the issue with the AP uplink before continuing the troubleshooting process The sample below displays information of the uplink connection of the AP generated by...

Страница 37: ...ofile AP Changes Radio Channel Frequently The following procedure describes how to troubleshoot issues if the AP changes radio channel frequently 1 Check if Client Aware is Enabled 2 Check the ARM Cha...

Страница 38: ...2 4G NO40INT 40MHz intol cleared on 2 4G OFF R Turn off Radio due to Radar OFF MA Turn off Radio due to Mode Aware ON Turn on Radio D Dynamic Bandwidth Switch AIRMATCH AirMatch Event I CCA Interferen...

Страница 39: ...11a 80MHz indoor 36 48 52 64 100 112 116 128 132 144 149 161 802 11a 80MHz outdoor 36 48 52 64 100 112 116 128 132 144 149 161 802 11a 160MHz indoor 36 64 100 128 802 11a 160MHz outdoor 36 64 100 128...

Страница 40: ...mesh cluster configuration command Instant AP show mesh cluster configuration Mesh cluster name mesh_clusterl Mesh cluster key Manual Check the Extended SSID Settings of the APs Ensure that Extended...

Страница 41: ...al AP has an Ethernet uplink connection Check the RF Environment of the Mesh APs APs in a mesh cluster must have overlapping RF environments to establish mesh links Run the show ap mesh neighbor comma...

Отзывы:

Нет отзывов