Wireless Access

 View Only

  • 1.  Does Remote AP (Bridge Mode) Drop RTSP Packet ?

    Posted Jul 19, 2020 07:09 AM

    I have a camera connect to a remote ap (Bridge) via vlan 80, IP 10.10.80.112.

    NVR in the same network 10.10.80.253.

     

    They can ping, telnet each other, but RTSP is fail.

     

    I execute command below,

    show datapath session ap-name ap | include 10.10.80

     

    Get info below

    F - fast age, D - deny, Y - no syn, C - client

    10.10.80.253 10.10.80.112 6 33788 554 0 0 0 0 dev3 2a00 -- -- FDYC 0

     

    It seems like RTSP packet was drop by AP.

     

    Is any feature i miss it ?



  • 2.  RE: Does Remote AP (Bridge Mode) Drop RTSP Packet ?
    Best Answer

    Posted Jul 19, 2020 07:32 AM

    In the AP system profile, there is an ap-uplink-acl parameter that decides what traffic can be initiated from outside of a RAP to clients on a RAP.  RAP clients can initiate any traffic outbounds, but the acl decides what traffic can be sent to an AP unsolicited.  By default, this is what that ACL contains:

     

    ip access-list session ap-uplink-acl
    any any udp 68 permit
    any any svc-icmp permit
    any host 224.0.0.251 udp 5353 permit
    ipv6 any any udp 546 permit
    ipv6 any any svc-v6-icmp permit
    ipv6 any host ff02::fb udp 5353 permit

     

    See if that ACL is your issue.



  • 3.  RE: Does Remote AP (Bridge Mode) Drop RTSP Packet ?

    Posted Jul 19, 2020 07:43 AM

    Thank you, The answer is correct.

     

    ap-uplink-acl is default acl apply on RAP, even did'nt show on the config.

     

    I try adding "any any any permit" and problem solve, thanks again.

     

    ############### Update ###############

    Using the acl rule example below , would be better than any any permit.

    (Aruba) ^[mm] (config-submode)#show configuration pe
    ip access-list session ap-uplink-acl
    host 10.10.80.253 network 10.10.80.0 255.255.255.0 tcp 554 permit position 3



Related Content