Wired Intelligent Edge

 View Only

  • 1.  Weird MAS PoE difficulties

    Posted Dec 01, 2015 10:05 AM

    I've had this problem on another S1500 switch, but can't for the life of me figure out why.

    I have a WIFI Vlan and a default VLAN. For ports that I setup on the WIFI VLAN, I do not get POE delivered to the access point. These ports have the same POE profile. Despite this, a web gui dashboard interfaces show these as "disable" when nothing is connected, as opposed to "not drawing power"

    If I move my AP connection from a 114 port to a default port, it lights up right away.

    Here's my config:

    #show conf

#
# Configuration file for ArubaOS
# ArubaOS Version 7.4.1.0 50853
version 7.4
enable secret "8eb7928301522873ebe6a40451664f14df48ef0bd08f47b5a8"
hostname "Security-Aruba"
clock timezone EST -5
location "Building1.floor1"
controller config 4

ip access-list eth validuserethacl
  permit any
!
netservice svc-dhcp udp 67 68
netservice svc-dns udp 53
netservice svc-ftp tcp 21
netservice svc-h323-tcp tcp 1720
netservice svc-h323-udp udp 1718 1719
netservice svc-http tcp 80
netservice svc-https tcp 443
netservice svc-icmp 1
netservice svc-kerberos udp 88
netservice svc-natt udp 4500
netservice svc-ntp udp 123
netservice svc-sip-tcp tcp 5060
netservice svc-sip-udp udp 5060
netservice svc-sips tcp 5061
netservice svc-smtp tcp 25
netservice svc-ssh tcp 22
netservice svc-telnet tcp 23
netservice svc-tftp udp 69
netservice svc-vocera udp 5002
ip access-list stateless allowall-stateless
  any any any  permit
!
ip access-list stateless cplogout-stateless
  user   alias controller sys-svc-https  dst-nat 8081
!
ip access-list stateless dhcp-acl-stateless
  any any svc-dhcp  permit
!
ip access-list stateless dns-acl-stateless
  any any svc-dns  permit
!
ip access-list stateless http-acl-stateless
  any any svc-http  permit
!
ip access-list stateless https-acl-stateless
  any any svc-https  permit
!
ip access-list stateless icmp-acl-stateless
  any any svc-icmp  permit
!
ip access-list stateless logon-control-stateless
  any any svc-icmp  permit
  any any svc-dns  permit
  any any svc-dhcp  permit
  any any svc-natt  permit
!
ip access-list session validuser
  network 169.254.0.0 255.255.0.0 any any  deny
  any any any  permit
!
user-role authenticated
 access-list stateless allowall-stateless
!
user-role denyall
!
user-role denydhcp
!
user-role guest
 access-list stateless http-acl-stateless
 access-list stateless https-acl-stateless
 access-list stateless dhcp-acl-stateless
 access-list stateless icmp-acl-stateless
 access-list stateless dns-acl-stateless
!
user-role logon
 access-list stateless logon-control-stateless
!
user-role preauth
!
!

crypto ipsec transform-set default-boc-bm-transform esp-3des esp-sha-hmac
crypto ipsec transform-set default-rap-transform esp-aes256 esp-sha-hmac


mgmt-user admin root a7cc8a63016987ecf339c58d2ab85f015b4cc57b9a2324c089


ntp server 10.110.138.1

firewall disable-stateful-h323-processing
!
ip domain lookup
!
aaa authentication mac "default"
!
aaa authentication dot1x "default"
!
aaa server-group "default"
 auth-server Internal
 set role condition role value-of
!
aaa profile "default"
!
aaa authentication captive-portal "default"
!
aaa authentication vpn "default"
!
aaa authentication mgmt
!
aaa authentication wired
!
web-server
!
aaa password-policy mgmt
!
traceoptions
!
probe-profile "default"
   protocol icmp
!
qos-profile "default"
!
policer-profile "default"
!
ip-profile
   default-gateway 10.110.138.1
   controller-ip vlan 110
!
mode-button
   enable factory-default
!
interface-profile ospf-profile "default"
   area 0.0.0.0
!
interface-profile pim-profile "default"
!
interface-profile igmp-profile "default"
!
stack-profile
!
ipv6-profile
!
activate-service-firmware
!
aruba-central
!
rogue-ap-containment
!
interface-profile switching-profile "default"
   access-vlan 110
!
interface-profile switching-profile "Upstream-profile"
   switchport-mode trunk
!
interface-profile switching-profile "WIFI-profile"
   access-vlan 114
!
interface-profile tunneled-node-profile "default"
!
interface-profile poe-profile "default"
!
interface-profile poe-profile "device-group-default"
   enable
   poe-priority high
!
interface-profile poe-profile "poe-factory-initial"
   enable
!
interface-profile enet-link-profile "default"
!
interface-profile lldp-profile "default"
!
interface-profile lldp-profile "lldp-factory-initial"
   lldp transmit
   lldp receive
   med enable
!
interface-profile mstp-profile "default"
!
interface-profile pvst-port-profile "default"
!
vlan-profile dhcp-snooping-profile "default"
!
vlan-profile mld-snooping-profile "default"
!
vlan-profile igmp-snooping-profile "default"
   snooping
!
vlan-profile igmp-snooping-profile "igmp-snooping-factory-initial"
   snooping
!
spanning-tree
   mode mstp
!
gvrp
!
mstp
!
lacp
!
poe-management-profile slot "0"
!
vlan "1"
   igmp-snooping-profile "igmp-snooping-factory-initial"
!
vlan "110"
!
vlan "111"
   description "Voice"
!
vlan "112"
   description "MultMedia"
!
vlan "113"
   description "Sodexo"
!
vlan "114"
   description "WIFI"
!
vlan "115"
   description "ServerPrinter"
!
interface gigabitethernet "0/0/0"
!
interface gigabitethernet "0/0/1"
!
interface gigabitethernet "0/0/2"
!
interface gigabitethernet "0/0/3"
!
interface gigabitethernet "0/0/4"
!
interface gigabitethernet "0/0/5"
!
interface gigabitethernet "0/0/6"
!
interface gigabitethernet "0/0/7"
!
interface gigabitethernet "0/0/8"
   switching-profile "WIFI-profile"
!
interface gigabitethernet "0/0/9"
   poe-profile "poe-factory-initial"
   switching-profile "WIFI-profile"
!
interface gigabitethernet "0/0/10"
   poe-profile "poe-factory-initial"
   switching-profile "WIFI-profile"
!
interface gigabitethernet "0/0/11"
   poe-profile "poe-factory-initial"
   switching-profile "WIFI-profile"
!
interface gigabitethernet "0/1/0"
   qos-profile "default"
   switching-profile "Upstream-profile"
!
interface vlan "110"
   ip address 10.110.138.38 255.255.255.0
!
device-group ap
!
interface-group gigabitethernet "default"
   apply-to ALL
   lldp-profile "lldp-factory-initial"
   poe-profile "poe-factory-initial"
!

snmp-server community Zer0t0uchpr0visi0ning view ALL
snmp-server view ALL oid-tree iso included
snmp-server group ALLPRIV v1 read ALL notify ALL
snmp-server group ALLPRIV v2c read ALL notify ALL
snmp-server group ALLPRIV v3 noauth read ALL notify ALL
snmp-server group AUTHPRIV v3 priv read ALL notify ALL
snmp-server group AUTHNOPRIV v3 auth read ALL notify ALL
snmp-server group Zer0t0uchpr0visi0ning v1 read ALL
snmp-server group Zer0t0uchpr0visi0ning v2c read ALL

snmp-server enable trap

process monitor log
end

(Security-Aruba) #


  • 2.  RE: Weird MAS PoE difficulties
    Best Answer

    Posted Dec 02, 2015 03:41 AM

    Kevets,

     

     On S1500-12P box, only 8 ports are PoE capable. Hence you might be seeing issue.

     You mentoned about '114 port to a default port'

     What is 114 port ?

     

    -Vinay

     

     



  • 3.  RE: Weird MAS PoE difficulties

    Posted Dec 02, 2015 09:01 AM

    Well I'll be damned (and highly irritated). Nowhere on the chassis does it indicate 8 powered ports or which ones. And the WebGUI has no complaint when you assign ports 8-11 to a powered profile.

     

    So I'm assuming it's the first 8 ports (0-7) that get PoE?

     

    What I meant by 114 is the VLAN assignment, which was the only difference I could see with the configuration of these ports.

     

    Anyway, thanks for the help!



  • 4.  RE: Weird MAS PoE difficulties

    Posted Dec 02, 2015 09:17 AM
    On all MAS switches, the ports that have an orange number are PoE capable. White numbers are not.

    Sent from Nine


  • 5.  RE: Weird MAS PoE difficulties

    Posted Dec 02, 2015 09:22 AM

    kevets,

     

    Please see the installation guide here:  https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/EntryId/11520/Default.aspx

     

    1500p.png



  • 6.  RE: Weird MAS PoE difficulties

    Posted Dec 02, 2015 09:59 AM

    OK thanks. My bad for not reading the installation guide.



Related Content