Wireless Access

 View Only

  • 1.  Wireless Virtual Controller and VLAN's.

    Posted Sep 22, 2020 11:25 AM

    Hey all, I apologize if this is in the wrong section.

     

    I am struggling with a problem that involves VLAN's and the new wireless infrastructure. Internet connectivity is currently stable on only one VLAN (voice vlan). The other VLAN's either have very unstable internet connectivity or nothing at all. They receive DHCP addresses without a problem.

    Here is a brief overview of the network.

     

    Fortigate 40F (192.168.22.1) at the Edge. Aruba 2930F(192.168.22.254) as the Layer 3 switch + inter-vlan routing. 2530's as access layer switches. Aruba 303 wireless AP's with a virtual controller. Windows Server doing DHCP (192.168.22.5)

     

    I have a handful of VLAN's configured on the 2930F and the 2530's. The VLAN's I have are: 

    192.168.22.0/24 (MGMT/VLAN 1)

    192.168.25.254/24 (Students/VLAN 250)

    192.168.20.254/24 (Internal-Wireless/VLAN 200)

    172.31.30.254/24 (VOIP)

     

    The VOIP vlan works with no issues. Can get out to the internet, make calls to other phones, etc. However, the other VLAN's which are mainly for wireless devices will not get internet or have a very unstable connection. Is there a setting that I need to configure in the virtual controller? The ports that the access points are connected to have the appropriate VLAN's tagged to them. 

     

    I can post switch configs if needed. 

     

     

     

     



  • 2.  RE: Wireless Virtual Controller and VLAN's.

    Posted Sep 23, 2020 09:34 AM

    Without the switch configurations and a description of what is connected where, it will indeed be hard to say anything about this.



  • 3.  RE: Wireless Virtual Controller and VLAN's.

    Posted Sep 23, 2020 10:42 AM

    The Aruba 2930F is connected to the Fortigate on Port 1. Our ESXi server is also connected to this switch on ports 2-6. Uplinks to other switches are on ports 24-25. 

     

    ; JL261A Configuration Editor; Created on release #WC.16.09.0012
    ; Ver #14:27.6f.f8.1d.9b.3f.bf.bb.ef.7c.59.fc.6b.fb.9f.fc.ff.ff.37.ef:04
    hostname "ga-mdf-sw1"
    module 1 type jl261a
    timesync ntp
    ntp unicast
    ntp server 192.168.22.5 iburst
    ntp enable
    time daylight-time-rule continental-us-and-canada
    time timezone -360
    ip default-gateway 192.168.22.1
    ip dns server-address priority 1 192.168.22.5
    ip route 0.0.0.0 0.0.0.0 192.168.22.1
    ip routing
    snmp-server community "public" unrestricted
    vlan 1
    name "internal-lan"
    no untagged 6,11-12,20
    untagged 1-5,7-10,13-19,21-28
    ip address 192.168.22.254 255.255.255.0
    ipv6 enable
    ipv6 address autoconfig
    ipv6 address dhcp full
    exit
    vlan 200
    name "internal-wireless"
    tagged 1,6-8,12-14,18,21-25
    ip address 192.168.20.254 255.255.255.0
    ip helper-address 192.168.22.5
    exit
    vlan 250
    name "lab"
    tagged 1-4,7,14,18,21-25
    ip address 192.168.25.254 255.255.255.0
    ip helper-address 192.168.22.5
    exit
    vlan 370
    name "voice"
    untagged 6,11-12,20
    tagged 1,5,7-10,13-19,21-28
    ip address 172.31.30.254 255.255.255.0
    ip helper-address 192.168.22.5
    voice
    exit
    vlan 400
    name "cameras-iot"
    tagged 1,24-25
    ip address 10.25.250.254 255.255.255.0
    ip helper-address 192.168.22.5
    exit



  • 4.  RE: Wireless Virtual Controller and VLAN's.

    Posted Sep 23, 2020 11:57 AM

    Here's my 2930F config. The 2930F is connected to the Fortigate on Port 1. Access switches are uplinked on ports 24-25, and our ESXi host is connected to ports 2-6 I believe (will have to double check). 

    ; JL261A Configuration Editor; Created on release #WC.16.09.0012
; Ver #14:27.6f.f8.1d.9b.3f.bf.bb.ef.7c.59.fc.6b.fb.9f.fc.ff.ff.37.ef:04
hostname "ga-mdf-sw1"
module 1 type jl261a
timesync ntp
ntp unicast
ntp server 192.168.22.5 iburst
ntp enable
time daylight-time-rule continental-us-and-canada
time timezone -360
ip default-gateway 192.168.22.1
ip dns server-address priority 1 192.168.22.5
ip route 0.0.0.0 0.0.0.0 192.168.22.1
ip routing
snmp-server community "public" unrestricted
vlan 1
   name "internal-lan"
   no untagged 6,11-12,20
   untagged 1-5,7-10,13-19,21-28
   ip address 192.168.22.254 255.255.255.0
   ipv6 enable
   ipv6 address autoconfig
   ipv6 address dhcp full
   exit
vlan 200
   name "internal-wireless"
   tagged 1,6-8,12-14,18,21-25
   ip address 192.168.20.254 255.255.255.0
   ip helper-address 192.168.22.5
   exit
vlan 250
   name "lab"
   tagged 1-4,7,14,18,21-25
   ip address 192.168.25.254 255.255.255.0
   ip helper-address 192.168.22.5
   exit
vlan 370
   name "voice"
   untagged 6,11-12,20
   tagged 1,5,7-10,13-19,21-28
   ip address 172.31.30.254 255.255.255.0
   ip helper-address 192.168.22.5
   voice
   exit
vlan 400
   name "cameras-iot"
   tagged 1,24-25
   ip address 10.25.250.254 255.255.255.0
   ip helper-address 192.168.22.5
   exit

     



Related Content