rough start of semester on 9800-80 WLCs

Just sending a heads up in case anyone else hits these. This was our first semester with a full campus since moving everything over to our 9800-80 pairs. They've been in production for much of the past 12 months and the performance was fine when campus was empty. Under load was another

RE: rough start of semester on 9800-80 WLCs

Just to clarify - is that 17.4.4 or 17.3.4? Don Sullivan Network Administrator Technology Services 205-726-2111 | office dsulli...@samford.edu LinkedIn www.samford.edu 800 Lakeshore Drive Birmingham, AL

Re: [WIRELESS-LAN] Websites inaccessible from wireless network - Aruba

Not seeing that issue here. We are on 8.7.1.4 (aruba-controller-1) #show datapath session | include 35.186.224.25 35.186.224.25 138.236.104.67 6443 64918 0/0 01 1 tunnel 6347 3cc 30750335 15 138.236.82.47 35.186.224.25 657491 443

Cisco WLC 5508 software recommendations

We are looking to upgrade our pair of 5508 controllers from the current version, 8.5.151.0. We cannot move beyond the 8.5 code as we are still using some older 3500 access points. I have seen many comments regarding versions of code to avoid, but was looking to see what versions the group has

Websites inaccessible from wireless network - Aruba

Hi All, Since last Monday we have seen a couple of different websites being blocked on our Aruba wireless controllers. Spotify has been one of the sites, as well as all websites hosted on IP 23.185.0.1 (which is our main institution website - denison.edu). We can confirm that this is being

RE: rough start of semester on 9800-80 WLCs

Oh yes good catch! Yes it should be 17.3.4. From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Sullivan, Don Sent: Tuesday, September 7, 2021 10:37 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] rough start of semester on 9800-80 WLCs Just to

RE: [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from wireless network - Aruba

With 8.6.0.9, no issues. (Aruba7220-MC-05) *#show datapath session | include 35.186.224.25 35.186.224.25 172.16.122.193 6443 58612 0/0 024 3 tunnel 2306 a5 69 11747 17 172.16.126.14335.186.224.25 665364 4430/0 024 0

RE: Cisco WLC 5508 software recommendations

So far so good with 8.5.171.0 on 8540s and a variety of APs. Eric Glinsky Network Administrator University of Connecticut ITS - Network Operations Temporary Administration Building 25 Gampel Service Drive | Storrs, CT 06269-1138 (860) 486-9199 e...@uconn.edu From: The

Re: [WIRELESS-LAN] [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from wireless network - Aruba

So. sigh! It seems like an end client either statically or for some unknown reason got assigned the IP address for these websites. The role that the client was assigned had a policy to "deny" traffic to the internet (as per design). The part that we did not know was that when a client is

RE: rough start of semester on 9800-80 WLCs

Chad, Sorry to hear about the issues you ran into. We also started the semester with 9800-80s, but we chose to go with 17.3.4. Things went well for most of the day on the first day of classes, except for a single controller crash after business hours. Cisco has identified this as a bug on the

Re: [WIRELESS-LAN] [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from wireless network - Aruba

Check your valid user table config to make sure you only allow the IP ranges your DHCP server would give a wireless client. Otherwise, you can end up with user table entries for destination IP's and then those IP's get policed by the controller as you were seeing. Aruba default for that config

PoE Load Tester Recommendation

Can anyone recommend a device to PoE load test network jacks? I have some jacks that pass the installer's Category Certification, but are not passing the appropriate PoE to bring the APs online. I would like to be able to load test for 802.3af, 802.3at, and 802.3bt (at both 60W and 90W), as

Re: [WIRELESS-LAN] [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from wireless network - Aruba

Hi Educause wifi: We use a filter that only allows clients to "have" a valid IP address from "our" range. It' a bit of overhead, but it solves this issue for us. We also say clients listed with addresses that really make no sense. you build a list something like this: netdestination

RE: rough start of semester on 9800-80 WLCs

Thanks for the info. I'll look into the AP service pack. We haven't done one of those yet so kind of curious to see it in action. Yeah we had mixed results with the 500 APs in a site tag. Some of the areas on campus were fine. I think client count had something to do with provoking it.

RE: [WIRELESS-LAN] [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from wireless network - Aruba

Sid, We know from personal experience of running into this issue several years ago. Like David, we’ve instituted a few validuserACLs – (I actually use aliases for those subnets – so that I can re-use them in other places and to give a description of those valid ip addresses). After finding

RE: rough start of semester on 9800-80 WLCs

There are two commands you can use: show wireless loadbalance tag affinity wncd show wireless stats ap loadbalance summary Hector Rios UT Austin From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Chad Sawyer Sent: Tuesday, September 7, 2021 1:48 PM To:

Re: [WIRELESS-LAN] [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from wireless network - Aruba

This is very helpful! Thank you. We are planning to implement the validusers-acl like you mentioned and restrict clients to only the IPs that we provide via DHCP. The description is exactly what we are seeing. Christopher, would it be alright if we reached out to you if we have questions? I would

Re: [WIRELESS-LAN] [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from wireless network - Aruba

Have seen similar behavior and strongly recommend using validuser acl at very least change it form default any any- can start small and deny/protect critical IP's in your infrastructure its all fun and games until a user device gets picked up as your DNS server or local ip gateway but would