RE: [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from wireless network - Aruba

Tue, 07 Sep 2021 08:29:05 -0700 

With 8.6.0.9, no issues.

(Aruba7220-MC-05) *#show datapath session | include 35.186.224.25
35.186.224.25     172.16.122.193  6    443   58612  0/0     0    24  3   tunnel 
2306 a5   69         11747                      17
172.16.126.143    35.186.224.25   6    65364 443    0/0     0    24  0   tunnel 
1718 1a   29         3592       TC              26
172.18.91.115     35.186.224.25   6    56982 443    0/0     0    0   0   tunnel 
1102 505  145        24120      C               29
172.16.174.33     35.186.224.25   6    54373 443    0/0     0    24  0   tunnel 
2773 6da  9576       1018764    TC              21
35.186.224.25     172.16.166.198  6    443   60052  0/0     0    24  1   tunnel 
133  de   371        269692                     31
172.16.172.51     35.186.224.25   6    63940 443    0/0     0    24  3   tunnel 
862  5c   17         2849       TC              30
172.19.90.133     35.186.224.25   6    54371 443    0/0     0    24  0   tunnel 
1509 890  161        33426      TC              18
172.19.91.45      35.186.224.25   6    62292 443    0/0     0    24  2   tunnel 
1630 4d   14         2502       TC              27
35.186.224.25     172.16.166.198  6    443   60050  0/0     0    24  14  tunnel 
133  de   24         8727                       31
172.16.176.74     35.186.224.25   6    58973 443    0/0     0    24  2   tunnel 
1964 236  35         5322       TC              16
172.16.176.193    35.186.224.25   6    61015 443    0/0     0    24  1   tunnel 
2160 10   44         15853      FTC             20

From: The EDUCAUSE Wireless Issues Community Group Listserv 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of Dan Oachs
Sent: Tuesday, September 7, 2021 10:59 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from wireless 
network - Aruba

CAUTION: This email originated from outside of the University. Do not click 
links or open attachments unless you recognize the sender and know the content 
is safe.

Not seeing that issue here.  We are on 8.7.1.4

(aruba-controller-1) #show datapath session | include 35.186.224.25
35.186.224.25     138.236.104.67  6    443   64918  0/0     0    1   1   tunnel 
6347 3cc  307        50335                      15
138.236.82.47     35.186.224.25   6    57491 443    0/0     0    0   4   tunnel 
5540 382  179        117595     C               30
35.186.224.25     138.236.248.10  6    443   54342  0/0     0    1   1   tunnel 
972  e    209        16359                      23
35.186.224.25     138.236.82.47   6    443   57491  0/0     0    1   4   tunnel 
5540 382  189        45940                      30
138.236.104.67    35.186.224.25   6    64918 443    0/0     0    0   1   tunnel 
6347 3cd  345        38357      C               29
35.186.224.25     138.236.232.120 6    443   61505  0/0     0    1   0   tunnel 
7052 c    151        49165                      22
138.236.250.85    35.186.224.25   6    54833 443    0/0     0    0   1   tunnel 
2686 1a   57         16206      C               27
35.186.224.25     138.236.251.120 6    443   51735  0/0     0    1   1   tunnel 
7060 8    29         3140       F               13
138.236.250.85    35.186.224.25   6    54834 443    0/0     0    0   2   tunnel 
2686 18   152        179792     C               27

--Dan

On Tue, Sep 7, 2021 at 9:40 AM Sidharth Nandury 
<nandu...@denison.edu<mailto:nandu...@denison.edu>> wrote:
Hi All,

Since last Monday we have seen a couple of different websites being blocked on 
our Aruba wireless controllers. Spotify has been one of the sites, as well as 
all websites hosted on IP 23.185.0.1 (which is our main institution website - 
denison.edu<http://denison.edu>). We can confirm that this is being blocked as 
we see the "D" (Deny) Flag on the wireless controller. Below is an example of 
traffic being blocked to Spotify. Is anyone suing Aruba AOS 8 controllers 
seeing this?


(wlc-Thor) #show datapath session | include 35.186.224.25

Source IP or MAC  Destination IP  Prot SPort DPort Cntr     Prio ToS Age 
Destination TAge Packets    Bytes      Flags           CPU ID

----------------- --------------- ---- ----- ----- -------- ---- --- --- 
----------- ---- ---------- ---------- --------------- -------

10.143.203.26     35.186.224.25   6    52082 443    0/0     0    0   0   tunnel 
640  1    0          0          FDYCA           21

10.143.195.85     35.186.224.25   6    59767 443    0/0     0    0   0   tunnel 
5357 0    0          0          FDYCA           27

10.143.225.178    35.186.224.25   6    52292 443    0/0     0    0   0   tunnel 
6753 1    0          0          FDYCA           19

10.143.195.85     35.186.224.25   6    59766 443    0/0     0    0   0   tunnel 
5357 1    0          0          FDYCA           27



(wlc-Thor) #show datapath session | include 23.185.0.1
10.143.228.16     23.185.0.1      6    59500 443    0/0     0    0   0   tunnel 
16789 a    0          0          FDYCA           18
10.143.244.151    23.185.0.1      6    58758 443    0/0     0    0   0   tunnel 
553  1    0          0          FDYCA           23
10.143.228.247    23.185.0.1      6    59063 443    0/0     0    0   0   tunnel 
13188 a    6          384        FDYCA           27
10.143.228.247    23.185.0.1      6    59062 443    0/0     0    0   0   tunnel 
13188 a    6          384        FDYCA           27
10.143.196.26     23.185.0.1      6    50851 443    0/0     0    0   0   tunnel 
5631 1    0          0          FDYCA           17
10.143.196.26     23.185.0.1      6    50852 443    0/0     0    0   0   tunnel 
5631 1    0          0          FDYCA           17
10.143.196.26     23.185.0.1      6    50853 443    0/0     0    0   0   tunnel 
5631 1    0          0          FDYCA           17



We have two 7240xm controllers running AOS v8.6.9 in a cluster with a Mobility 
Conductor as a VM. We have a ticket open with TAC and have escalated it up to 
ERT, but wanted to also reach out to others.



Thank you.

Sid


--

<https://denison.edu>

Sidharth S. Nandury
(He, Him, His)
Infrastructure and Operations Manager
Information Technology Services <https://denison.edu>

100 West College Street, Granville, OH 43023 | Burton Hall
Office: 740-587-5533 | Mobile: 516-314-4413
nand...@denison.edu
https://denison.edu/campus/technology/service-desk<https://denison.edu>

NOTICE: This email message and all attachments transmitted with it may contain 
legally privileged and confidential information intended solely for the use of 
the addressee. If the reader of this message is not the intended recipient, you 
are hereby notified that any reading, dissemination, distribution, copying, or 
other use of this message or its attachments is strictly prohibited. If you 
have received this message in error, please notify the sender immediately by 
phone or by email, and delete this message and all copies and backups thereof. 
<https://denison.edu>

Please consider the environment before printing this email.<https://denison.edu>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community 
<https://denison.edu>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community 
<https://denison.edu>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Reply via email to