Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1932
Views
0
Helpful
10
Replies

Intervlan Routing on CISCO RV345P

Go to solution
RogerJoys7495
Level 1
Level 1

‎08-23-2019 07:56 AM

Hello,

 

I just purchased a CISCO RV345P and it's configured and functioning as desired with 1 exception.

 

I have 2 Aruba AP's coming into 2 ports. These devices effectively tag 4 different WLAN's for 4 different VLAN's on the 345. For all these VLAN's. I have enabled intervlan routing, and while I am able to reach the router as excpected, I am unable to access the 2 Aruba's via their HTTP interface. 

 

The Aruba's and the Cisco all live on VLAN 1 (192.168.1.0/24). I can see the Aruba's on the router and can ping their IP's but the HTTP interface does not work. 

 

What did I miss? Is there some additional access rule I need to have set up?

 

Thank you in advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
RogerJoys7495
Level 1
Level 1
In response to RogerJoys7495

‎08-29-2019 08:22 AM

I've solved this and appreciate everyone's help.

 

In the end, after looking through the various componentry that may impact traffic between VLan's, I discovered I needed to make 2 changes to my Aruba IAP config:

1). Add the appropriate subnets to the "Management subnets)

2). Add a rule to allow tcp on port 4343 between the WLan subnet I want to manage the Aruba's on and the VLAN the devices actually are on.

 

Again, both are Aruba IAP settings.

 

Thanks all again!

View solution in original post

0 Helpful
10 Replies 10

Go to solution
luis_cordova
VIP Alumni
VIP Alumni

‎08-23-2019 01:59 PM

Hi @RogerJoys7495 ,

 

Query:
If you add a PC to VLAN1, can that device connect to APs via HTTP?

 

Regards

0 Helpful

Go to solution
RogerJoys7495
Level 1
Level 1
In response to luis_cordova

‎08-23-2019 02:32 PM

Yes absolutely. This is the only way I’ve been able to connect to them.

Thank you
0 Helpful

Go to solution
luis_cordova
VIP Alumni
VIP Alumni
In response to RogerJoys7495

‎08-23-2019 03:15 PM

Hi @RogerJoys7495 ,

 

Two queries:
Are the ping between PCs of different vlan successful?
Have you tried disabling the firewall of the PCs before trying to access via HTTP?

 

Regards

0 Helpful

Go to solution
RogerJoys7495
Level 1
Level 1
In response to luis_cordova

‎08-23-2019 04:08 PM

@luis_cordova 

 

Thank you for your assistance.

 

1). Yes, I can ping between my PC on VLAN2 and both Aruba's on VLAN1

2). The Firewall has been turned off on my PC

 

I've attached screen snippets from my configuration

Screen Shot 2019-08-23 at 4.04.06 PM.png

 

The 2 Arubas are plugged into Port1 and 2, which are set up as such

Screen Shot 2019-08-23 at 4.06.18 PM.png

As an experiment, I am going to set up a new WLAN on the Aruba that uses VLAN1 and see if this will help

 

-r

0 Helpful

Go to solution
RogerJoys7495
Level 1
Level 1
In response to RogerJoys7495

‎08-23-2019 04:15 PM

Well this was weird and may be a good clue.

 

I set up an additional WLAN on the Aruba with a VLAN tag of 1. When I connected my PC, it got an IP in192.168.11.0/24. I even tried to renew the DHCP address and it got the same.

 

I reviewed my full DHCP config and nothing I set up refers to that subnet.

 

This address will also not route to the WAN as you may expect given the configuration.

 

Thoughts?

0 Helpful

Go to solution
luis_cordova
VIP Alumni
VIP Alumni
In response to RogerJoys7495

‎08-23-2019 05:27 PM

Hi @RogerJoys7495 ,

 

It would be nice to find out which device is delivering the addresses 192.168.11.X.

Is it possible that some AP has NAT enabled?

 

Regards

0 Helpful

Go to solution
RogerJoys7495
Level 1
Level 1
In response to luis_cordova

‎08-23-2019 07:26 PM

I'm on a plane to SFO for a conference, so I won't be able to check until Monday when I return. it is curious.

 

I've got the 2 AP's for home, an Aruba 205h RAP for connectivity to work, and a wireless device from ADT for my home security system (which badly needs an upgrade). The Aruba 205 and ADT thing are on their own VLAN's and untagged for their VLAN. Both those VLAN's have intervlan routing disabled

 

As an experiment, I can power down the ADT device and see if the issue persists.

I do agree something other than the RV345P is doling out that IP

 

 

0 Helpful

Go to solution
RogerJoys7495
Level 1
Level 1
In response to RogerJoys7495

‎08-26-2019 07:41 AM

I've identified the source of the 192.168.11.0/24 DHCP. When powered off, I now get an IP from the router when I connect to a WLan using VLAN1. So that's good. I am now able to access the AP's from this WLAN.

 

I still am unable to connect to the AP's when on the WLAN on VLAN2, despite having intervlan routing on.

 

I'm a bit at a loss as to what is not working. Is there some ACL I need to set up?

 

 

0 Helpful

Go to solution
RogerJoys7495
Level 1
Level 1
In response to RogerJoys7495

‎08-26-2019 04:19 PM

Here is the log showing the relevant traffic flow form a device in VLAN2 to the Aruba AP

Screen Shot 2019-08-26 at 4.16.26 PM.png

0 Helpful

Go to solution
RogerJoys7495
Level 1
Level 1
In response to RogerJoys7495

‎08-29-2019 08:22 AM

I've solved this and appreciate everyone's help.

 

In the end, after looking through the various componentry that may impact traffic between VLan's, I discovered I needed to make 2 changes to my Aruba IAP config:

1). Add the appropriate subnets to the "Management subnets)

2). Add a rule to allow tcp on port 4343 between the WLan subnet I want to manage the Aruba's on and the VLAN the devices actually are on.

 

Again, both are Aruba IAP settings.

 

Thanks all again!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card