RFS6000 AP adoption over LAN-to-LAN VPN Tunnel

// Expert user has replied.
L Leonardo Freitas 3 years 7 months ago
41 8 0

Hello, I’m having RFS6000 AP adoption problems under a LAN to LAN VPN Tunnel.

To understand my problem see the attach file that illustrates my scenario. I want to do a LAN to LAN PPTP VPN connection . The LAN1 range IP is 192.168.100.xxx/24 and LAN2 range IP is 192.168.1.xxx/24. I can communicate with any PC from LAN1 to LAN2 and vice versa, so far I’m with a problem that concerns in the connection between the RFS6000 and the APs 650 outside the RFS LAN. The RFS6000 can adopt the APs that are inside the LAN (LAN2), but the ones that are outside (LAN1) cannot (if the RFS is in LAN1 only adopts LAN1 APs and if it is in LAN2 only adopts LAN2 APs).

I am able to  “ping” the RFS6000 from any LAN2 and LAN1 PC and all the PCs and RFS have DHCP from booth VPN Routers.

RFS6000  version is: 5.1.1.0-004R RFS6000 Model: RFS-6010-1000-WR AP650 version: 5.1.1.0-004R AP650 Model: AP-0650-66040-WW

What can I do to solve this issue?

Thanks in advanced,

Please Register or Login to post a reply

8 Replies

A Arsen Bandurian

It is possible, provided I understood you correctly. But if will depend on how you want the traffic from those clients to flow (since you have a huge variety of choice with WiNG5). If you want everything to go through controller - just assign to WLANs to VLANs that will be tunneled between APs and controller. If you want some local bridging - assign WLANs t local VLANs and configure DHCP relay feature on the APs (specifying controller's IP as a remote DHCP server). If you want to understand more how it works I recommend you go to learning.motorolasolutions.com and enroll into the EMEAWING5 instructor-led training that covers all these aspects quite well.

J Jared Ebel

I do not see in your description where you have provisioned the IP address of the RFS in the AP650 config.  How does your AP know where to locate the RFS?? UI config: Configuration > Profiles > AP650 Profile > Adoption > Controller Hostnames CLI config: (config-profile-default-ap650)#controller host level 1

L Leonardo Freitas

Hello, Thank you all. I've done :). The issue was in the "configuration persistance", that cames disabled by default. At this moment I'm communicating by static IP and already have tested the 2nd possibility by a creation of a "A" Record. Best Regards, Leonardo Freitas,

L Leonardo Freitas

Hello, As I told before, I already have communication between all the sites(Site 1, 2 and 3) and the headquarter (RFS location in subnet 192.168.100.0/24).  Now I'm trying to use DHCP Server from RFS. If I use my headquarter DHCP Server, I can have all my clients with DHCP addresses in the subnet 192.168.100.0/24 and my APs 650 with static IP in the specific site subnet (Site 1 - 192.168.1.0/24, Site 2 - 192.168.2.0/24, Site 3 - 192.168.3.0/24).  All I want is to keep all the configurations (RFS with static IP 192.168.100.220/24 and APs 650 with specific subnet static IP) and the RFS do the DHCP management of all the wireless clients but with another adress range diferent than subnet 192.168.100.0/24. It is possible to do that? How can I do it?

K Kevin Marshall

For an Access Point to obtain an IP address and DHCP options you need two things on the virtual IP interface: 1) The DHCP client needs to be enabled. 2) The DHCP client needs to be configured to request all the options Example: interface    description AP-VLAN   ip address dhcp   ip dhcp client request options all For static IP address configuration with an AP650 you need to:   1) Assign the IP address, mask and default gateway as an override 2) You need to enable configuration-persusrence. By default the AP650 will not remember its startup-config so if it resets it will not remember its static IP address. 3) You need to issue the controller host and/or controller vlan commands to tell the APs how to reach the controllers. When adopted at Layer 2 have you verified that the APs actually have an IP address assigned? For example on the RFS6000s on LAN 1 and LAN 2 issue the the "show ip interface brief on " command. This will tell you what IP address is assigned to each Access Point. Example: rfs6000-1#show ip interface brief on ap6532-1 -------------------------------------------------------------------------------  INTERFACE          IP-ADDRESS/MASK            TYPE        STATUS   PROTOCOL -------------------------------------------------------------------------------  vlan1              unassigned                 n/a         UP       up  vlan21             192.168.21.104/24(DHCP)    primary     UP       up ------------------------------------------------------------------------------- You can also do the same to view the VLAN membership to check the native VLAN and 802.1Q tagging configuration:  Example: rfs6000-1#show interface switchport on ap6532-1 ---------------------------------------------------------------------------------------  INTERFACE          STATUS   MODE     VLAN(S) ---------------------------------------------------------------------------------------  ge1                UP       trunk    21*,22 --------------------------------------------------------------------------------------- A '*' next to the VLAN ID indicates the native vlan for that trunk port Regards, Kevin

V Virgil Evans

Leonardo - In your last post you stated that you are trying to use static IP's on the AP650's, then you stated the AP continues to blink orange and doesn't get an IP. So I'm confused a little, but.... If you are using static IP's, then of course you will need to tell the AP what its controller IP is (use "controller host" command at the device level of your ap650). You also need "configuration-persistence". If you are or try using DHCP, then confirm what information your AP is getting from dhcp with these two commands: show ip dhcp-vendor-options service show dhcp-lease The first command will give you an "Adoption Info" item, confirming that it is pointing to the IP of the controller. The second command will show you an option for the controller IP (depending whether you use option 189 or 191). Verify the AP gets the correct info.

J Jared Ebel

What are you using to point the remote APs to the RFS?  There are three basic ways to accomplish this:

AP provided controller IP via DHCP option 191.  This requires configuration of option 191 on the customer's DHCP server.
AP performs DNS lookup of "motorola-wlc".  This requires creation of an "A" record in the customer's DNS to resolve the controller IP from "motorola-wlc."
AP is staged with a static IP for controller host.  This requires preconfiguration of each remotely adopted AP to provision them with a static IP address for the controller host.

Your APs on LAN2 are easily adopting because they are on the same VLAN as the controller.  This is layer 2 adoption.  For the APs on LAN1, you need to perform layer 3 adoption.  In addition to using one of the three methods above, you need to ensure that UDP ports 24576 and 24577 are opened on the router/firewalls in order to pass IP MiNT traffic.

L Leonardo Freitas

I'm trying to use the 3rd possibility with static IP, but I still go on without any conection between the AP on one LAN and the RFS in the other LAN. The UDP ports are opened. I'm not reaching what I'm doing wrong. For my test I put a static IP in RFS6000 and AP650 Virtual Interface. For RFS is 192.168.100.220/24 with static route gateway 192.168.100.2 and DNS Server 192.168.100.5. For the AP650 is 192.168.1.90/24 with static route gateway 192.168.1.1. When I connect the AP650 in the LAN without the RFS it still continuously flashing orange and do not have IP address. I cannot also "ping" the AP650 from any PC on the same LAN. Best Regards,

CONTACT
Can’t find what you’re looking for?