- Community Home
- >
- Networking
- >
- Wireless
- >
- M and MSM Series
- >
- MSM765 controller LAN port oddity
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2014 05:57 PM
01-24-2014 05:57 PM
MSM765 controller LAN port oddity
Noticed something strange today. I setup my MSM765 a while back with what I thought was a pretty standard config.
LAN port on one of my private internal LANs. 10.10.0.0/16 addressing
Inet port on a general Inet VLAN we use for guest Inet access in conference rooms, etc. 192.168.100.x/24 addressing
The above 2 segments cannot route to each other in any way.
2 VSCs setup. Default "HP" VSC is still on the unit as I think I remembered reading somewhere it's best to leave the default HP VSC on the unit, the "HP" VSC is not bound to ANY AP groups at all.
"SECURE" VSC: Authentication enabled, requires 802.1x authentication against our AD domain. Once authenticated successfully the user's machine is put on the primary LAN VLAN and gets a 10.10.x.x address. Affectively on my production network as much as any wired machine is.
"GUEST" VSC: Authentication and Access Control enabled. This VSC tunnels the traffic back to the controller and the user's machine grabs a 192.168.100.x IP via DHCP. Rsers are then presented with a HTTP login page, once authenticated the user's traffic is allowed to go passed the 765 and on the Internet directly.
This all has been working perfectly for a good while now.
Today one of my engineers noticed something odd and brought it to my attention.
He had a new network appliance device that he needed to configure and was doing the work on the 10.10.x.x LAN segment. The device he was working on booted up with a default IP address of 192.168.1.1/24 so he just statically changed his laptop's address to match that new devices temporary subnet so he could web into it and reconfigure it for the correct segment. Normal stuff.
The problem was when he tried to surf to 192.168.1.1 (after statically assigning his laptop a matching IP from that range) he was presented with the "wireless.hp.internal" login page. On the LAN segment. The only place that authentication page is is enabled is over on the GUEST VSC. As soon as the IP address is of the laptop is changed back to the real IP of that LAN segment (10.10.x.x) you no longer get that login page and all seems normal.
Note that 192.168.1.x is not in the config of the MSM765 AT ALL, it does not match anything in the MSM765.
I threw together a test machine with wireshark on it and decided to take a look a bit deeper. If I take ANY device, put it on the 10.10.x.x LAN (where the LAN port of the 765 lives) but statically assign it ANY address that does not match that subnet (I did this with 192.168.1.x, 12.12.12.x, 100.100.100.x, I suspect that any range will exhibit this behavior) then wireshark and a "arp -a" shows that the MSM765's LAN port is anyswering and intercepting all traffic and trying to redirect the client machine to "wireless.hp.internal".
I'm stumped. I have no idea why this would be happening or how to resolve it. MAYBE this has something to do with the default "HP" VSC merely existing on the MSM765 (even though it's not bound to anything at all, I assumed the controller would just ignore it).
Any ideas?
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2014 09:36 AM
01-29-2014 09:36 AM
Re: MSM765 controller LAN port oddity
Source One Technology, Inc.
HP Partner
MSM 5.7.x deployment guide: