M and MSM Series
1748136 Members
3610 Online
108758 Solutions
New Discussion юеВ

Re: MSM765zl guest access fails

 
SOLVED
Go to solution
Tom Leach
Advisor

MSM765zl guest access fails

I have a 765zl with a 422 AP and I'm trying to get guest access set up. I've gone through the manual and looked at the FAQs (Corp/Guest VSC configuration KB001318 & KB001320) and it should be pretty straight forward. I have the 765 setup as a DHCP server in ServiceController/Network/AddressAllocation to serve out 192.168.64.1/24 addresses. No other DHCP server is configured on the Internet or LAN networks.
I create a Guest VSC with the following non-default settings:
name, SSID, no Wireless security filters, VSC based DHCP serving 10.10.10.1/24 addresses.
Note that I do NOT have 'Always tunnel client traffic' checked.

I have the 442 AP in a Site group with the Guest VSC bound to that group. The default group has no APs in it and is configured to disable any radios that it auto discovers until I move them out of the default group into the Site group.

OK, so my client sees the SSID, and I can connect, obtain a 192.168.64.1/24 address, and login via HTML to get onto my Internet. It's all good.

Now, I check 'Always tunnel client traffic', save, resync the group with the AP and after it's all ready to go, the client can see the SSID, but it does not get an IP via DHCP (either 192 or 10).

The 765 is installed in a 5412zl, slot C.
Port C1 is in the default vlan (just used for testing, it will be moved later to it's own vlan, just one thing at a time) and port C2 is on a RADIO vlan that also contains the port that the AP is attached to. The AP is directly connected to the switch (actually there are 3 APs, but only one is currently powered).
So, this is as small of a test setup that I can make with as few variables but it's still not working.
Oh, forgot to include 765 info:
Software version: 5.3.1.0-01-7123
Hardware revision: 2:47
Any clues?
Thanks!
Tom
5 REPLIES 5
Fred!
Trusted Contributor

Re: MSM765zl guest access fails

Did you make sure that in the DHCP server configuration you listen for request from inside the tunnel? There is an option there that you need to check so that the DHCP server honors requests coming from there.
Tom Leach
Advisor

Re: MSM765zl guest access fails

Fred, I do have both "Lan port" and "Client data tunnel" checked under "Listen for DHCP requests on:" in Service Controller>Network>Address Allocation>DHCP server config.
But I think that my problem is somewhere in that setup.
I may have a misunderstanding of how the LAN side of the 765 is to be configured. I currently have my AP on the LAN getting it's address via DHCP from the 765. If I uncheck the "LAN port" in the DHCP listen from above, the AP no longer gets an address. Somewhere in the docs, I read that HP recommends that the LAN port be unchecked in most configs. Are they then assuming that some other DHCP server is supplying the address to the APs or that the APs are statically assigned?
Thanks!
Tom
Fred!
Trusted Contributor
Solution

Re: MSM765zl guest access fails

Yes, typically the DHCP of the 765 will be used to provide private IPs to the wireless clients/guests and less to provide IPs to the APs.

Note that this is not an absolute requirement, but typically you will have a central DHCP server assigning IPs to your APs.

Now this could make sense for the fact that if you use the MSM controller DHCP server for both, you will end up in having the APs and the guest on the same IP segment, which is not necessarily good (I personally tend to prefer segmenting my equipment from my wireless clients)

Now, back to your problem. Something to remember is that you should double check if there is any firewall in your network preventing the data tunnel to reach the MSM controller.

Make sure the UDP Source and destination = 3001 (BB9 hex) is opened.

There are some other ports that you may consider as well. Ports that are necessary for the system to function are documented in the manual p.70: http://cdn.procurve.com/training/Manuals/r531/MSM7xx-MCG-May09-5992-5929.pdf
Tom Leach
Advisor

Re: MSM765zl guest access fails

Hi Fred, thanks for the reply. I swear I didn't change anything, but after I shut everything down for the evening and came back in the next day and started everything back up, the guest access worked as expected.
Thanks again for the replies!
Tom
Shadow13
Respected Contributor

Re: MSM765zl guest access fails

you have mentioned that you configured DHCP in the VSC 10.10.10.1/24 , but then you mentined that the client get ip address from the main DHCP range defined 192.168.64.1/24.