How to deploy an Aruba Remote Access Point (RAP) Part 1

At The Chapel we put in an Aruba Wireless system last year (Aruba 650). It was a huge improvement to what we had which was a combination of Linksys and 3Com gear. We are now able to provide public and private wireless networks with just one wireless network. The enhanced management features you get with a controller based system are also huge time savers such as central updates, ability to find the number of clients on the network, and locate those clients in the building.

Well,since we liked the system and it was working for us we decided to put some access points out at our new Lake Zurich campus which didn’t have any wireless. It was easy enough to get things going, just plug the AP into the network, find it on the controller, and deploy it. Done.

Well, not quite. The Aruba system by default wants to set the AP’s up to tunnel back to the controller. This is part of what makes this system so easy to deploy. You don’t have to worry about what vlan the AP’s are on or what their IP address is. The tunnel sends all traffic back to the controller to be routed. The issue is when you have a local resource like a file server, printer, or even local internet connection, all your traffic goes back to the controller and then back to the local network.

We had a local Comcast internet connection at Lake Zurich we wanted to use without tunneling through two other campuses to get to the controller. Luckily, Aruba had a “Remote Access Point” license that was supposed to make deploying our AP-61’s easy. The key words are “supposed to”.

Aruba fails in the documentation department miserably for this RAP feature. I found out though my CDW rep that I could use my AP-61’s if I got an RAP license for each of them. (This is kind of expensive but now it is included free in the Aruba OS 5 release) Next came configuring them. I tried following the documentation but it was all based on older versions of the software and kept referencing setting up firewall rules that are only available in their PEF license which I didn’t have. They also didn’t have an example that matched my scenario of having everything on a private network. All the examples talked about using the VPN feature because you are going across the internet. I upgraded to the Aruba OS 5 which had a wizard to deploy remote AP’s but it didn’t work either.

So I tried and failed again and again. I even sent some bad configs to my AP’s that bricked them! After looking for the reset button I found out my AP’s didn’t have any! Stupid! After some research, I found out that I needed a special “Serial Over Ethernet (SoE) cable” as Aruba calls it and it had a schematic of how to make one. I gave it a try twice and couldn’t get it to work. I then had to fork out about $100 to get one from Aruba! Anyhow, they were back up and running finally but I still didn’t have the RAP feature that I wanted and paid for.

So I called up support again and got someone who seemed to kind of know what I was trying to accomplish. We did a WebEx session and were able to get things going. Because this is getting to be a long post, I’ll show how to set this up in part 2.


Anonymous said...

you spent $100 on a console cable? Those things are going for $1-$5 on ebay.


in fact google shopping doesn't even bring any up that are over $20. even the radio shack down my street sells them for $20, and thats saying a lot because they gouge the hell out of everything.

you got srsly taken advantage of with that deal. I recommend staying away from aruba for any kind of Rapping, their hardware and software isn't developed to be used that way which is why its not all easy pointy clicky dumbed down networking

Anonymous said...

Dear Anonymous,

Jeremy didn't spend $100 on a standard DB9/RJ45 console cable, he's not an idiot. As he originally stated, he needed this special kind of console cable, "Serial Over Ethernet (SoE) cable".

So that you might stop judging the poor guy and flaming him, take a look here:

And to your comment:

"I recommend staying away from aruba for any kind of Rapping, their hardware and software isn't developed to be used that way which is why its not all easy pointy clicky dumbed down networking"

What the hell are you talking about? Aruba Networks is a great solution and I'm glad they are changing the wireless and wireless management landscape--it's been bland for so many years.

-Aruba Fan

Jeremy Good said...

Thanks Aruba Fan. I was disappointed when I found out I had to buy a special cable just to reset the AP (they have changed the design now). The Aruba has been good and it has a lot of features other systems don't. We have been moving over to Ruckus Wireless now though because of the lower cost, ease of management, and awesome coverage they provide. http://www.ruckuswireless.com/
I've also heard of a lot of churches using Ubiquiti Unifi AP's that provide a managed solution for a fraction of the cost of Ruckus or Aruba. http://www.ubnt.com/unifi

Ngoc Lan said...

Ngày nay dịch vụ vận chuyển hàng hóa mua bán ngày càng phát triển thời đại thị trường marketting online ngày càng phát triển nhiều doanh nghiệp áp dụng chính vì thế dịch vụ chuyển phát nhanh cũng ngày càng thành lập trong đó điển hình là dịch vụ dich vu chuyen hang thu tien của công ty Proship. Với dịch vụ này chúng tôi có thể giúp các cửa hàng shop online thuận tiện trong việc thanh toán vận chuyển hàng hóa. Cho nên các công ty chuyển phát nhanh rẻ nhất . Đặc biệt tại các thành phố lớn dịch vụ vận chuyển được ngày càng áp dụng hình thành phổ biến. Chính vì thế các công ty chuyển phát nhanh tphcm luôn được tối ưu và nâng cao dịch vụ chuyển phát gửi hàng nhanh đi ngày càng phát triển. Chính vì vậy cho nên nếu các công ty doanh nghiệp có nhu cầu gửi hàng sài gòn chúng tôi có chi nhánh tại sài gòn nếu bạn có nhu cầu sử dụng dịch vụ chuyển phát nhanh sài gòn hãy liên hệ với chúng tôi qua địa chỉ website sau: http://chuyenphatnhanhproship.com