Differences

This shows you the differences between two versions of the page.

--- aruba_networks:ap:ap_630 [2025/11/11 16:40] – aperez
+++ aruba_networks:ap:ap_630 [2025/11/19 19:15] (current) – [Notes and Recommendations] aperez
@@ Line 52: / Line 52: @@
 {{pdfjs 46em >:aruba_networks:ap:aos_10.7.1.1-rn.pdf}}
 ----
+====== Aruba IAP-635 RW Deployment — Knowledge Base ======
+This document describes the full deployment of Aruba IAP-635 (RW regulatory domain) for the South Campus.
+It includes VLAN design, switch configuration, Virtual Controller setup, SSID renaming, verification commands, and troubleshooting references.
+===== Table of Contents =====
+  * [[#network_topology|Network Topology]]
+  * [[#switch_configuration_aruba_6300|Switch Configuration (Aruba 6300)]]
+  * [[#virtual_controller_settings_rw|Virtual Controller Settings (RW Controller)]]
+  * [[#ssid_renaming_rw|SSID Renaming – RW Controller]]
+  * [[#cli_verification_commands|CLI Verification Commands]]
+  * [[#notes_and_recommendations|Notes & Recommendations]]
+----
+===== Network Topology =====
+  * **AP Model:** Aruba IAP-635 (RW)
+  * **Total RW APs:** 4 units
+  * **AP VLAN:** **735**
+  * **AP Backhaul VLAN:** **706**
+  * **RW Virtual Controller IP:** **172.20.76.20**
+  * **Switch:** Aruba 6300 (Access Layer)
+  * **Core:** Aruba 6400 (MDF-1)
+The RW APs should not join the US Virtual Controller due to different regulatory domain (US vs RW).
+Each side operates its own independent Virtual Controller.
+----
+===== Switch Configuration (Aruba 6300) =====
+! ================================
+! Aruba 6300 - AP RW VLAN 735/706
+! ================================
+! -------- AP 172.20.76.24 / AP_59 --------
+  interface 1/1/1
+   description AP_172.20.76.24/_44:12:44:cd:ed:45_635(indoor)_AP_59
+   no shutdown
+   mtu 9100
+   no routing
+   vlan trunk native 735
+   vlan trunk allowed all
+! -------- LINK TO AP (VLAN 706) --------
+  interface 1/1/2
+   description LINK TO AP
+   no shutdown
+   mtu 9100
+   no routing
+   vlan trunk native 706
+   vlan trunk allowed all
+! -------- AP 172.20.76.22 / AP_57 --------
+  interface 1/1/3
+   description AP_172.20.76.22/_44:12:44:cd:f1:05_635(indoor)_AP_57
+   no shutdown
+   mtu 9100
+   no routing
+   vlan trunk native 735
+   vlan trunk allowed all
+! -------- AP 172.20.76.21 / AP_56 --------
+  interface 1/1/4
+   description AP_172.20.76.21/_44:12:44:ce:26:7e_635(indoor)_AP_56
+   no shutdown
+   mtu 9100
+   no routing
+   vlan trunk native 735
+   vlan trunk allowed all
+! -------- LINK TO AP (VLAN 706) --------
+  interface 1/1/5
+   description LINK TO AP
+   no shutdown
+   mtu 9100
+   no routing
+   vlan trunk native 706
+   vlan trunk allowed all
+! -------- AP 172.20.76.23 / AP_58 --------
+  interface 1/1/6
+   description AP_172.20.76.23/_44:12:44:ce:01:d3_635(indoor)_AP_58
+   no shutdown
+   mtu 9100
+   no routing
+   vlan trunk native 735
+   vlan trunk allowed all
+! ============================
+! LAG-1 toward Core 6400 (MDF-1)
+! ============================
+  interface lag 1
+   description Access LAG-1 to MDF-1 - Core 6400
+   no shutdown
+   no routing
+   vlan trunk native 1
+   vlan trunk allowed all
+   lacp mode active
+   loop-protect
+  interface 1/1/49
+   description Access LAG-1 to MDF-1
+   no shutdown
+   mtu 9100
+   lag 1
+  interface 1/1/50
+   description Access LAG-1 to MDF-1
+   no shutdown
+   mtu 9100
+   lag 1
+===== Virtual Controller Settings (RW Controller) =====
+  virtual-controller-country RW
+  virtual-controller-ip 172.20.76.20
+**Verification commands:**
+  show running-config | include virtual
+  show swarm state
+  show swarm leader
+  show aps
+**If Virtual Controller appears as 0.0.0.0, set it manually:**
+  virtual-controller-ip 172.20.76.20
+  commit apply
+===== SSID Renaming – RW Controller =====
+  configure terminal
+  wlan ssid-profile "SFE_WiFi"
+   essid "SFE_WiFi-RW"
+   exit
+  wlan ssid-profile "SFE-Guest-WiFi"
+   essid "SFE-Guest-WiFi-RW"
+   exit
+  wlan ssid-profile "IoT"
+   essid "IoT-RW"
+   exit
+  wlan ssid-profile "SFE_ST"
+   essid "SFE_ST-RW"
+   exit
+  wlan ssid-profile "SFE_Staff"
+   essid "SFE_Staff-RW"
+   exit
+  wlan ssid-profile "SFE_Student"
+   essid "SFE_Student-RW"
+   exit
+  wlan ssid-profile "SFE_Teacher"
+   essid "SFE_Teacher-RW"
+   exit
+  wlan ssid-profile "Couper_Portal"
+   essid "Couper_Portal-RW"
+   exit
+  commit apply
+**Verification:**
+  show network
+  show network <SSID>
+===== CLI Verification Commands =====
+==== AP Health and Radios ====
+  show aps
+  show ap debug system-status
+  show ap name <APNAME> status
+  show ap debug radio-stats
+==== Client/IP Assignment ====
+  show client
+  show client detail <mac-address>
+  show client network <SSID>
+  show ip dhcp binding
+==== WLAN/SSID Validation ====
+  show network
+  show network <SSID>
+  show wlan ssid-profile
+==== VC Cluster and Leadership ====
+  show swarm state
+  show swarm leader
+  show running-config | include virtual
+==== Switch VLAN and MTU ====
+  show vlan port 1/1/x
+  show interface 1/1/x
+  show interface 1/1/x | include MTU
+==== MTU End-To-End Test ====
+  ping 8.8.8.8 size 1472 repeat 5
+===== Notes and Recommendations =====
+  * RW and US APs cannot join the same Virtual Controller cluster because they run different regulatory domains.
+  * RW SSIDs include the “-RW” suffix to avoid SSID duplication inside the same L2/L3 space.
+  * VLAN 735 is used for AP access, VLAN 706 for AP uplinks/mesh/internal management.
+  * Jumbo MTU (9100) is required end-to-end to avoid fragmentation or CAPWAP instability.
+  * Always verify DHCP bindings if clients fail to obtain IP.
+  * Ensure each AP is correctly mapped to its trunk native VLAN.
+----
+----