James, We are running AP-125 and AP-105 APs from a Server 2008R2 DHCP cluster with no issues. Is Dynamic ARP Inspection, DHCP Snooping, or IP Source Guard (Cisco terms) enabled on the AP ports? I know Aruba had an issue with early AP-125 APs and those services. You either had to disable those or manually update the firmware on the APs.
You probably should open a ticket with Aruba TAC. If there is no DHCP OFFER, the Event Viewer logs on the DHCP server may provide some clues. Bruce Osborne Network Engineer IT Network Services (434) 592-4229 LIBERTY UNIVERSITY 40 Years of Training Champions for Christ: 1971-2011 -----Original Message----- From: James M Keller [mailto:[email protected]] Sent: Tuesday, January 17, 2012 3:51 PM Subject: Aruba and Windows 2003 DHCP issue. Content preview: All, Running into an issue with a pilot Aruba set up. Each LAN segment is off a core firewall. Each interface for a user LAN has DHCP helper pointed at a locally connected (to the firewall) Windows 2003 server with DHCP service running. All the normal clients (XP, Vista, Win7, OSX, etc) can pull DHCP addresses without a problem. However we are having issues with the 135 Campus AP units, they DHCP from the prom boot fine and are assigned an address/net-mask/gateway/domain, etc. They then use the magic host name + DHCP domain to get to the master controller. They then do the tftp for the OS load. However after booting into the tftp'ed image and running DHCP client again from the OS they are unable to get a response from the Windows 2003 server. Packet captures confirm 0.0.0.0 > 255.255.255.255 packets from the APs just like the windows/osx hosts on the same network are being relayed by the DHCP helper configuration on the gateway/core firewall. However, in the case of the 135 APs, there is no DHCP OFFER response from the Windows server to the OS initiated DHCP DISCOVER packets. [...] Content analysis details: (-2.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] All, Running into an issue with a pilot Aruba set up. Each LAN segment is off a core firewall. Each interface for a user LAN has DHCP helper pointed at a locally connected (to the firewall) Windows 2003 server with DHCP service running. All the normal clients (XP, Vista, Win7, OSX, etc) can pull DHCP addresses without a problem. However we are having issues with the 135 Campus AP units, they DHCP from the prom boot fine and are assigned an address/net-mask/gateway/domain, etc. They then use the magic host name + DHCP domain to get to the master controller. They then do the tftp for the OS load. However after booting into the tftp'ed image and running DHCP client again from the OS they are unable to get a response from the Windows 2003 server. Packet captures confirm 0.0.0.0 > 255.255.255.255 packets from the APs just like the windows/osx hosts on the same network are being relayed by the DHCP helper configuration on the gateway/core firewall. However, in the case of the 135 APs, there is no DHCP OFFER response from the Windows server to the OS initiated DHCP DISCOVER packets. We also got in some RAP-2WG units to test, and I'm finding they DHCP fine on a home network - but are displaying the same issue as the 135's after booting the OS on a local LAN connection - that they are being ignored by the Windows DHCP server (from the start, vs after OS boot for the 135s). We did a work around, and enabled DHCP scopes on the master controller and changed the DHCP helper on the test LAN to the controller and this worked. So it's apparently something specific to the Windows 2003 DHCP server and not the firewall or APs. We obviously would prefer DHCP be centrally manged in one place vs having to do one-off scopes on the controller. Has anyone else run into something like this? I'm in the 'we can't be the only ones to see this' mode, but haven't found anything via Google that fits the issue. Thanks in advance. -- --- James M Keller ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
