HP Layer 3 Mobility

Posted on 2014-07-15
Last Modified: 2014-08-06
Hello experts.  I have an issue that is completely perplexing me.  I have setup an HP MSM 720 WLC with HP 460 AP's.   The Access network is set to IP and Internet Network is  My wireless at my main location uses Vlan's 210 for Guest (Open, captive portal,, 215 for Employee (WPA2-PSK, and 220 for private (802.1x,  

The HP WLC controls the authentication and access for the Guest and Employee network.  It handles DHCP, DNS and everything else.  However, for Private it forwards authentication to our RADIUS server and DHCP/DNS to our DC.  So it basically does nothing other than broadcast the private SSID.  Everything at our main location works just fine.  Everyone can connect to their respective SSID's and browse the internet and access the resources they are supposed to.  

However, when I try to place an AP at a remote site (LanLink Metro Ethernet) the AP provisions just fine and I can connect and get to the internet using Guest and Employee, but Private doesn't work.  I can connect to it just fine and it obviously forwards my authentication credentials to my RADIUS server, but it won't pull an IP address.  Even if I assign a correct IP address and default gateway it still shows limited connectivity and I can't ping anything local.  I'm hoping someone with experience setting up HP wireless can help on this as I am at a loss.  If you need more info or screen shots please let me know.  Thanks.
Question by:cmhtech
    LVL 44

    Expert Comment

    by:Craig Beck
    Have you configured the AP/VSC to tunnel traffic back to the WLC or is it terminating traffic locally at the remote switch?

    Author Comment

    Terribly sorry this project ended up being put on the back burner and I never got a notification about this reply.  I am attempting to use the MTM to tunnel the traffic from the AP  to the WLC.  What is weird is after I checked the MTM and then set my Private network in local networks it worked for about 2 hours and then went back to giving me limited connectivity.

    Accepted Solution

    Nevermind I figured it out.  Every manual I read kept talking about home networks and user based networks and other useless crap that isn't needed to configure this correctly.  All I did was remove my private network from the local networks group, add a static route on the HP WiFi controller to point all traffic for my private network to the WLC access network default gateway, turned off DNS Interception and enabled Mobility Traffic Manager/Block users.

    Author Closing Comment

    Figured it out

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
    For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now