Hi Support community,
I'm not sure if anyone run into this problem. I have a netvanta 3448 with 4 160 access point. It's been so frustrating, The system keeps locking up. We have to reboot it twice daily. Does anyone have this problem? I tried probably 3 different firmware and I'm still having issues.
Here is my configuration. Any help is appreciated.
! ADTRAN, Inc. OS version R11.4.5.E
! Boot ROM version 13.03.00.SB
! Platform: NetVanta 3448, part number 1200821E1
! Serial number XXXXXXXXXXX
hostname "test"
enable password encrypted xxxxxxxxxxxxxxxxxxxxxx
!
clock timezone -6-Central-Time
!
ip subnet-zero
ip classless
ip routing
ipv6 unicast-routing
!
!
domain-proxy
name-server 209.18.47.61 209.18.47.62
!
!
no auto-config
auto-config authname adtran encrypted password xxxxxxxxxxxxxxxxxxxxxxxxxx
!
event-history on
no logging forwarding
logging forwarding priority-level info
no logging email
!
service password-encryption
!
portal-list "admin" console ftp http-admin ssh telnet
!
username "admin" privilege 7 portal-list "admin" password encrypted "encrypted????"
!
banner motd #
****** Important Banner Message ******
XXX
****** Important Banner Message ******
#
!
ip firewall
no ip firewall alg ftp
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
no ip firewall alg sip
!
aaa on
ftp authentication LoginUseLocalUsers
!
aaa authentication login LoginUseTacacs group tacacs+
aaa authentication login LoginUseRadius group radius
aaa authentication login LoginUseLocalUsers local
aaa authentication login LoginUseLinePass line
!
aaa authentication enable default enable
!
aaa authentication port-auth default local
!
dot11ap access-point-control
!
ip dhcp excluded-address 10.0.0.200 10.0.0.254
!
ip dhcp pool "test"
network 10.0.0.0 255.255.255.0
dns-server 209.18.47.61 209.18.47.62
default-router 10.0.0.1
lease 0 4 1
!
vlan 1
name "Default"
!
no ethernet cfm
!
interface eth 0/1
description TWC
ip address xx.xx.xx.xx 255.255.255.248
ip mtu 1500
ip access-policy Public
no rtp quality-monitoring
no shutdown
!
interface eth 0/2
no ip address
shutdown
!
interface switchport 0/1
no shutdown
!
interface switchport 0/2
no shutdown
!
interface switchport 0/3
no shutdown
!
interface switchport 0/4
no shutdown
!
interface switchport 0/5
no shutdown
!
interface switchport 0/6
no shutdown
!
interface switchport 0/7
no shutdown
!
interface switchport 0/8
no shutdown
interface vlan 1
ip address 10.0.0.1 255.255.255.0
ip access-policy Private
no rtp quality-monitoring
no shutdown
!
interface dot11ap 1 ap-type nv16x
access-point mac-address 00:19:92:15:C6:60
name test
location ServerRm
!
interface dot11ap 1/1 radio-type 802.11bg
channel 1
shutdown
!
interface dot11ap 1/1.1
description Wiz_802.11BG_VAP
ssid broadcast-mode "test"
security mode wpa tkip aes-ccmp psk xxxxxxx
no shutdown
!
interface dot11ap 1/2 radio-type 802.11a
channel 36
no shutdown
!
interface dot11ap 1/2.1
description Wiz_802.11A_VAP
ssid broadcast-mode "test"
security mode wpa tkip aes-ccmp psk xxxxxx
no shutdown
!
interface dot11ap 2 ap-type nv16x
access-point mac-address 00:19:92:15:D5:A0
name test
location test
!
interface dot11ap 2/1 radio-type 802.11bg
channel 2
shutdown
!
interface dot11ap 2/1.1
description Wiz_802.11BG_VAP
ssid broadcast-mode "test"
security mode wpa aes-ccmp psk xxxxxxx
no shutdown
!
interface dot11ap 2/2 radio-type 802.11a
channel 40
no shutdown
!
interface dot11ap 2/2.1
description Wiz_802.11A_VAP
ssid broadcast-mode "test"
security mode wpa aes-ccmp psk xxxxxxxx
no shutdown
!
interface dot11ap 3 ap-type nv16x
access-point mac-address 00:19:92:15:D4:60
name frontdesk
location frontdesk
!
interface dot11ap 3/1 radio-type 802.11bg
channel 3
shutdown
!
interface dot11ap 3/1.1
description Wiz_802.11BG_VAP
ssid broadcast-mode "test"
security mode wpa aes-ccmp psk xxxxxx
no shutdown
!
interface dot11ap 3/2 radio-type 802.11a
channel 44
no shutdown
!
interface dot11ap 3/2.1
description Wiz_802.11A_VAP
ssid broadcast-mode "test"
security mode wpa aes-ccmp psk xxxxxxxxx
no shutdown
!
interface dot11ap 4 ap-type nv16x
access-point mac-address 00:19:92:15:EB:20
name NewLocation1
location New Location 1
!
interface dot11ap 4/1 radio-type 802.11bg
shutdown
!
interface dot11ap 4/1.1
description Wiz_802.11BG_VAP
ssid broadcast-mode "test"
security mode wpa tkip aes-ccmp psk xxxxxxxxxx
no shutdown
!
interface dot11ap 4/2 radio-type 802.11a
channel 48
no shutdown
!
interface dot11ap 4/2.1
description Wiz_802.11A_VAP
ssid broadcast-mode "test"
security mode wpa tkip aes-ccmp psk xxxxxxxxx
no shutdown
!
interface dot11ap 5 ap-type nv16x
access-point mac-address 00:19:92:15:ED:80
name NewLocation2
location New Location 2
!
interface dot11ap 5/1 radio-type 802.11bg
channel 5
shutdown
!
interface dot11ap 5/1.1
description Wiz_802.11BG_VAP
ssid broadcast-mode "test"
security mode wpa tkip aes-ccmp psk xxxxxxxx
no shutdown
!
interface dot11ap 5/2 radio-type 802.11a
channel 36
no shutdown
!
interface dot11ap 5/2.1
description Wiz_802.11A_VAP
ssid broadcast-mode "test"
security mode wpa tkip aes-ccmp psk xxxxxxxx
no shutdown
!
ip access-list standard wizard-ics
remark Internet Connection Sharing
permit any
!
ip access-list extended self
remark Traffic to NetVanta
permit ip any any log
!
ip access-list extended web-acl-3
remark admin
permit tcp host xx.xx.xx.xx any eq https log
permit tcp host xx.xx.xx.xx any eq ssh log
!
ip access-list extended web-acl-4
remark NEC DSX
permit tcp any any eq 8000 log
!
ip access-list extended web-acl-5
permit ip any any
!
ip access-list extended web-acl-6
permit ip 192.168.190.0 0.0.0.255 10.0.0.0 0.0.0.255
!
ip access-list extended web-acl-7
permit ip 10.0.0.0 0.0.0.255 192.168.190.0 0.0.0.255
!
ip access-list extended web-acl-8
remark admin1
permit tcp host xx.xx.xx.xx any eq https log
permit tcp host xx.xx.xx.xx any eq ssh log
!
ip policy-class Private
allow list self policy Private stateless
nat source list wizard-ics interface eth 0/1 overload
!
ip policy-class Public
allow list web-acl-3 self
allow list web-acl-8 self
!
ip route 0.0.0.0 0.0.0.0 xx.xx.xx.xx
!
tftp server
no tftp server overwrite
http authentication LoginUseLocalUsers
http server
http secure-server
no snmp agent
no ip ftp server
ip ftp server default-filesystem flash
no ip scp server
no ip sntp server
!
sip udp 5060
sip tcp 5060
!
line con 0
login authentication LoginUseLocalUsers
!
line telnet 0 4
login authentication LoginUseLocalUsers
password encrypted xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
no shutdown
line ssh 0 4
login authentication LoginUseLocalUsers
no shutdown
!
sntp server time.nist.gov
!
end
One thing you have missing is in you DHCP pool the command ip dhcp database local is missing without this any connected devices would have no reference and thus loose there lease. Also have you tried to give the AP's an IP and using probes and tracks see if they drop offline? This can be done fairly easy You will of course have to edit the config on the 3448 to accommodate this. I use the hardcoded IP scheme for the AP's for a management VLAN of sorts. Here is what I have perhaps this will help.
interface vlan 500
description AWCP-Recovery
ip address 192.168.190.254 255.255.255.0
ip route-cache express
no shutdown
!
interface switchport 0/xx
description WAP
no shutdown
switchport mode trunk
switchport trunk native vlan 500
!
interface dot11ap 1 ap-type nv16x
access-point mac-address 00:19:92:13:F9:E0
name xxxxxxxx
location xxxxxxx
ip address 192.168.190.2 255.255.255.0
ip default-gateway 192.168.190.254
encapsulation 802.1q awcp-vlan 500 native priority 7
!
!
interface dot11ap 1/1 radio-type 802.11bg
radio-mode bg
channel 6
no shutdown
!
!
interface dot11ap 1/1.1
description xxxxx
vlan-id x
ssid broadcast-mode xxxxxx
client-separation
security mode wpa aes-ccmp psk xxxxxxx
no shutdown
!
probe wap1 icmp-echo
destination 192.168.190.2
source-address 192.168.190.254
period 10
tolerance consecutive fail 2 pass 2
no shutdown
!
track wap
test list and
if probe wap1
no shutdown
After you setup the WAP's with IP's you will be able to track them using ICMP from the 3448 or whatever device you are using to control the WAP's. Here is an example.
nv1234p#sh probe
Probe wap1:
Current State: PASS Admin. Status: UP
Type: ICMP Echo Period: 10 sec Timeout: 1500 msec
Source: 192.168.190.254 Destination: 192.168.190.2
Data size: 0
Tracked by: wap
Tests Run: 1167781 Failed: 43074
Tolerance: 0 consecutive failures currently, 2 needed to FAIL
Time in current state: 4 weeks, 0 days, 19 hours, 9 minutes, 45 seconds
nv1234p#sh track
Track wap:
Current State: PASS (Admin: UP)
Testing:
probe wap1 (PASS)
Dampening Interval: 1 seconds
Time in current state: 4 weeks, 0 days, 19 hours, 11 minutes, 20 seconds
Track State Changes: 28
Tracking:
I don't use the NV160s, but I'll ask the fundamentals. Are the NV160s also on current firmware? The release notes for 6.9.2-2 may have some helpful information as well (Software Downloads). If you have constant sources of interference, you may have no choice but to reset them daily. Also, () includes a channel-width setting.