Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Issue on wifi clients using DHCP KEA (Aruba AP22 access points)

    Scheduled Pinned Locked Moved DHCP and DNS
    1 Posts 1 Posters 133 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tcavaleiro
      last edited by

      Hello hello,

      Due to installing a new UPS I had recently to power off all gear. Network switches, access points, TrueNAS server, Fiber Modem, Unifi cameras, PfSense, etc...

      So once the new UPS was put in place started gradually powering up the devices however the AP22 were not able to reach the normal state of green-green (left led-right led).
      This happens sometimes because Aruba IO portal is down or because the APs have started too soon in the sequence... etc.. the workaround is normally restart the APs once the network switch and pfsense router has stabilized.

      The issue this time is that the APs never got proper green-green leds after restarting few times the AP's and then in isolation the pfsense firewall.

      What is interesting all this time is that TrueNAS and other cable clients (VMs, laptops) were fine regarding internet and internal network access. DNS was working fine, etc..
      Even the Unifi cameras were able to connect for a period of time then disconnect, then later again connected..etc.. (I then discovered that whilst the AP22 was showing orange on the left LED it was actually able to transmit/receive unifi cameras traffic internally).

      So this led me to think that it could be a KEA issue, after seen so many reports. I then switched to ISC DHCP restarted the pfsense firewall and to my surprise it started working correctly.

      What I still cannot understand is how the original switch to KEA during the last pfsense upgrade, revealed no issues whatsoever. So only after (1, 2?) months I restarted the pfsense I was able to see this issue.

      Now remaining question, how best to troubleshoot this issue?
      I used port mirroring when still using KEA and I could see the DHCP solicit and the ACK.

      Also today I switched back to KEA to confirm this is actually something related with this service. Now need to switch back to ISC DHCP to avoid more complaints and service downtime.

      Any suggestions how to move forward? Should we keep using ISC until is completely dead? Get away from Aruba AP22's?

      pfsense gear is

      Serial: ****
Netgate Device ID: ****
BIOS 	Vendor: American Megatrends Inc.
Version: V1.10_5
Release Date: Fri Jun 8 2018
Boot Method: BIOS
Boot Environment 	Current: default
Next: default
Version 	24.11-RELEASE (amd64)
built on Sat Jan 11 16:11:00 WET 2025
FreeBSD 15.0-CURRENT

The system is on the latest version.
Version information updated at Mon Mar 10 17:58:10 WET 2025  
CPU Type 	Intel(R) Atom(TM) CPU C3558 @ 2.20GHz
4 CPUs : 1 package(s) x 4 core(s)
AES-NI CPU Crypto: Yes (active)
IPsec-MB Crypto: Yes (inactive)
QAT Crypto: Yes (inactive)

      Thanks.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.