Wireless LAN
Reply
Contributor
relaxwifi
Posts: 31
Registered: ‎03-08-2012
0
Accepted Solution

Mesh fails to work..

Hi,

 

I have playing with this for a couple of weeks and still cannot get this to work.

 

AP 1 is the Mesh Portal and AP 2 and AP 3 are the mesh clients.

 

Can anyone spot something wrong with my config?

 

When I detach AP2 and AP 3 they fail to become clients of AP 1.

 

I have removed some of the non mesh specific config to keep the config short.

 

set ip route default 10.10.10.1 1
set system ip-address 10.10.10.5
set service-profile Mesh ssid-name mesh_link
set service-profile Mesh auth-fallthru last-resort
set service-profile Mesh psk- encrypted 055f0756724d1d594e544e42095905792d747c3063274b5f415407045b0e510d0d544e410f0a040054000c590c575e0d035147555d5a0d515c204d180849071116
set service-profile Mesh mesh mode enable
set service-profile Mesh 11n mode-na disable
set service-profile Mesh 11n mode-ng disable
set service-profile Mesh wpa-ie cipher-ccmp enable
set service-profile Mesh wpa-ie auth-psk enable
set service-profile Mesh wpa-ie auth-dot1x disable
set service-profile Mesh rsn-ie cipher-ccmp enable
set service-profile Mesh rsn-ie auth-psk enable
set service-profile Mesh rsn-ie auth-dot1x disable
set service-profile Mesh wpa-ie enable
set service-profile Mesh rsn-ie enable
set service-profile Mesh transmit-rate 11g mandatory 1.0,2.0,5.5,11.0,24.0 beacon-rate 2.0 multicast-rate AUTO
set service-profile Mesh transmit-rate 11ng mandatory 1.0,2.0,5.5,11.0,24.0 beacon-rate 2.0 multicast-rate AUTO
set enablepass password a5b128d8f066e0c20f714ccb3a1b43aab6cf
set authentication mac ssid mesh_link * local
set user admin password encrypted 12090404011c03162e
set mac-user 00:0b:0e:c2:d7:7f
set mac-user 00:0b:0e:c2:d8:3f
set radio-profile Mesh_Radio
set radio-profile Mesh_Radio auto-tune channel-config disable
set radio-profile Mesh_Radio dfs-channels enable
set radio-profile Mesh_Radio service-profile Mesh
set radio-profile default
set radio-profile default 11n channel-width-na 20MHz
set radio-profile default service-profile default
set radio-profile default auto-tune channel-config disable
set radio-profile default dfs-channels enable
set ap security none
set ap 1 serial-id 0893900478 model MP-432
set ap 1 fingerprint c9:26:6c:81:75:91:17:9a:fc:ad:04:c0:46:1d:97:9f
set ap 1 time-out 120
set ap 1 power-mode high
set ap 1 radio 1 radio-profile default mode enable
set ap 1 radio 1 auto-tune max-power 20
set ap 1 radio 2 radio-profile Mesh_Radio mode enable
set ap 1 radio 2 auto-tune max-power 20
set ap 1 radio 2 load-balancing disable
set ap 2 serial-id 0893900596 model MP-432
set ap 2 fingerprint 73:b5:57:72:db:c2:bb:1d:02:ef:5b:d4:66:d0:9b:f2
set ap 2 time-out 120
set ap 2 radio 1 radio-profile default mode enable
set ap 2 radio 2 radio-profile Mesh_Radio
set ap 3 serial-id 0893900599 model MP-432
set ap 3 fingerprint d6:9d:98:75:72:76:3b:7d:b2:b9:dc:5a:61:77:02:d5
set ap 3 time-out 120
set ap 3 radio 1 radio-profile default mode enable
set ap 3 radio 2 radio-profile Mesh_Radio
set load-balancing strictness med
set port poe 1 enable
set port 7 name management
set vlan 2000 name Guest_Access
set vlan 2000 port 7 tag 2000
set vlan 2000 port 1 tag 2000
set vlan 1000 name Management
set vlan 1000 port 7 tag 1000
set vlan 1000 port 1tag 1000
set interface 2000 ip 172.1.1.253 255.255.255.0
set interface 1000 ip 10.10.10.5 255.255.255.192



 

AP: 1

IP Address:  Disabled
VLAN Tag:    Disabled
Switch:      Disabled

Mesh:        Disabled

IP Address:
Netmask:
Gateway:
VLAN Tag:
Switch IP:
Switch Name:
DNS IP:
Mesh SSID:         mesh_link
Mesh PSK:    68794aadf6410bb967ad4a7fe103f168fc8372eef191a3404b482aca1eee8e04

AP: 2

IP Address:  Disabled
VLAN Tag:    Disabled
Switch:      Disabled

Mesh:        enabled

IP Address:
Netmask:
Gateway:
VLAN Tag:
Switch IP:
Switch Name:
DNS IP:
Mesh SSID:         mesh_link
Mesh PSK:    68794aadf6410bb967ad4a7fe103f168fc8372eef191a3404b482aca1eee8e04

 

AP: 3

IP Address:  Disabled
VLAN Tag:    Disabled
Switch:      Disabled

Mesh:        enabled

IP Address:
Netmask:
Gateway:
VLAN Tag:
Switch IP:
Switch Name:
DNS IP:
Mesh SSID:         mesh_link
Mesh PSK:    68794aadf6410bb967ad4a7fe103f168fc8372eef191a3404b482aca1eee8e04


Recognized Expert
Mike.S
Posts: 246
Registered: ‎09-12-2011
0

Re: Mesh fails to work..

[ Edited ]

Do the PSKs match? It's impossible to tell just by looking at the config.

make sure:
set service-profile Mesh psk-phrase foo123456789
set ap 2 boot-configuration mesh psk-phrase foo123456789
set ap 3 boot-configuration mesh psk-phrase foo123456789

If AP 1 is the mesh portal, it doesn't need it's bootconfig set (but it doesn't hurt, either).

You don't need this, the APs will connect last-resort without it:
set authentication mac ssid mesh_link * local
set mac-user 00:0b:0e:c2:d7:7f
set mac-user 00:0b:0e:c2:d8:3f

Here's an excerpt of what works for me:

set service-profile mesh ssid-name mesh
set service-profile mesh beacon disable
set service-profile mesh auth-fallthru last-resort
set service-profile mesh psk-encrypted [redacted]
set service-profile mesh mesh mode enable
set service-profile mesh wpa-ie auth-psk enable
set service-profile mesh wpa-ie auth-dot1x disable
set service-profile mesh rsn-ie cipher-ccmp enable
set service-profile mesh rsn-ie auth-psk enable
set service-profile mesh rsn-ie auth-dot1x disable
set service-profile mesh rsn-ie enable
set radio-profile mesh auto-tune channel-config disable
set radio-profile mesh rf-scanning mode passive
set radio-profile mesh service-profile UserWLAN
set radio-profile mesh service-profile mesh

Contributor
sanjair
Posts: 32
Registered: ‎01-09-2011
0

Re: Mesh fails to work..

Please reach out to JTAC if this is still an issue.

 

One way to simplify the configuration is to use one encryption/cipher type. for example (WPA2/AES) and disable other combinations and MAC authentication.

 

 

Contributor
relaxwifi
Posts: 31
Registered: ‎03-08-2012
0

Re: Mesh fails to work..

Thanks Mike.

 

I re-worked all the PSK's and now it work again.

 

 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.