Aruba AP-303 (Instant On AP-11) VLAN issues

I successfully installed OpenWrt on Aruba AP-303, but I can't seem to get VLAN working.

This AP doesn't have a switch so I'm trying to enable driver-level VLAN. I'm currently using two VLANs, vlan 1 and vlan 11.

I tried setting the 'lan' interface to eth0.1 and strangely enough the AP can get an IP via DHCP, but doesn't reply to any incoming packets, not even ARP (I tried sending both tagged and untagged requests). It won't reply to 'who has' ARP so I can't connect to the AP.
I'm still connected via UART so I tried to debug:
I installed tcpdump on OpenWrt and the packages do arrive on eth0.1 but aren't handled by the CPU.
If I ping out, tcpdump sees the ARP packages of openwrt trying to find the MAC of the IP I want to ping, but these packets actually never arrive on the switch.

To find out what's going on I gave this AP (192.168.50.2) and another OpenWrt AP (192.168.50.1) static IPs on vlan 11 and had them ping each other.

This is the Aruba AP tcpdump:

10:46:58.203051 ARP, Request who-has 192.168.50.2 tell 192.168.50.1, length 42
10:46:58.432694 ARP, Request who-has 192.168.50.1 tell 192.168.50.2, length 28
10:46:59.230896 ARP, Request who-has 192.168.50.2 tell 192.168.50.1, length 42
10:46:59.472290 ARP, Request who-has 192.168.50.1 tell 192.168.50.2, length 28

It doesn't reply to 'who-has 192.168.50.2'. And the 'who-has 192.168.50.1' will not show up on the tcpdump of the other AP, it can only see its own outgoing requests.

I'm currently out of ideas on what else I can try. Does anyone have some ideas?

This is my current network setting:

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdba:de5a:8608::/48'

config interface 'lan'
        option ifname 'eth0'
        option proto 'dhcp'

config interface 'ffclient'
        option delegate '0'
        option ifname 'eth0.11'
        option proto 'static'
        option ipaddr '192.168.50.2'
        option netmask '255.255.255.0'

This was my first network setting, which didn't work either but the AP managed to get an IP via dhcp for some reasons.

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdba:de5a:8608::/48'

config interface 'lan'
        option ifname 'eth0.1'
        option proto 'dhcp'

Hi,

the fact that you can see the packets in a tcpdump but they're not replied to points to a firewall configuration thing.
Personally I'd just use luci and configure everything there, but you could try to setup firewall groups for each interface.

For a quick test you could also just completly drop all firewall rules with a iptables -F && iptables -F -t nat. (reboot after you're done with that test).

I've already checked the firewall and it's set to allow anything for now. Flushing iptables didn't help.

Same Problem here. Any body with success?

Hi @miyuuli,

I read this thread recently while trying to flash openwrt AP-303h onto an AP-11d. You seem to be successful in flashing openwrt on a AP-303. I think the process should be similar enough to that for the AP-303H. If your times permits, would you be able to advise me on how it was done? I have documented my issues in this post -

Thank you.