Moto tier 3 support rocks AP server ping not responding

Any bad thing I have said about moto support is hereby rescinded!!

We escalated to a tier 3 support status, and let me tell you these guys rock.

we are having problems, whereas our SMs quit authenticating through Prizm. They had me try a bunch of stuff, nothing worked, so we set up an ultra VNC connection for them to get right onto the server and troubleshoot. Its awesome watching them work, gives you an insite into moto troubleshooting techniques.

Heres where we are, they telnetted to the AP and pinged back to the Server, it wont respond. But pinging the AP from the server is all good. We can ping all the way back to the physical switch the server is connected to, we can ping other stuff on the subnet, etc. We are on a bridged network, no router between the AP and the server. We can ping every hop between (backhauls, switches, etc). This is Win server 03, no internet security turned on, no firewall turned on, all that is installed is the prizm and related software, and it was a fresh server install. We are perplexed. Tracerouting to the AP is direct.

Any suggestions?

Oh yeah, moto support rocks!!

buggered bridge tables.

Reboot everything working outward starting at the main router, then root switch, then server, then BH’s, then CMM’s, then AP’s.

That should clear it up

we discovered a fortinet

A what?

A firewall…

They make some pretty nice equipment as an alternate to other peoples gear…

I would suspect running traceroutes you could have found it pretty easily. Usually you know how many hops are between you and your core gear.

Where was it in the network that it had to be “discovered”?

I’m trying to figure out how it was affecting return pings from the AP to the server unless it was installed between the switch and the server.

I’d also like to know.

I’m guessing the same as you Jerry.

we physically discovered it, it was running in pass through mode for dns servers on the switch that the prizm server was connected to, so it didnt show up in traceroute.
It was placed there to firewall the dns servers on the internal network.

this particular switch is connected to our wireless network switch, the fortinet was between them blocking incoming traffic

You probably could have poked a few more holes in the firewall and got it working just right, could you not?

I have always found that any firewall between customers and the internet is just asking to cause problems.

This is a test server, we just reconfigured the cabling to get a direct path to the wireless network, ultimately this will sit in the server room on the wireless network

I would think one would want their prizm server behind a firewall, while their customers are not.

In this type of situation, does anyone know what ports need to be opened so that the AP’s can communicate properly with Prizm?

How do you get that kind of support?

my boss got it somehow, i dont know if we are paying extra or not for it, but if we are, to me its worth alot

I think the moto engineer he has been in contact with arranged it, but its super nice