08-20-2014 03:19 PM
i'm trying to set up an L2 tunnel between an IAP93 and a 3200XM Mobility controller. i'd like to know what are the steps to follow to configure that, especially on the controller side. Actually, i've configured the whitelist and the inner pool IP but it seems that something is missing.
As far as i understand, an Ipsec tunnel is first established between the IAP and the controller, then an L2TP tunnel is set. I assume that the show crypto isakmp sa and show crypto ipsec sa are the commands to execute in order to see if the ipsec tunnel is well established, i would love to know what are the commands to troubleshoot the L2TP tunnel.
Many thanks guys!!
08-20-2014 03:23 PM
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
08-20-2014 04:57 PM
If so, please see this note.
From Controller 6.4+ release and IAP 4.0+ release, IAP can form VPN tunnel to controller only if they are
managed by Aruba Central or Airwave; not if they are locally managed.
If one wants IAP pre-4.0 VPN deployments or locally-managed IAPs to form VPN tunnel to an AOS-
6.4+controller, a configuration is explicitly needed to bypass this check. To allow a single branch or all
branches use the following commands
iap trusted-branch-db add mac-address
iap trusted-branch-db allow-all
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos