03-28-2016 10:54 AM
I have an IAP 215 which I was going to use as part of a 3 IAP remote office deployement. In turns out that the space is small enough where 1 IAP will suffice. Thusly, I plan to convert the IAP to a RAP. Now, the 215 only has one eth port. I will have a shoretel phone which needs to talk back to my corp network. My question is if I configure the eth port on the 215 and the port it connects to on the switch (cisco 2960) as a trunk port to include the shoretel phone vlan/subnet and the shoretel switchport for said vlan will the RAP know to answer DHCP requests and route traffic from the phone over the RAP/tunnel?
03-29-2016 02:33 AM
The short answer to the question is no. It is not possible.
The RAP forms an ipsec tunnel to the controller, within which separate GRE tunnel are formed for the enet1, enet2... port if they are present and configured. Separate GRE tunnels will be formed for every bssid. These GRE tunnels are for the RAP users that are connected to the RAP enet1, enet2... ports and the RAP bssids. Here the phone cannot become a RAP user and the traffice from the phone cannot hit any of the tunnels.
You would need a different RAP with additional enet ports for the requirement.
03-29-2016 04:15 AM
Thanks for the clear answer. Would it the IAP function the same way (seperate GRE tunnel for each BSSID) in IAP mode as oppossed to converting it to a RAP?
03-29-2016 04:45 AM
This IAP is not managed by the controller. It doesn't form GRE tunnels for each bssid to the controller.
If a IAP VPN is setup, that would be one tunnel into which the user traffic would be sent. If you want the phone's traffic to be tunneled to the controller through the IAP, then the phone must first come up on the IAP's client list. This won't happen if the phone is connected to the uplink side of the IAP.
03-29-2016 04:52 AM
catch and send its traffic over tje vpn? Is there a doc u can point me to
that describes this way of getting wired traffic across the vpn?
Sent from Gmail Mobile