Aruba Instant & Cloud Wi-Fi

Reply
Occasional Contributor II
Posts: 45
Registered: ‎09-01-2012

IAP virtual controller manage APs via site-to-site VPN

hy all,

 

i'm having an issue trying to configure an IAP-93 to be managed via site-to-site VPN from a IAP-93 with a Virtual Controller enabled.

i've checked that each can access other (ping), and checked also that each of them have the autojoin enabled.

 

did i miss something ?

should i disable auto-join and add them manually ?

 

any clues /advices are welcome :)

MVP
Posts: 2,954
Registered: ‎10-25-2011

Re: IAP virtual controller manage APs via site-to-site VPN

Okay what are you trying to do?

You got a IAPs 93 on a remote site and you want to manage it via web but you cannot and you can ping it?

 

Okay do you happen to have the ports open?  at least the administration of the IAP on version 6.2 the administration port its 4343... im not sure in older releases if its the same ports.... if it just use por https...

Check the ports the rules  to see if you filering that port.... if you are open it and try again

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Frequent Contributor I
Posts: 64
Registered: ‎02-28-2012

Re: IAP virtual controller manage APs via site-to-site VPN

It is impossible if you try to join 2 IAP-93 on different subnet.

Instant AP will only autojoin on the same subnet.

 

Try layer-2 VPN, it might works.

 

Occasional Contributor II
Posts: 45
Registered: ‎09-01-2012

Re: IAP virtual controller manage APs via site-to-site VPN


slickers wrote:

It is impossible if you try to join 2 IAP-93 on different subnet.

Instant AP will only autojoin on the same subnet.

 

Try layer-2 VPN, it might works.

 


why ?

 

can you explain how to auto-join works ?

my reseller told that i could join 2 IAP-93 using VPN, so i'm pretty confused :(

MVP
Posts: 2,954
Registered: ‎10-25-2011

Re: IAP virtual controller manage APs via site-to-site VPN

[ Edited ]

well your reseller is confused... im a reseller also but in my country and you cant do that...

Because thas how it works... they must be in the same network,  in the same vlan...

When you turn an IAP he will try looking for a IAP for a VC(virtual controller),  in the same subnet... if he is not able to find one then he will form a new VC.  He does this via papi protocol and aruba propietary protocols and this is just done by the L2 network.

 

Now if you have it in different vlans, or network, then he will be not able to ifnd the other IAP...  This is how it works.

They will be 2 differente Virtual clusters...

The only way you can do that would be with a GRE tunnel or something like that in which you can build inside the VPN tunnel and pass the vlan to the other site...

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Occasional Contributor II
Posts: 45
Registered: ‎09-01-2012

Re: IAP virtual controller manage APs via site-to-site VPN

any chance this would work using L2TP/IPSEC VPN  instead of IPSEC VPN ?

Search Airheads
Showing results for 
Search instead for 
Did you mean: