01-13-2016 01:50 AM - edited 01-13-2016 01:51 AM
I have a question about Instant VPN with Distribiuted, L2 for guest access.
Let's assume that we have 3 branch one for 64 address and other two for 32.
We are using network 10.0.0.0/24 just for that. Controller in HQ has vlan inteface address 10.0.0.1 for guest network.
What should I put in IP Address Range in each branch? Sparate range for each branch like (10.0.0.128-10.0.0.191, 10.0.0.192-10.0.0.223, 10.0.0.224-10.0.0.255) ?? Or just one big range and BID algorithm take care about it based on Branch Size??
01-13-2016 05:37 AM
BID Algorithm will take care of splitting it up based on branch size.
See below from the Instant 4.1 user guide.
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
01-13-2016 05:49 AM
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
01-13-2016 05:50 AM - edited 01-13-2016 05:54 AM
There are correct, I hope and mostly that configuration is working but it happen few times that traffic is not passing in tunnel. IP is assigned and thats all, no traffic is going to tunnel. Strange things is that other SSID that it is tunneled in that time works fine.
On AP i see that kind of error but i don't kow if it mean somthing important:
stm| Unexpected stm (Station management) runtime error at update_sta_flag, 2208, Doesn't send rc_stop_acct_req when captive portal + auth mode
Could not add ECP rule: ECP profile 'CaptivePortal' not found
01-13-2016 06:17 AM
I think we manage find some temporary solution how to fix issue till next occurs.
Change Captive portal profile form custom name to default, save settings and get back again to custom name.
I try to open TAC ticket and describe that issue and inform You about results.
Instant firmware: 184.108.40.206-220.127.116.11_52666