02-19-2015 11:34 AM
Does anyone know if it's possible to have Layer 3 mobility between an IAP-based domain and an 3200-controller domain? If this is possible, are there any limitations in terms of how many GRE tunnels any one AP or IAP can support when clients are Layer 3 roaming?
02-19-2015 11:42 AM - edited 02-19-2015 11:43 AM
As far as i aware,You may try,
Aruba Instant support building secure VPN connections to the head end Mobility Controller (MC). This allows wireless and wired users to access the corporate network's resources seamlessly. The traffic forwarding mode is determined by the selection of the station IP address assignment (VPN Mode).
IP allocation by the DHCP daemon in IAP is unique. User specified, the start and end IP address which could be a relatively large subnet, example 172.16.0.0/16. This large subnet will be further subnet by the controller based on the client count specified by users in the IAP. This process is automatic and no configuration is required. The calculated networks range will then be sent back to the IAP once the VPN is established. The following VPN modes are supported:
- Distributed L3
- Distributed L2
- Local *
- Centralized L2 *
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
02-19-2015 12:54 PM
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
02-19-2015 01:23 PM
You typically do not have a controller-based and instant-based deployment within airshot and that is probably why L3 Mobility does not exist.
You can request this is an enhancement, through your local Aruba Sales Team.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
02-19-2015 01:58 PM
Thank you Colin! This is only a stop-gap solution until the customer gets a more powerful controller which can support the full complement of current campus AP's+ new IAP's (converted to campus AP's). I guess they'll have to use Layer 2 roaming instead.