ArubaOS and Controllers

Reply
New Contributor
Posts: 4
Registered: ‎08-17-2010

Guest Network off in the DMZ

Our customer has a master-local setup. Local controllers are where all the APs terminate to. Now the customer wants us to re-direct all guest traffic (internet only) out the DMZ. We are basically going to acquire 2 more controllers and are expected build an tunnel between the 2. I had the following questions:

Where is the best place to build the tunnels and what type of tunnel - GRE or IPSEC? Would it be similar to another master-local setup?
What would route traffic over the newly built IPSEC tunnel? Is it just a default route pointing to the other end of the tunnel?
What are the best practices in terms of configuring the DMZ controllers?
Is there a best practice/design guide to help walk me through this?
Guru Elite
Posts: 20,553
Registered: ‎03-29-2007

Re: Guest Network off in the DMZ


Our customer has a master-local setup. Local controllers are where all the APs terminate to. Now the customer wants us to re-direct all guest traffic (internet only) out the DMZ. We are basically going to acquire 2 more controllers and are expected build an tunnel between the 2. I had the following questions:

Where is the best place to build the tunnels and what type of tunnel - GRE or IPSEC? Would it be similar to another master-local setup?
What would route traffic over the newly built IPSEC tunnel? Is it just a default route pointing to the other end of the tunnel?
What are the best practices in terms of configuring the DMZ controllers?
Is there a best practice/design guide to help walk me through this?




If there is NO Nat Boundary, GRE is the way.
Please see the article here : http://airheads.arubanetworks.com/vBulletin/showthread.php?t=1485


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: