ArubaOS and Controllers

Reply
Occasional Contributor II

ip mobility domains tunnels

hi all,

i want to know when a mobile user connects from foreign agent, and the foreign agent builds a tunnel with the home agent to tunnel back the mobile user's traffic

does this tunnel GRE or IPsec tunnel

if it is a GRE tunnel how could i make it IPsec tunnel to cover the case when the home agent and foreign agent are connected through untrusted network (internet)

thnx in advance
MVP

Re: ip mobility domains tunnels

I'm 90% sure they are IPsec.
==========
Ryan Holland, ACDX #1 ACMX #1
The Ohio State University
Occasional Contributor II

Re: ip mobility domains tunnels

Hi,

thanks Ryan for your reply,

perhaps some one of Aruba Engineers could tell us for sure what is the type of the connection
Regular Contributor I

Re: ip mobility domains tunnels

I'm sure that it's a GRE tunnel
MVP

I was wrong

I am retracting my earlier suggestion. It is actually an IPIP tunnel as of v6.2. Here's some output as an example:


(10.10.10.2) #show datapath session table 10.10.10.1

Datapath Session Table Entries
------------------------------

Flags: F - fast age, S - src NAT, N - dest NAT
D - deny, R - redirect, Y - no syn
H - high prio, P - set prio, T - set ToS
C - client, M - mirror, V - VOIP
I - Deep inspect, U - Locally destined

Source IP Destination IP Prot SPort DPort Cntr Prio ToS Age Destination TAge Flags
-------------- -------------- ---- ----- ----- ---- ---- --- --- ----------- ---- -----
10.10.10.1 10.10.10.2 17 434 434 0/0 0 0 1 local 1f FY
0/0 0 0 2 local FY
10.10.10.2 10.10.10.1 17 434 434 0/0 0 0 1 local 1f FC
0/0 0 0 2 local FYC
10.10.10.2 10.10.10.1 4 0 0 0/0 0 0 0 local 46e FC
0/0 0 0 77 local FYC
10.10.10.1 10.10.10.2 4 0 0 0/0 0 0 0 local 46e F
0/0 0 0 77 local FY

(10.10.10.2) #show datapath tunnel table | include 10.10.10.1
979 10.10.10.2 10.10.10.1 4 IPIP 1500 0 0 0 0 00:00:00:00:00:00 34842995 30877400 0 28 0 T
==========
Ryan Holland, ACDX #1 ACMX #1
The Ohio State University
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: