06-13-2011 06:51 AM
error adding/editing netdestination:invalid ip address/netmask
The ip address and netmask are absolutely correct it is a 208. public address with a netmask of 255.255.255.128. Any help would be appreciated.
06-13-2011 07:05 AM
If you are pointing to your 'internal' network then you would not use a public / 208 addr.
Typically a split tunnel user data policy looks something like this, where 10.0.0.0 is your internal addressing:
user network 10.0.0.0 any permit
user any any route src-nat
06-13-2011 07:35 AM
Under the alias section, click New. Enter a name in the Destination Name field.
a. Click Add.
b. For Rule Type, select Network.
c. Enter the public IP address of the controller.
d. Enter the Network Mask/Range.
e. Click Add to add the network range.
f. Click Apply. The new alias appears in the Destination menu.
So should i use the public ip or the private ip of the controller?
06-13-2011 09:18 AM
06-13-2011 10:05 AM
I did a manual search and found the reference on page 218 of the AOS 6.1 user guide. That should indeed be the internal IP address(es) of your network.
The Remote AP (RAP) itself needs to have *knowledge* of the public IP address of the controller, BUT the users/user policies do not.
Please use the internal addressing (10.x.x.x, 172.16.x.x, 192.168.x.x) for your network in the user role policies as I have earlier in the thread. That should work.