Controllerless Networks

last person joined: 2 days ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

Aruba Ipsec tunnel

This thread has been viewed 13 times

  • 1.  Aruba Ipsec tunnel

    Posted Aug 20, 2014 06:19 PM

    Hi All,

     

    i'm trying to set up an L2 tunnel between an IAP93 and a 3200XM Mobility controller. i'd like to know what are the steps to follow to configure that, especially on the controller side. Actually, i've configured the whitelist and the inner pool IP but it seems that something is missing.

     

    As far as i understand, an Ipsec tunnel is first established between the IAP and the controller, then an L2TP tunnel is set. I assume that the show crypto isakmp sa and show crypto ipsec sa are the commands to execute in order to see if the ipsec tunnel is well established, i would love to know what are the commands to troubleshoot the L2TP tunnel.

     

    Many thanks guys!!



  • 2.  RE: Aruba Ipsec tunnel

    EMPLOYEE


  • 3.  RE: Aruba Ipsec tunnel

    EMPLOYEE
    Posted Aug 20, 2014 07:58 PM
    Are you running iap 4.0+ and AOS 6.4?

    If so, please see this note.

    From Controller 6.4+ release and IAP 4.0+ release, IAP can form VPN tunnel to controller only if they are
    managed by Aruba Central or Airwave; not if they are locally managed.

    If one wants IAP pre-4.0 VPN deployments or locally-managed IAPs to form VPN tunnel to an AOS-
    6.4+controller, a configuration is explicitly needed to bypass this check. To allow a single branch or all
    branches use the following commands

    iap trusted-branch-db add mac-address

    iap trusted-branch-db allow-all


  • 4.  RE: Aruba Ipsec tunnel

    Posted Aug 21, 2014 03:47 AM

    Seth,

        I assume that these commands are for the controller. What mac address needs to be used, the VC MAC address?