Controllerless Networks

Reply
Occasional Contributor II
Posts: 18
Registered: ‎07-06-2012

IAP GRE Through VPN To Controller

Hello All,

 

I currently have controllers configured to create an IPSEC tunnel and then run a L2 GRE tunnel through that IPSEC back to a DMZ'ed controller.  I'd like to do the same for a Virtual Controller on an IAP cluster.  I currently have a VPN tunnel configured and it's established but am having some issues getting the L2 GRE portion created.  Is this accomplished through configuring a DHCP server in Centralized L2 mode?  I currently have that configured with the VLAN that exists on the DMZ'ed controller that has the VPN tunnel terminated referenced but the client never gets an IP address assigned.  I checked the logs on the DMZ'ed controller and saw these messages, not sure if it has any relevance:

 

Oct 2 09:31:16 IAP manager Process[2435]: <342001> <ERRS> |IAP manager Pro| handle_iap_dpp_vlan_add: branch e441467e01143eae9ec0ca80f658e257864aabb51462eefea2 does not exist
Oct 2 09:43:40 IAP manager Process[2435]: <342001> <ERRS> |IAP manager Pro| handle_iap_dpp_vlan_del: branch e441467e01143eae9ec0ca80f658e257864aabb51462eefea2 does not exist
Oct 2 09:43:46 IAP manager Process[2435]: <342001> <ERRS> |IAP manager Pro| handle_iap_dpp_vlan_add: branch e441467e01143eae9ec0ca80f658e257864aabb51462eefea2 does not exist

 

Anyone have any suggestions? 

 

Thanks,

 

Brian

Regular Contributor I
Posts: 187
Registered: ‎03-27-2013

Re: IAP GRE Through VPN To Controller

Hi,
i have encountered the same problem this morning i have solved using this command on the controller
#iap trusted-branch-db add mac-address <mac of IAP>.

 

After i have used:

#show iap trusted-branch-db

 

And you can see the mac added with the previous command.

 

I hope that this can help you too.

 

Regards

Andrea

Andrea
Regular Contributor I
Posts: 187
Registered: ‎03-27-2013

Re: IAP GRE Through VPN To Controller

Hi,

have you solved your issue?

 

Best regards

Andrea

Andrea
Search Airheads
Showing results for 
Search instead for 
Did you mean: