Hi all,
I encounter a strange issue on an Instant-Controller VPN scenario:
IAP connects via VPN Tunnel to an Aruba controller. The IAP is using centralized L2 mode to connect clients on his end. All is basically working fine.
Now recently I upgraded the Aruba controller firmware from 6.4.3.6 to 6.4.3.9. Something must have changed between these two version, for now I can see the IAP clients in the controller monitoring section; the clients received a role called "default-iap-user-role" and they are originating from an AP name called "tunnel 18". Before I only saw the IAP in the clients section.
Now the issue: some of the IAP clients receive the "logon" role, leaving them with no connection to the corporate network (of course the logon role has limiting firewall policies). See the screenshot here:
Can anyone explain how I get these clients also in the default-iap-user-role as the other clients above? Or could this be a bug in recent controller firmware?
Kind regards