01-08-2013 01:02 AM
I would like to use IAPs for a customer with many branches. I plan to use a small controller at the central site as VPN concentrator for the IAPs for central outbreak guest access.
To choose the right controller I need to know if every IAP in an IAP group opens his own IPSEC Tunnel or is only the master opening one per IAP grp.
Which license is needed on the central controller that is only doing vpn termination. In my opinion just one PEFNG should be enough to enable VPN.
01-11-2013 03:51 PM
The VC of an IAP group will create a single IPSec tunnel to the controller.
With AOS 6.2 running on the controller there are no licenses specifically needed. The VPN concentrator function is part of the Base OS. There was a bug, however, in the 6.1 Technology Release, and PEFV was a workaround.
07-31-2013 01:40 AM
Yes to both questions
Here you go :
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
08-13-2013 07:10 AM
I have tried to create an IPSEC tunnel to a firewall, but without success. I can not set any pre-shared keys and I do not understand how to use and load certificates in order to create IPSEC tunnels to a FW.
The manual does not show any details unfortunately.
08-28-2013 08:39 AM
It is not true that IAP can create IPSec to the firewall. You can do Instant VPN only between Instant VC and Aruba Controller, however in 18.104.22.168-3.4 there is a support for L2TPv3.
Something cool, helpful or interesting in my post - click the Kudos Star.
Helped to solve your problem - Click Accept as Solution