Data Center

Reply
Contributor II
Posts: 75
Registered: ‎05-06-2014

Controller as a site-to-site VPN device, with FW (no APs) - is PEF required, PEFV or both...?

I will be using a 7000-series controller to terminate incoming encrypted tunnels from outlying controllers.

I will then be using firewall filters to permit only certain traffic to specific attached hosts.   This controller will have no APs.

I may also want to limit the traffic going into the tunnels, at either / both ends, using similar rules.   

The outlying controllers will have APs, so definitely need PEF.

 

Which controller(s) need PEFV license?

Does my central 'VPN/FW only' controller need (presumably a single) PEF license?

Guru Elite
Posts: 21,010
Registered: ‎03-29-2007

Re: Controller as a site-to-site VPN device, with FW (no APs) - is PEF required, PEFV or both...?

If you only want to do site to site VPN, no licenses are required.

If you want to do site to site and have ACLs permitting traffic, you need the PEF license.

PEFV is only needed for the VIA VPN client.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: