How to configure default route to VPN

Aruba Employee

Starting from image 7.4.x.x, we can point the trafffic towards a VPN tunnel. A branch office Mobility Access Switch has VPN tunnel which terminates on a Firewall. Any client non-corporate traffic from Mobility Access Switch is forwarded to the firewall through the VPN tunnel. This requires a default gateway route on Mobility Access Switch pointing to a VPN tunnel.

 

Environment : Remote Networking

 

 A branch office Mobility Access Switch has VPN tunnel  towards the corporate network.

 

Configuring Default Route to VPN:

You can use the following command to configure the default route to a VPN tunnel:

(host) (config) #crypto-local ipsec-map <map-name> <map-number>
(host) (config-ipsec-map) #dst-net 0.0.0.0 0.0.0.0
 
Sample Configuration:

(host) (config) #crypto-local ipsec-map map-firewall 10
(host) (config-ipsec-map) # peer-ip 20.1.1.2
(host) (config-ipsec-map) # local-fqdn test.arubanetworks.com
(host) (config-ipsec-map) # interface vlan 2
(host) (config-ipsec-map) # src-net 4.1.1.0 255.255.255.255
(host) (config-ipsec-map) # dst-net 0.0.0.0 0.0.0.0
 
 
Verifying Default Route Configuration:

Use the following command to verify the default route to VPN configuration:
(host) #show ip route
Codes: C - connected
O - OSPF, O(IA) - OSPF inter area
O(E1) - OSPF external type 1, O(E2) - OSPF external type 2
O(N1) - OSPF NSSA type 1, O(N2) - OSPF NSSA type 2
M - mgmt, S - static, * - candidate default
D - DHCP
C 0.0.0.0 /0 [1] is an ipsec map: map-firewall
Version history
Revision #:
1 of 1
Last update:
‎04-07-2015 01:57 PM
Updated by:
 
Labels (1)
Contributors
Comments
sw1tch8

I'm trying to configure this same setup with an OmniAccess 4302, but since it's EOS'd, it doesn't look like this "feature" exists. Any alternatives to make this work?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.