Wireless Access

Reply
New Contributor
Posts: 2
Registered: ‎06-14-2016

7010 multiple vlan's and a management interface

Hello,

 

We need to offer our company's SSID in a building which network is managemed by a different party using Aruba equipement, us using Cisco. The idea is to build a tunnel from their Aruba controller to our Aruba controller (Cisco and Aruba wireless is hard to make each other understand) and connect the specific SSID vlan to the Cisco L3 switch onto which also the Cisco guest controllers are connected.

So the idea is to configure a vlan on our Aruba 7010 matching the SSID vlan, and 'bind' it to a specific port on this controller, disable the other ports except the management port for in band management. And 1 port specific for the tunnel setup.

 

But how do I create the right setup in order to have the management traffic seperated? I'm not able to create a default route for the management interface: 

Error: Default gateway cannot be in the subnet of management interface

Seems an Aruba 7010 does have a routing  virtualization like a Cisco Lite VRF.

 

Any ideas?

 

Cheers,

Andre

Guru Elite
Posts: 21,023
Registered: ‎03-29-2007

Re: 7010 multiple vlan's and a management interface

I would not bother with the management interface.  It does not really apply to current controller models that are being produced.  Back in the day, there was a separate physical management port that had no routing and you could give it an ip address via the management interface.  Don't do that, because it will not work and will cause ip conflicts of you try to make it work like that.

 

You mentioned a whole set of things, but it would best if you post a network diagram so we know what you are trying to accomplish.  I think I understand, but it is best that you give us a startingpoint so that we know that we are talking about the same thing.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 2
Registered: ‎06-14-2016

Re: 7010 multiple vlan's and a management interface

Hello Collin,

 

Ok so better to create a separate management vlan on the 7010 and point it to a specific interface I guess?

A quick and (hopefully not to) dirty network diagram :wireless.png

 

Much appreciated!

Cheers,

Andre

Guru Elite
Posts: 21,023
Registered: ‎03-29-2007

Re: 7010 multiple vlan's and a management interface

You can make any VLAN a management VLAN.  The question is, what do you want to do with that ip address, just manage the controller?  If that is the case, any ip address on the controller would suffice.

 

It sort of looks like you want users at another site to access a VLAN at your site via a site to site VPN.

 

You could create a site to site VPN that bridges traffic from one site to another.  Please see the article here:  http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-connect-a-private-VLAN-over-the-Internet-with-security/ta-p/177818



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: