Wireless Access

Reply
Occasional Contributor II

Access to internal network - VIA

I´m currently trying to connect with VIA-VPN. I´m able to connect to the controller but not to access the internal network.

I created an internal vlan (operstate up) with an ip inside the vpn-ip-pool. And i activated Inter-VLAN routing in the vpn and the internal network.

What configuration step is missing?

 

show datapath session: shows me that when trying to ping from the internal network to the vpn the destination is the default gateway and not the tunnel? how can this get fixed?

 

Kind regards

Re: Access to internal network - VIA

Did you confiure the via tunneled networks? those are the networks that you will be able to reach from via in theinternal network... for example i got a few networks in there that i got in there configured  which are the ones that i want to access internally

VIA.PNG

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp

Re: Access to internal network - VIA

If thats not the issue illl need to see the config... to help you.... it could be a running config, it could be screenshot, or you can step by step tell me what you configured....

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Occasional Contributor II

Re: Access to internal network - VIA

thanks for your help.

yes i also configured my tunneled networks

 

meanwhile i solved it with NAT and it works fine.

Re: Access to internal network - VIA

Nice

But it should work also with intervlan and with no nat... i got it set that way and it works perfectly

 

Did you onyour switch core declare the route poiting to the wireless controller?

did you put intervlan routing on the interface that is connecting to the core router?Not the interface that you are declaring for the vpn i mean the one that got the default gateway that points to the core switch

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Frequent Contributor II

Re: Access to internal network - VIA

thank you, NightShade1.

 

I couldn't find out why my VIA-connection wasn't able to ping the internal network. I then enabled inter-vlan-routing on both the internal-vlan and the vlan with the default gateway for the controller and now it works.

 

I just don't understand why it's neccessary, because my setup is this:

 

internal network 10.0.1.0 (255.255.255.0).

controller ip: 10.0.1.6

 

via pool 10.0.1.10-10.0.1-19

 

network with default gateway (internet) for the controller 192.168.1.0 (255.255.255.0).

controller ip 192.168.1.250

 

So the VIA-client, the internal network and the controller are in 10.0.1.0.

Via-client 10.0.1.10, Internal test-machine 10.0.1.98, controller 10.0.1.6.

So why do I need to enable inter-vlan-routing? I was hoping to keep this disabled, because it might be more secure.

 

If it's more appropriate to start my own thread instead of reply'ing to this one, please let me know.

Re: Access to internal network - VIA

So im supposing you having something like this, correct me if im wrong please

 

On the controller

10.0.1.6

 

Switch should have a route that points to that network 10.0.1.0... so anyone from the outsite can find it.

 

Now you need enable intervlan routing so that packet that come from the via client goes to the interface 10.0.1.6 then he redirect that traffic to the controller ip address in your case 192.168.1.250 then he redirect that packet to his default gateway and goes to the switchcore.

 

Thats why you need to enable it... remenber you are not natting...

You can nat or route it.

 

Hope this helps you

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: