Wireless Access

Reply
Aruba Employee

Aruba 640, unable to change vpn address pool.

I have one address pool, and am unable to edit or delete it in the web gui, and can't figure out the CLI from the reference guide or lacking help menu in terminal.

 

How do I edit the start and end address range for the vpn address pool?

Guru Elite

Re: Aruba 640, unable to change vpn address pool.

config t
ip local pool "pool1" "192.168.1.3" "192.168.1.300"

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba Employee

Re: Aruba 640, unable to change vpn address pool.

That worked wonderfully!

Aruba Employee

Re: Aruba 640, unable to change vpn address pool.

I'm trying to diagnose why my RAP3 won't slave to the 650 mobility controller to be used as a VPN device for a remote user. It still won't work following changing the address pool to a private class C range. 

 

Still getting error -8949     ERR_IKE_TIMEOUT

Guru Elite

Re: Aruba 640, unable to change vpn address pool.

If you pointed a RAP3 to the controller, you need to be running ArubaOS 6.2 and above for it to convert.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba Employee

Re: Aruba 640, unable to change vpn address pool.

I have the latest firmware on the mobility controller. 

Guru Elite

Re: Aruba 640, unable to change vpn address pool.

Okay.  I am assuming it is 6.2.

 

Have you gotten other RAPs to work with that controller? (trying to eliminate a RAP configuration issue)



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba Employee

Re: Aruba 640, unable to change vpn address pool.

Negative, I tried another RAP3 out of the box it and would not convert for remote usage, citing a VPN issue, to include the above error message in the pop up log. 

Guru Elite

Re: Aruba 640, unable to change vpn address pool.

Did you add the RAP;s wired mac address into the RAP whitelist?

 

If so, turn on logging:

 

logging level debugging security subcat ike
logging level debugging security process aaa
logging level debugging security process authmgr
logging level debugging security subcat l2tp
logging level debugging security subcat vpn

 then type "show log security" while the RAP is trying to connect.

 

 

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba Employee

Re: Aruba 640, unable to change vpn address pool.

I did add the MAC to the whitelist. 

 

In the meantime we unplugged the controller because spanning tree was causing issues with some other switches. I think the likely solution is to completely disable spanning tree on the controller, in addition to reviewing settings on the other devices. 

 

I'll go through those logging procedures this weekend and post back when I know more details. 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: