Wireless Access

Reply
Contributor I
Posts: 40
Registered: ‎01-07-2015

GRE Tunnel between Master & Guest controller

Hi All,

 

I want to create tunnel between my master controllers in VRRP mode which also enabled with PEF licenses and Guest controller in DMZ. I hope i should create tunnel using my Virtual IP address. Can anyone tell me the commands to create a tunnel between these for guest users and how to verify the tunnel status..? 

Guru Elite
Posts: 8,337
Registered: ‎09-08-2010

Re: GRE Tunnel between Master & Guest controller

VRRP addresses cannot be tunnel endpoints.

 

See here:

 

http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/VRRP-IP-cannot-be-L2-GRE-tunnel-endpoint/td-p/33572

 


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 762
Registered: ‎03-25-2009

Re: GRE Tunnel between Master & Guest controller

I've actually have had this up and running in a lab where both source and destination where VRRP address on both sides.

 

 

configure terminal 
	interface tunnel 1
        description "to edge"
        tunnel source 192.168.253.1
        tunnel mode gre 0
        tunnel destination 11.11.11.1
        trusted
        mtu 1400
        tunnel vlan 252
		no shutdown
!

configure terminal 
	interface tunnel 1
        description "to main"
        tunnel source 11.11.11.1
        tunnel mode gre 0
        tunnel destination 192.168.253.1
        trusted
        mtu 1400
        tunnel vlan 252
!

 

Koen (ACMX #351 | ACDX #547 | ACCP)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Contributor I
Posts: 40
Registered: ‎01-07-2015

Re: GRE Tunnel between Master & Guest controller

Thanks ... I need to create L3 GRE since they are in serperate vlans.

MVP
Posts: 762
Registered: ‎03-25-2009

Re: GRE Tunnel between Master & Guest controller

Not sure what you mean here, but if you want to 'extend' the guest valn from controller 1 to mcontroller 2 you do not need an L3 gre tunnel.

If the guest vlan is different on both end you do but why would you require this? The vlan is only important at the central site since you're transporting all traffic there anyway right?

Koen (ACMX #351 | ACDX #547 | ACCP)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Search Airheads
Showing results for 
Search instead for 
Did you mean: