Wireless Access

Hi there,

 

We just purchased 12 IAP for the new office with a 7205 controller in the DC. I figured out the 12 IAP can run as a virtual controller to support the office users have bridged access to the enterprise network. However, I also need to setup these IAP to support visitors whose traffic needs to be encrypted and treat them like in the DMZ on the firewall.

 

Is there any document/blog talking about this setup?

 

Thanks,

Steven

Hello,

You should be able to configure one SSID in bridge mode for the enterprise access and configure the guest SSID in tunnel mode to centralize the guest access.

In this setup you need to convert the IAPs to controllerbased access-points. Bridge or tunnel mode is configured via the virtual-ap configuration profiles.

René

Hi René,

 

Thanks for your suggestion.

 

Our requirement is not to use the controller for enterprise network because if this controller fails, then everything will be offline.

 

Steven

---

@swong wrote:

Hi there,

 

We just purchased 12 IAP for the new office with a 7205 controller in the DC. I figured out the 12 IAP can run as a virtual controller to support the office users have bridged access to the enterprise network. However, I also need to setup these IAP to support visitors whose traffic needs to be encrypted and treat them like in the DMZ on the firewall.

 

Is there any document/blog talking about this setup?

 

Thanks,

Steven

---

You can create an additional SSID on your Instant Cluster and use IAP-VPN tunneling to a controller to transport the user traffic to the controller:

 

http://community.arubanetworks.com/t5/Aruba-Instant-Cloud-Wi-Fi/Tutorial-Building-a-VPN-from-a-IAP-Cluster-to-a-Wireless/td-p/122585

Hi Colin,

 

This seems to be good to our expectation with the instant cluster up for the enterprise network. Thanks fo your suggestion and reference for the setup. I'll have a look there.

 

Steven