Wireless Access

Reply
Contributor II
Posts: 40
Registered: ‎05-17-2016

Mobility Controller RAP IPSec tunnel

Hello,

 

Could someone explain how is IPSec tunnel between controller and RAP formed, what are the parameters we can change, as well as the role of PSK vs certificates in tunnel creation? Thanks in advance.

 

 

Regards,

AlanFord

 

 

Kind regards,
AlanFord
Guru Elite
Posts: 8,460
Registered: ‎09-08-2010

Re: Mobility Controller RAP IPSec tunnel

Every AP is issued a factory certificate during manufacturing. This cert is used to build the IPSec tunnel. When you whitelist the RAP on the conttoller, you're essentially whitelisting the cert.

Custom certs can be loaded onto the AP for use with IPSec but it's not a common deployment.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II
Posts: 40
Registered: ‎05-17-2016

Re: Mobility Controller RAP IPSec tunnel

Thanks Tim, appreciated.

 

Regards,

AlanFord

Kind regards,
AlanFord
Contributor II
Posts: 40
Registered: ‎05-17-2016

Re: Mobility Controller RAP IPSec tunnel

Tim,

 

One more question. Does factory certificate ever expire, or is that not important once tunnel is established? Thanks.

 

 

Regards,

AlanFord

Kind regards,
AlanFord
Guru Elite
Posts: 8,460
Registered: ‎09-08-2010

Re: Mobility Controller RAP IPSec tunnel

I believe it's a 20 year cert, but don't quote me on that.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: