Wireless Access

Reply
New Contributor
Posts: 2
Registered: ‎06-22-2016

Multiple sites (Branch offices) deployement with Aruba "Questions"

Hello community,

 

For one of our projects, i have to figure out how to manage multiple aruba access points destributed over multiples sites; i have seen the cloud based solutions, but i prefer to manage the hardware myself, and i tend to avoid the IAPs. I can explain my situation by the following example :

 

HQ with the Datacenter and the master controller, RADIUS Server and 10 AP.

Branch site 1 : Slave controller (is it necessary?) and 12 AP.

Branch site 2 : Slave controller and 8 AP.

Branch site 3 : Slave controller and 20 AP.

 

What solutions do i have for centrelized management of all APs in all branch sites? knowing that all of the sites have ADSL Internet links with dynamic public IP.

 

The image below shows, more or less, the architecture i try to achieve.

 

Best regards,

Abdou Balladi

Guru Elite
Posts: 20,822
Registered: ‎03-29-2007

Re: Multiple sites (Branch offices) deployement with Aruba "Questions"

Are all the networks routable between sites?  If yes, Airwave would be the answer to manage your controller-based deployment.  If not, either Airwave and instant (Airwave can manage IAPs behind a DSL router) or Aruba Cloud and Instant IAPs would be the ony way you can get a single pane view of your network with non-routable subnets that are behind an ADSL device.

 

If you had only maybe one or two APs at a site, you could make them remote APs and terminate them on a controller at your datacenter.  Your limitation in this strategy is how many ipsec tunnels your ADSL router would support going back to the datacenter over the internet.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 2
Registered: ‎06-22-2016

Re: Multiple sites (Branch offices) deployement with Aruba "Questions"

Hello cjoseph,

 

Thank you for your quick response.

 

There is no routing between the sites, concerning the VPN, would the ipsec tunnel work even if all the DSL Router are PPPoE Links with dynamic adresses? so the VPN would be between the DSL routers not the controllers?

 

About AirWave if its in the Datacenter, can it manage all IAPs in all sites? and still have one panel for all? and does it need link configuration between sites or i only need to connect the IAP to the internet and the devices do the rest?

 

Sorry for asking so much questions, and thank you.

 

Regards,

Abdou Balladi

 

 

 

Guru Elite
Posts: 20,822
Registered: ‎03-29-2007

Re: Multiple sites (Branch offices) deployement with Aruba "Questions"

You can certainly do a dynamic ipsec site to site VPN between your controllers and your main site, but it would be yet another piece to manage.  The easiest way to do this is to allow Instant APs to point to Airwave that has a public address (Static 1:1 NAT or just public address).  Instant devices can be monitored and managed over the internet this way easily.

 

Please check out the Aruba Instant Validated Reference Design here: http://community.arubanetworks.com/t5/Validated-Reference-Design/Aruba-Instant-Validated-Reference-Design/ta-p/258782

 

the VRD will talk about Instant APs that terminate on Aruba Controllers, but that is optional for when user traffic will be tunneled back to the datacenter.  If all traffic is pretty much localized to the site, you can have Instant APs talk to Airwave on port 443 over the internet with no problem.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: