Wireless Access

Frequent Contributor I

RAP Inner IP assignment


I have 2x 105-APs provisioned as RAPs. I am also using VIA - hence I have 2x IPSEC adress Pools configured under my VPN configuration tabs.

My propblem is My RAPs are coming up with the inner IP address of My VIA pool - so the raps aren't using my second configured address pool in IPSEC.

How can I change or set which IPSEC pool my RAPs use?


I am struggling to find where to change this or set it so any advice will be great.

Valued Contributor II

Re: RAP Inner IP assignment



We will not have any control on pool assignment, we generally create multiple pools for extending the pool size hence client can pick address from any of the pool.

If the pool has exhausted, it would automatically overflow to other pools (no control over which pool would be picked up though).


Please feel free for any further clarity on this.

Venu Puduchery,
[Is my post helped you ? Give Kudos :) ]

Re: RAP Inner IP assignment


if you have just a small number of RAPs, perhaps you can edit the whitelist and add an internal IP there, thus making the rap inner ip static (can be anything really, other than overlapping something connected to the controller, also should not match the pools already configured). A little bit painful at scale, but for a small number of APs should be managable.



Frequent Contributor I

Re: RAP Inner IP assignment

Hi Jeff


That seams reasonable THX for the suggestion - I only have the 2 x APs at the sirte so this is perfectly feasible.

I take for this to work correctly I will need to have Control Plane security enabled?


What are the risks of enabling Control Plane security in a environment for the 1st time?


Re: RAP Inner IP assignment

hi Hendrik

control-plane-security and RAP are two independant and unrelated things - whether or not you turn on CPSEC is (usually) more about whether you want bridging on a campus AP. For RAP, it doesnt matter either way (RAPis always ipsec based).


turning CPSEC on for the first time will cause your campus APs to all reboot




Aruba Employee

Re: RAP Inner IP assignment


You can map the required ip pool in the user role for via.
Search Airheads
Showing results for 
Search instead for 
Did you mean: