Wireless Access

Reply
Frequent Contributor I
Posts: 83
Registered: ‎10-27-2013

RAP Inner IP assignment

Hi

I have 2x 105-APs provisioned as RAPs. I am also using VIA - hence I have 2x IPSEC adress Pools configured under my VPN configuration tabs.

My propblem is My RAPs are coming up with the inner IP address of My VIA pool - so the raps aren't using my second configured address pool in IPSEC.

How can I change or set which IPSEC pool my RAPs use?

 

I am struggling to find where to change this or set it so any advice will be great.

Valued Contributor II
Posts: 804
Registered: ‎12-01-2014

Re: RAP Inner IP assignment

HI,

 

We will not have any control on pool assignment, we generally create multiple pools for extending the pool size hence client can pick address from any of the pool.

If the pool has exhausted, it would automatically overflow to other pools (no control over which pool would be picked up though).

 

Please feel free for any further clarity on this.

Cheers,
Venu Puduchery,
[Is my post helped you ? Give Kudos :) ]
Moderator
Posts: 321
Registered: ‎08-28-2009

Re: RAP Inner IP assignment

Hendrik

if you have just a small number of RAPs, perhaps you can edit the whitelist and add an internal IP there, thus making the rap inner ip static (can be anything really, other than overlapping something connected to the controller, also should not match the pools already configured). A little bit painful at scale, but for a small number of APs should be managable.

regards

jeff

Frequent Contributor I
Posts: 83
Registered: ‎10-27-2013

Re: RAP Inner IP assignment

Hi Jeff

 

That seams reasonable THX for the suggestion - I only have the 2 x APs at the sirte so this is perfectly feasible.

I take for this to work correctly I will need to have Control Plane security enabled?

 

What are the risks of enabling Control Plane security in a environment for the 1st time?

Moderator
Posts: 321
Registered: ‎08-28-2009

Re: RAP Inner IP assignment

[ Edited ]

hi Hendrik

control-plane-security and RAP are two independant and unrelated things - whether or not you turn on CPSEC is (usually) more about whether you want bridging on a campus AP. For RAP, it doesnt matter either way (RAPis always ipsec based).

 

turning CPSEC on for the first time will cause your campus APs to all reboot

 

regards

-jeff

Aruba Employee
Posts: 56
Registered: ‎07-24-2014

Re: RAP Inner IP assignment

Hi,

You can map the required ip pool in the user role for via.
Search Airheads
Showing results for 
Search instead for 
Did you mean: