Hello All,
I'm quite new to the Aruba Platform and as a result, I'm looking for some assistance as regards to an issue I'm experiencing with the Cert-based RAPs (i.e RAP2WG).
I have noticed that after I have the RAP connected to the Internet and have it assigned the Public IP Address of my 620 Controller (through the rapconsole webpage), I can see it connect and establish the IPSec Tunnel. I then notice it go through an upgrade process, after which it says "rebooting". Right after it reboots, the RAP no longer establishes an IPSec Tunnel back to the Controller.
I have also confirmed that we are allowing FTP and TFTP across this Tunnel. I mention this because, when I reset the RAP in order t start the process all over again. I notice that it's still on Version 5.X while the Controller is on 6.X. So, it obviously didn't perform an upgrade and that's most likely why the RAP won't work.
What can we be doing wrong here? What IP Address does the RAP use in establishing an FTP/TFTP connection? Is it the VPN IP Address assigned to it or the Outer IP Address from the Service Provider end? Currently we are allowing FTP/TFTP between the Controller's Inner IP Address and the RAP's assigned VPN IP Address. Is this right?
Are there any other Firewall ports that we should have open?
Any help will be highly appreciated.