Wireless Access

last person joined: 22 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Resilient IAP VPN

This thread has been viewed 0 times

  • 1.  Resilient IAP VPN

    Posted Jun 12, 2018 09:47 AM

    Hi,

     

    Can someone let me know how to make an IAP VPN (Aruba IPSEC) resilient?

     

    I know I can add a backup host which is great.

     

    I'm having problems with what to the set the gateway on the routing profile on the IAP. I can't seem to get the routing to work unless the gateway in the routing profile is the controller IP address that the VPN is terminating on. 

     

    In a failover situation the tunnel will terminate on the backup host and the route will no longer work.

     

    Even the ASE solution suggest setting the route profile gateway as the controller IP address.


    I feel like I'm missing something here and suspect there's an easy answer.

     

    Anyone got a quick solution for this??

     



  • 2.  RE: Resilient IAP VPN

    EMPLOYEE
    Posted Jun 14, 2018 08:40 AM

    If this is L3 distributed, then the use of OSPF would be recommended if the failover is to a different data center.

     

    If not, have you tried adding a second route statement to the same network but instead the next hop is controller IP #2?