Wireless Access

Reply
MVP
Posts: 340
Registered: ‎04-25-2013

Split tunnel with Campus AP

Dear All,

for bandwidth optimisation purpose i need to do split tunnel , can i do it in CAP mode instead of RAP mode.

have any one of you done it before.

Regards.

 

Raouf CHAHBOUNE
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX



[If my post is helpful please give kudos, or mark as solved if it answers your post.]
Guru Elite
Posts: 8,648
Registered: ‎09-08-2010

Re: Split tunnel with Campus AP

Split-tunnel is only available when the AP is provisioned as a RAP.

 

You should look at using Instant APs if you need bridge-mode functionality with some tunneling in a campus environment.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Guru Elite
Posts: 21,289
Registered: ‎03-29-2007

Re: Split tunnel with Campus AP

Rchahbourne, why don't you just bridge the traffic to the local network? Split tunnel was designed for public wan networks. If this is a private network, bridging could solve your issue...


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 340
Registered: ‎04-25-2013

Re: Split tunnel with Campus AP

Hi,

i'm traing to fix a design issue , we have one centralized Mobility Controlleur  (located in the  DC) , and 3 sites, the sites are far from each other (300 to 500 Km), the customer have the optical fiber and around  150 APs

my idea was to optimise the bandwitdh by spliting the traffic (the traffic destined to the printer for exemple do not need to go to the DC).

do you have any suggestion.

Regards

Raouf CHAHBOUNE
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX



[If my post is helpful please give kudos, or mark as solved if it answers your post.]
Guru Elite
Posts: 21,289
Registered: ‎03-29-2007

Re: Split tunnel with Campus AP

If you bridge the traffic to the same wlan, you put it on par with the wired traffic. That makes it no worse than wired traffic. Traffic that is tunneled back to the controller *could* add overhead. For example if you have a wan optimizer, it cannot optimize traffic between the access point and the controller, because it would be encrypted. If you just bridge the traffic, it can optimize it.

Split tunnel usually requires you to source NAT traffic that stays local so that is probably not be a good idea in a campus environment. It works much better when you have a remote site only connected by the internet.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 340
Registered: ‎04-25-2013

Re: Split tunnel with Campus AP

ok ,

the best is to have local controllers in each site, then the traffic will be decrypted locally and then send if needed to  the DC , if not it remain in the local  Site.

but unfortunately the solution was sold this way

since i have no choice  i'll use tunneled mode.

Regards.

Raouf CHAHBOUNE
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX



[If my post is helpful please give kudos, or mark as solved if it answers your post.]
Guru Elite
Posts: 21,289
Registered: ‎03-29-2007

Re: Split tunnel with Campus AP

Why will bridged mode not work?


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 340
Registered: ‎04-25-2013

Re: Split tunnel with Campus AP

For security purpose ,the bridged mode do not support 802.1X.

Raouf CHAHBOUNE
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX



[If my post is helpful please give kudos, or mark as solved if it answers your post.]
Guru Elite
Posts: 8,648
Registered: ‎09-08-2010

Re: Split tunnel with Campus AP

802.1X is fully supported in bridge mode...


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II
Posts: 25
Registered: ‎09-24-2014

Re: Split tunnel with Campus AP

Is it right, that in bridge mode only 32 Access Points are supported?
Search Airheads
Showing results for 
Search instead for 
Did you mean: