Wireless Access

Reply
MVP
Posts: 331
Registered: ‎04-25-2013

Third Party Firewall between 2 controllers

Hi,

i want to configure an IPSec VPN between 2 controlleurs , and i have a small issue.

between the two controllers i have a Sophos Firewall that do not support IKEv2 , so i need to nat ports to permit the communication between the two device.

first , is it possible to do it ?

then , what are the port that I must nat ?

Regards

Raouf CHAHBOUNE
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX



[If my post is helpful please give kudos, or mark as solved if it answers your post.]
Guru Elite
Posts: 20,961
Registered: ‎03-29-2007

Re: Third Party Firewall between 2 controllers

If it is ipsec and you have "enforce NAT T" (recommended) on the connection you only need UDP 4500.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 331
Registered: ‎04-25-2013

Re: Third Party Firewall between 2 controllers

do any one have a tuto for a VPN site to site configuration

Raouf CHAHBOUNE
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX



[If my post is helpful please give kudos, or mark as solved if it answers your post.]
Guru Elite
Posts: 20,961
Registered: ‎03-29-2007

Re: Third Party Firewall between 2 controllers

Knowledgebase Search:  http://community.arubanetworks.com/t5/Aruba-Solution-Exchange/Dynamic-Site-to-Site-VPN-between-Mobility-Controllers/ta-p/202681

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 331
Registered: ‎04-25-2013

Re: Third Party Firewall between 2 controllers

and what about IKE port (500)

Raouf CHAHBOUNE
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX



[If my post is helpful please give kudos, or mark as solved if it answers your post.]
Guru Elite
Posts: 20,961
Registered: ‎03-29-2007

Re: Third Party Firewall between 2 controllers

If you use enforce NAT T, you don't need that.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: