Hi Joseph,
I finally got the VIA to work after passing TCP443 across the Internet back to our Controller after battling with it for awhile. I had to do the following below:
1. The VPN IP Address Pool created for the VIA Clients had to be routable on our Network.
2. I had to create a dummy IKE Shared Secret Key on the "VPN Services" Form. Without this Dummy Key, the VIA would not
establish a session. It always generated an error message saying "Failed to establish secure session".
Does the above fixes seem right to you?
I don't see any Aruba Documentation that states the above. But the Aruba Engineer says it's required.
The only issue I'm experiencing now is that I could not get the VIA to work using RADIUS 802.1X Authentication. It just wouldn't even download the Connection Profile.
Now my RAPs are using the same RADIUS Server for 802.1X Authentication and it works just fine. So why the same RADIUS Server doesn't work is beyond me.
The Aruba Engineer says that I need to have PAP Authentication enabled on the RADIUS Server's Policy. That this is a requirement for VIA 802.1X Authentication using the RADIUS Server to work.
Also, have you seen or heard about this?
However, I intend tot test this out and then see.
Look forward to hear from you.