Wireless Access

Reply

anchor controlers configuration - need some guideince..

in on of my projects i need to have public access for specific users (let's call them "guest") send to dedicated ADSL.

this is multi location deployment with two master/local 7220s and pair of small 7030 to be used as anchor set for "guests".

note - access points are in over 20 locations that are connected using L3 to core locations. (let's call them "datacenters")

main controllers are in two datacenters (L3 in between) and pair of 7030 is in third location.

7030 do have mgmt access over intranet as well as direct connection to firewall for "guest" traffic with VRRP (DMZ zone)

I'm looking for some advice on configuration of 7220s and 7030 to have proper routing for any of the "guests" users that may connected at any location.

 

traffic flow for "guests" should be from any AP thru one of main controllers and then send to 7030 for discharge in to DMZ/ADSL.

 

Any help is appreciated.

Guru Elite

Re: anchor controlers configuration - need some guideince..

Please take a look at the article here:  http://community.arubanetworks.com/t5/Aruba-Solution-Exchange/L2-GRE-to-DMZ-controller-with-Captive-Portal-SSID/ta-p/202649

 

The controller models do not really matter.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: anchor controlers configuration - need some guideince..

greetings

i would like to get more details on GRE in my scenario

as i mentioned above, i have two main controllers in L3 mode and two anchor in HA

how many tunnels are needed from-to each controller?

how tunnels should be configured to have proper path/flow?

lets put some IPs and get scenarios

WLC1 - 10.0.1.1

WLC2 - 10.0.2.0

anchor1  - 192.168.1.2

anchor2 - 192.168.1.3

VRRP for anchor 192.168.1.1 (priority 200 for anchor1)

flow - may come from each of the WLC independently (AP groups) 

q1) how many tunnels are needed PER each WLC?

- ONE towards VRRP IP? two to each anchor? how system will know which path is correct?

q2) how many tunnels are needed on anchor devices? what should be source IP of that tunnel? VRRP?

Or possibly tunnel groups are required? Is there a mechanism to have priority on specific tunnel?

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: