Wireless Access

Reply
Frequent Contributor II

ipsec between aruba controllers

hello airheads,

does anyone know if you can set up a ipsec tunnel between two controllers. NOT a site-site but need to map a VLAN from head office to a controller network. I know you can do a GRE tunnel but that has problems across NATted boundaries.

 

Re: ipsec between aruba controllers

Hey, does the below answer your question? 

 

http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Content/ArubaFrameStyles/VPNs/Site_to_Site_VPNs.htm


ACMA, ACMP, ACSA
If my post addresses your query, give kudos:)
Frequent Contributor II

Re: ipsec between aruba controllers

thanks for getting back.

i'm not sure if it does help.

That refers to site-site vpn's.

what i'm looking for is layer 2

MVP

Re: ipsec between aruba controllers

I've been using gre tunnels to do this.

Have a look at http://community.arubanetworks.com/t5/Wireless-Access/L2-GRE-keepalive/td-p/188868 

Koen (ACMX #351 | ACDX #547 | ACCP)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Frequent Contributor II

Re: ipsec between aruba controllers

thanks for getting back.

GRE was my first thought but i remember  a few years back that there was a problem with Aruba GRE tunnels over NATted boundary.

was that something to do with the keep-alives?

 

MVP

Re: ipsec between aruba controllers

Appologies, I should have read your entire post.

Not sure with GRE over NAT, might very well be problematic. Never had to do this so don't have anything usefull to tell you here.

 

 

@zalion0's sollution seems workable. Create a site to site VPN and set up the gre tunnel through that?

 

Koen (ACMX #351 | ACDX #547 | ACCP)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.

Re: ipsec between aruba controllers

Hey, GRE will not survive a NAT boundary so you will need to look at IPSEC. I believe IPSEC should work as you can simply route the VLAN via the tunnel.


ACMA, ACMP, ACSA
If my post addresses your query, give kudos:)
Frequent Contributor II

Re: ipsec between aruba controllers

ok thank you,

just wanted to know how do you set up the IPSEC tunnel between two controllers?

Re: ipsec between aruba controllers

Hey, the link previously posted details the configuration steps. If not you can find it in each of the User Guides for the respective ArubaOS release.


ACMA, ACMP, ACSA
If my post addresses your query, give kudos:)
Frequent Contributor II

Re: ipsec between aruba controllers

i read that but isn't that to do with site-site vpn's?

couldn't see how to do what i was trying to achieve.

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: