Tunneled Node is one of the key elements which differentiates the Mobility Access Switch in the Enterprise access switch market. Previously known as MUX in earlier Aruba platforms and releases, the feature had been re-named as Tunneled Node. The Tunneled Node encapsulates incoming packets from end-hosts in GRE packets and forwards them to the Mobility Controller to be processed further. The Mobility Controller, upon receiving the GRE packets, strips the GRE header and further processes the packet for additional purposes such as authentication, stateful firewall, and so on. This is how the Tunneled Node feature enables a centralized security policy, authentication and access control.
To allow additional flexibility, the Tunneled Node feature is enabled per-port basis. Any traffic coming from non-Tunneled Node interfaces will be forwarded “normally” without being tunneled to a Mobility Controller.
This solution creates configuration codes on the Mobility Access Switch (MAS) as a tunnel node to a Mobility Controller acting as a Tunnel master. The configuration of the "aaa authentication wired" profile and the role assignments are generated with the following assumptions:
The Mobility Access Switch itself does not require any licenses however the Mobility Controller does need licenses just like a regular LAN-Connected AP (e.g. WiFi AP).
1 license of each is required per standalone Mobility Access Switch or ArubaStack and installed in a Mobility Controller
Alternatively, you can use the LIC-SEC-X bundles for the LIC-PEFNG-X and LIC-RFP-X.
Reminder: Only one license of each is required per ArubaStack so if you have a stack of 5 switches, you only need a quantity of one of each of the following licenses: LIC-1-AP, 1 LIC-PEFNG-1 and 1 LIC-RFP-1.
The following is the lab topology.
See Arubapedia for Partner article for details.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.