Did you ever work this out? I weem to have hit the same obstacle although I'm trying VPN from an IAP to a third party VPN concentrator.
But it always tries to authenticate with the TPM built-in certificate.
------------------------------
Tue Madsen
------------------------------
Original Message:
Sent: Dec 04, 2019 04:51 PM
From: marcel koedijk
Subject: Expert: IAP-VPN via VMC with Aruba Central - Custom Certificate Issue
Hi Experts, i need your expertise!
As we all known a VMC virtual controller dont have a TPM security chip like a hardware controllers does have. To connect a RAP or IAP-VPN to a VMC a custom certificate must be deployed manually. ArubaOS 8.2.0.0 is minumum needed to achieve this. esupport write a nice article about this on the airheads forum, link.
Some ways to get this work are:
- Deploy a CAP and re-provision it as RAP wiche will install the server certificate on the RAP.
- An IAP-VPN can be scripted through activate.arubanetworks.com to install the server certificate.
Now my question, i run a IAP-VPN cluster managed via Aruba Central. In global settings i can install an custom server certificate and ca-root certificate. But i cant find a option how to use this certificate for the IPSEC VPN connection instead of the Aruba-Default certificate.