We recently updated a controller from 6.x to 8.8. We are also attempting to connect this controller to our mobility master.Originally the stand alone controller on 6.x had the following setup:* VLAN 647 directly connected to the controller (172.47.x.x) - used for controller management and on an internal VRF. * Managment IP is 220.127.116.11* VLAN 523 directly connected to the controller (10.23.x.x) - used for Access Points and belong to an untrusted VRF* Controller-ip is 10.23.0.254* VLAN 520 directly connected to the controller (10.20.x.x)- used for wireless clients and belong to an untrusted VRF* No communication between internal and untrusted VRFs. * we have two switches SW1 and SW2* SW1 has vlans 523 and 520 and this switch is fully on the untrusted-VRF. * SW2 has Vlan 647 and is on the internal VRF* controller has a leg on each switch to allow communication to both the APs and allow management access. Now, after upgrading to 8.8 we are trying to connect to a mobility master using our management interface (as it has a route to the MM)* Set masterip on vlan 647 - Only vlan 647 has a route to the MM* Tried setting controller-ip with same IP 10.23.0.254 on vlan 523 but found that MM can't fully create the IPSEC tunnel if controller-ip is not reachable. * moved the controller-ip to be 18.104.22.168 on vlan 647 and this allowed the controller to join the MM* problem now is that controller-ip is on a vlan 647 that is not reachable from vlan 523 which has our access points.* We can't really move APs to the SW2 because this one does not have the trunk for the wireless clients Is there a way to allow masterip and controller-ip be on different vrfs?Initially I thought controller-ip is only for AP termination and masterip will tell you which way to talk to MM. Did not foresee the interaction between the two. Is there a work around or any suggestion how to make this setup work?
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.