Cloud Managed Networks

last person joined: 2 days ago 

Forum to discuss all things related to HPE Aruba Networking Central and UXI Network Management, including deployment of managed networks, configuration, best practices, APIs, Cloud Guest, AIOps, Presence Analytics, and other included Applications
Back to discussions
Expand all | Collapse all

how to add a static route for an IAP managed from Central Aruba

This thread has been viewed 1 times

  • 1.  how to add a static route for an IAP managed from Central Aruba

    Posted Jan 22, 2020 10:26 PM

    hello everyone, someone could know if it's possible how to add a static route for an IAP managed from Central Aruba



  • 2.  RE: how to add a static route for an IAP managed from Central Aruba

    EMPLOYEE
    Posted Jan 23, 2020 04:02 AM

    I don't think you can add static routes to an Instant AP. In general, you have a management subnet with a default gateway and client traffic should be bridged on a VLAN with routing externally. There are some exceptions with guest and VPN. What would be the use case?



  • 3.  RE: how to add a static route for an IAP managed from Central Aruba

    Posted Jan 23, 2020 04:33 PM

    I want IAPs to go through a link to the Internet and that IAP traffic from the corporate network (RADIUS) goes to the same corporate network.

     

    example:

     

    0.0.0.0 0.0.0.0 192.168.10.254

    192.168.10.0 255.255.255.0 192.168.10.1

     

    It is possible to configure static routes on an IAP outside a VPN?

     



  • 4.  RE: how to add a static route for an IAP managed from Central Aruba

    EMPLOYEE
    Posted Jan 24, 2020 03:44 AM

    I don't think so. Also, I would prevent such network requirements and put the IAPs on a subnet with just that IAPs and your router so everything is reachable through the default gateway. Having static routes on systems is something I would avoid at all cost as it is likely to introduce unpredictable things like asymetric routing. I would change your network and routing design instead.

     

    Also, I think there is a typo in your example as both the route and the gateway are in the same subnet; but if the route is for another subnet, having it just in your .254 default gateway may be enough (if it is not a stateful firewall).



  • 5.  RE: how to add a static route for an IAP managed from Central Aruba

    Posted Jan 24, 2020 12:16 PM
    @Herman Robers wrote:

    I don't think so. Also, I would prevent such network requirements and put the IAPs on a subnet with just that IAPs and your router so everything is reachable through the default gateway. Having static routes on systems is something I would avoid at all cost as it is likely to introduce unpredictable things like asymetric routing. I would change your network and routing design instead.

     

    Also, I think there is a typo in your example as both the route and the gateway are in the same subnet; but if the route is for another subnet, having it just in your .254 default gateway may be enough (if it is not a stateful firewall).

    Hi Herman,
    We have already been able to configure the routes in an IAP successfully, if it is possible to configure the IAP, the design had to be changed. However, if we try to configure the route on the gateway, only this did not work as expected.
    The solution was to configure the routes directly in the IAPs from ArubaCentral. The reason for doing it this way is because the solution had to adapt without making changes to the current network. A very particular case.

     



  • 6.  RE: how to add a static route for an IAP managed from Central Aruba

    EMPLOYEE
    Posted Mar 07, 2020 04:20 PM

    I think you can do it with routing profiles.

    In central go to IAP cluster and once your are in configuration mode

    Show Advanced ->VPN->Routing

    add your routes there.

     

    Test it and let us now.