RAP will not connect to controller via VPN. In "Process Logs":
What could be a reason?
Early RAP was work. After i change many things in roles, policies.
Firewall is aruba 620 v 18.104.22.168. "ACL White List" include 4500 port.
#show datapath session table | include 4500
X.X.X.X 192.168.111.31 17 4500 4500 0/0 0 0 2 1/8 27 0 0 FY192.168.111.31 X.X.X.X 17 4500 4500 0/0 0 0 0 1/8 27 0 0 FC
#show crypto ipsec sa
% No active IPSEC SA
#show crypto isakmp sa
% No active ISAKMP SA
I would type "show audit-trail" to see what you changed. You might be able to figure out what you changed to make it not work.
I am not sure that we can guess what you did to make it break.
maybe together we can verify some of important settings on my controller
We could try, but there are a number of changes that you could have made that broke it, that are independent of typical settings. The answer is in what changes you made, since at one time it was working.
how i can test from outside that all ports on firewall (not aruba controller) for tunnel is open?
ON the commandline of the controller, type "show datapath session table | inclue 4500" while the remote AP is trying to come up. That will tell you if traffic is trying to come in from the outside.
#show datapath session table | include 4500IP1 IP2 17 49176 4500 0/0 0 0 0 1/8 1f 0 0 FCIP2 IP1 17 4500 49176 0/0 0 0 2 1/8 1f 0 0 FY
It's enough to make sure that all ports are open?
and who know what is mean
"isakmpd: <103061> <ERRS> |ike| IP1:49176-> find_listening_transport: virtual transport for address IP2 not found in virtual_listen_list"
*IP1 - real RAP address, IP2 - controller address.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.