Wireless Access

last person joined: 6 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Site to Site VPN on different controller OS versions?

  • 1.  Site to Site VPN on different controller OS versions?

    Posted Apr 01, 2014 05:25 AM

    Hi All

     

    I have a quick question that I think I know the answer to but want to confirm.

     

    If I do a site to site VPN between two controllers, do I need the AOS versions to be the same? My feeling is that I don't. They aren't going to be master/locals, just two separate controllers that need a secure link between them. As you can connect from a controller to any VPN concentrator, I cant see why you'd need the Arubas to be running the same code.

     

    Can anyone confirm?

     

    Cheers



  • 2.  RE: Site to Site VPN on different controller OS versions?

    Posted Apr 01, 2014 05:30 AM

    I've done it between controllers on different codes, but it might be wise to match just in case for support reasons? I've done it between different v6 codes, and in a different deployment between different v5 codes. Not sure I'd be confident/comfortable running it between a v5 AND v6 pair though.

     

    Is there a reason you can't match the code levels?



  • 3.  RE: Site to Site VPN on different controller OS versions?

    Posted Apr 01, 2014 05:32 AM

    I cant match the code versions as they are two separate clients but thanks for the reply.



  • 4.  RE: Site to Site VPN on different controller OS versions?

    Posted Apr 01, 2014 06:43 AM

    Understood.

     

    I would imagine you're going for a GRE inside an IPSEC? Best for security obviously.

     



  • 5.  RE: Site to Site VPN on different controller OS versions?

    Posted Apr 01, 2014 06:48 AM

    I suspect so, although we haven't actually looked any further into it than the initial scoping. But its the OS versions that is the customers concern.