I have a quick question that I think I know the answer to but want to confirm.
If I do a site to site VPN between two controllers, do I need the AOS versions to be the same? My feeling is that I don't. They aren't going to be master/locals, just two separate controllers that need a secure link between them. As you can connect from a controller to any VPN concentrator, I cant see why you'd need the Arubas to be running the same code.
Can anyone confirm?
I've done it between controllers on different codes, but it might be wise to match just in case for support reasons? I've done it between different v6 codes, and in a different deployment between different v5 codes. Not sure I'd be confident/comfortable running it between a v5 AND v6 pair though.
Is there a reason you can't match the code levels?
I cant match the code versions as they are two separate clients but thanks for the reply.
I would imagine you're going for a GRE inside an IPSEC? Best for security obviously.
I suspect so, although we haven't actually looked any further into it than the initial scoping. But its the OS versions that is the customers concern.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.