Security

 View Only
last person joined: 18 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

publisher virtual IP on different subnet with physical IP

This thread has been viewed 1 times

  • 1.  publisher virtual IP on different subnet with physical IP

    Posted Mar 12, 2018 08:09 AM
    Hi aruba master
     
    based on the clustering technotes, we can configure the publisher on separate subnet.
     
    can we configure vip fir this case?

     
    thanks
     


  • 2.  RE: publisher virtual IP on different subnet with physical IP

    EMPLOYEE
    Posted Mar 12, 2018 08:29 AM
    The virtual IP needs to be in the same subnet. Why are you using public IPs?


  • 3.  RE: publisher virtual IP on different subnet with physical IP

    Posted Mar 12, 2018 08:55 AM
    Hi tim

    So for publisher with l3 separated, we can not configure virtual ip? What is the ha scheme in vip ?



  • 4.  RE: publisher virtual IP on different subnet with physical IP
    Best Answer

    EMPLOYEE
    Posted Mar 12, 2018 09:00 AM
    The virtual IP requires L2 connectivity. It’s CARP.


  • 5.  RE: publisher virtual IP on different subnet with physical IP

    EMPLOYEE
    Posted Mar 12, 2018 09:07 AM
    Correct. You’d need to use a load balancer if there is L3 separation.


  • 6.  RE: publisher virtual IP on different subnet with physical IP

    Posted Mar 12, 2018 02:49 PM
    The two common use cases for the VIP are:
    - Captive Portal redundancy (You point the DNS entry to the VIP and in case
    one of the nodes fails your CP will still be available)
    - TACACs/RADIUS for switches that don't support two entries for
    TACACs/RADIUS servers or dont have a mechanism to determine if the
    TACACs/RADIUS server is unavailable (This is not very common)