Wireless Access

 View Only

  • 1.  Remote Office

    Posted Jul 04, 2021 05:05 AM
    Edited by SR64 Jul 05, 2021 06:53 PM

    Hi,

    The company is setting up a small remote office. That site will have a run of the mill Sonicwall as their firewall, that will connect to HQ's Sonicwall via site to site vpn.

    I have already purchased an AP-500HR for the remote site.

    At HQ I have 15 AP-505s all connecting to Central. It works very well.
    1. In Central I can make another site, and put the AP-500hr in it-but can I pull the same ssid (enterprise with an NPS at HQ) down there without any additional grear?

    I really like Aruba Central, but was hoping I could use it as the controller and not buy more gear. Is that doable? if not what's the diagram look like?

    Thank you
    Scott




  • 2.  RE: Remote Office

    Posted Jul 04, 2021 04:02 PM
    Hi Scott,

    1. Create an site-to-site (IPSEC) tunnel between both location with the Sonicwall hardware.
    2. An Aruba Instant (controllerless) access point must be in the same layer 2 vlan domain to form a cluster

    Because and IPSEC tunnel will route the networks you can't use only one Aruba Instant Cluster between sites. Therefore create a new Group with the same configuration for a single access point cluster for the remote office.

    Hope this helps.

    ------------------------------
    Marcel Koedijk | MVP Guru 2021 | ACEP | ACMP | ACCP | ACDP | Ekahau ECSE | Not an HPE Employee | Opionions are my own
    ------------------------------

    Original Message


  • 3.  RE: Remote Office

    Posted Jul 05, 2021 06:51 PM
    Edited by SR64 Jul 05, 2021 07:24 PM

    Thank you Marcel This Definitely helps.

    One follow up, You mention the AP needs to be in the same layer2 vlan as what? the HQ APs or a vlan at the remote office? Our remote office has no vlans and no assets to protect. The Sonicwall is really only there to form the IPSEC VPN back to HQ.

    The config threw me off. I'll be at the remote office Thursday to try it out!

    Thanks again, for taking the time to answer. 





    Original Message


  • 4.  RE: Remote Office

    Posted Jul 06, 2021 02:45 AM
    As Marcel suggested, create IPSec tunnel between sites. Create new location in Central for Remote Site and add AP to this new location. You can use existing group so configuration will automatically be replicated to this new AP. No need for separate groups.

    Best, Gorazd

    ------------------------------
    Gorazd Kikelj
    ------------------------------

    Original Message


  • 5.  RE: Remote Office

    Posted Jul 06, 2021 12:40 PM
    Thank you for the clarification.

    ------------------------------
    Scott Roache
    ------------------------------

    Original Message


Related Content