Product and Software: This Article applies to all Aruba Wireless Controller and Aruba OS.
The default IPsec-map priority used for Master-Local and Master-Standby is '9999'
(Aruba-Master) #show switches
All Switches
------------
IP Address Name Location Type Model Version Status Configuration State Config Sync Time (sec) Config ID
---------- ---- -------- ---- ----- ------- ------ ------------------- ---------------------- ---------
10.10.10.10 Aruba-Master Building1.floor1 master Aruba7220 6.3.1.2_41362 up UPDATE SUCCESSFUL 0 1
10.10.10.11 Aruba-Local Building1.floor1 local Aruba3400 6.3.1.2_41362 up UPDATE SUCCESSFUL 7 1
10.10.10.12 Aruba-Backup Building1.floor1 standby Aruba3600 6.3.1.2_41362 up UPDATE SUCCESSFUL 17 1
(Aruba-Master) #show crypto-local ipsec-map
Crypto Map Template"default-local-master-ipsecmap10.10.10.11" 9999
IKE Version: 1
IKEv1 Policy: All
Security association lifetime seconds : [300 -86400]
Security association lifetime kilobytes: N/A
PFS (Y/N): N
Transform sets={ default-ml-transform }
Peer gateway: 10.10.10.11
Interface: VLAN 0
Source network: 0.0.0.0/0.0.0.0
Destination network: 10.10.10.11/255.255.255.255
Pre-Connect (Y/N): N
Tunnel Trusted (Y/N): Y
Forced NAT-T (Y/N): N
Crypto Map Template"default-psk-redundant-master-ipsecmap" 9999
IKE Version: 1
IKEv1 Policy: All
Security association lifetime seconds : [300 -86400]
Security association lifetime kilobytes: N/A
PFS (Y/N): N
Transform sets={ default-ml-transform }
Peer gateway: 10.10.10.12
Interface: VLAN 0
Source network: 10.10.10.10/255.255.255.255
Destination network: 10.10.10.12/255.255.255.255
Pre-Connect (Y/N): Y
Tunnel Trusted (Y/N): Y
Forced NAT-T (Y/N): N
NOTE: For manual ipsec-map priority we have below entry.
(Aruba-Master) (config) #crypto-local ipsec-map test-lab ?
<ipsec-map-number> [1 - 9998] - Priority of the entry