Notes:----------
Typical Case scenario of Auto GRE feature:---------------------------------------------- IAP and controller are connected via a MPLS network or a Private WAN.Here we do not need to send the GRE data traffic with IPsec encryption since both IAP and controller are in a private network. In the topology , there are two IAP’s in a cluster. In a flat topology, user can create GRE tunnel from all the APs instead of only Master with Per-AP-Tunnel feature.When Per-AP-Tunnel is enabled, All IAP’s in the cluster will have a GRE tunnel to the controller.So traffic from slave IAP’s going destined to the network behind the datacenter will be sent via l2 GRE tunnel from the slave IAP itself.This traffic will not reach the master IAP. AutoGRE feature also supports creation of GRE tunnel automatically to the backup controller when Primary VPN tunnel fails and tunnel switches to backup controller.If Preemption is enabled, Current active tunnel will switch to Primary host if it becomes available again.Preemption Hold on timer can be used to wait for configured interval before the switch.Configuration from WEBUI----------------------------------Configuration from CLI--------------------------------vpn gre-outside This command will enable GRE Outside IPsec Featurevpn primary primary tunnel ip addressvpn backup backup tunnel ip address d8:c7:c8:cb:d3:16# show vpn configConcentrator------------Type Value---- -----VPN Primary Server 10.17.132.38<truncated>GRE outside vpn enableGRE ServerGRE IP Address 0.0.0.0GRE Type 1GRE Per AP Tunnel enableReconnect User On Failover disableReconnect Time On Failover 60Routing Table-------------Destination Netmask Gateway Type----------- ------- ------- ----0.0.0.0 0.0.0.0 10.17.132.38 Tunnel Show datapath tunnel output should give us the GRE tunnel been established to the controller.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.