Controllerless Networks

Hi,

Can I put a static route in an IAP through an Aruba IPsec tunnel?

I have a centraliced WLC7010 controller to receive IPsec and Gre Aruba tunnel, I have a remote IAP working how Instant and this have a L2 SSID with L2-DHCP tunneling with 7010.

I want route the authentication traffic (802.1x) source IAP throught this tunnel because the Clearpass are in WLC network.

The scenary is:

Is posible?

Regards.

RG

Hi raul.garcia.jim,

This is possible. Look at this picture:

 This is from Central, but on the IAP GUI it is more or less the same.

10.104.104.20 is my ClearPass Server

10.100.100.50 is the IP of the controller, the IAP is connected to (the physical IP in the interface)

Just be aware, that the IAP is using its tunnel IP to reach the radius server. So the one from the L2TP DHCP Pool. 

hope this helps

BR

Florian

 Hi FlorianBaaske,

Thanks!! it working fine!

I have routed this traffic to the  WLC IP.

The other problem that had is the back routing. I solved it by routing the IP on core network of the tunnel interface of the IAP.

Regards!

You should route the whole L2TP pool network to the controller, as the IAP will get a new IP from that pool, each time he connects. 

I have configured OSPF between my Controller and the wired infrastructure but this is not needed if you just use a static route from the core to the controller for that network.