Controllerless Networks

Reply
Highlighted
Occasional Contributor I

IAP - Controller GRE Tunnel issues

Morning all,

I'm fairly new to configurating Aruba OS so on a learning curve.

I'm trying to setup a pair of WLAN networks on a cluster of IAP-305s the corporate side works fine, but for guest I'm trying to GRE tunnel the traffic down to a DMZ controller in the data centre. I have tried to put together a diagram of what im trying to setup.

 

But I cannot seem to get the IAP to esitmablish a GRE tunnel to the Controller. 

 

Thankyou in advance

Luke

GRE.PNG

Guru Elite

Re: IAP - Controller GRE Tunnel issues

I see your diagram.  Is there something not working?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Occasional Contributor I

Re: IAP - Controller GRE Tunnel issues

Thankyou for your message, sorry just relised I didnt put my issue in the text.

Its the GRE tunnel I'm having issues with from the IAP towards the controller.

 

IAP VC# show vpn config

Concentrator
------------
Type                        Value
----                        -----
VPN Primary Server
VPN Backup Server
VPN Preemption              disable
VPN Fast Failover           disable
VPN Hold Time               600
VPN Monitor Pkt Send Freq   5
VPN Monitor Pkt Lost Cnt    6
VPN Ikepsk                  a7fb0e875c78851dcf3fc3c56c400cc0
VPN Username
VPN Password                1981c8660036e07909444708225f7d60
GRE outside vpn             disable
GRE Server                  10.182.95.146
GRE IP Address              10.182.95.146
GRE Type                    1
GRE Per AP Tunnel           disable
Reconnect User On Failover  disable
Reconnect Time On Failover  60
Routing Table
-------------
Destination  Netmask  Gateway  Metric  Type  Flag
-----------  -------  -------  ------  ----  ----
Number of Route Entries   :0
VPN Tunnel Profiles
-------------------
Profile  Primary  Backup  Preemption  Fast Failover  Hold Time  Monitor Pkt Send Freq  Monitor Pkt Lost Cnt  PSK  Username  Password  Group ID  Aggressive Mode
-------  -------  ------  ----------  -------------  ---------  ---------------------  --------------------  ---  --------  --------  --------  ---------------

 

 

 

 

 

 

Guru Elite

Re: IAP - Controller GRE Tunnel issues

On the DMZ controller, can you type "show datapath session table <ip address of instant VC>" to see if any traffic is coming from the Virtual Controller to the DMZ controller?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Occasional Contributor I

Re: IAP - Controller GRE Tunnel issues

(DMZ Controller) #show datapath session table 10.185.121.4


Datapath Session Table Entries
------------------------------

Flags: F - fast age, S - src NAT, N - dest NAT
       D - deny, R - redirect, Y - no syn
       H - high prio, P - set prio, T - set ToS
       C - client, M - mirror, V - VOIP
       Q - Real-Time Quality analysis
       I - Deep inspect, U - Locally destined
       E - Media Deep Inspect, G - media signal

  Source IP     Destination IP  Prot SPort DPort  Cntr Prio ToS Age Destination TAge Packets   Bytes      Flags
--------------  --------------  ---- ----- -----  ---- ---- --- --- ----------- ---- --------- ---------  -----

 

(DMZ Controller) #

Guru Elite

Re: IAP - Controller GRE Tunnel issues

That seems to suggest that none of the GRE traffic is getting through.  You might want to find out in your network what would be blocking that traffic.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos

Re: IAP - Controller GRE Tunnel issues

Why don't use IAP-VPN (-with IPSec), there is less network issue...

ACMP 6.4 / ACMX #107 / ACCP 6.5
Occasional Contributor I

Re: IAP - Controller GRE Tunnel issues

Networks used GRE with the physciall controllers and wanted to do the same, ill propse it thankyou

New Contributor

Re: IAP - Controller GRE Tunnel issues

I am working on same kind of topology into our network, Is that any way I can get whole configuration of GRE tunnels on IAP and Controller. For testing purpose, I'm using IAP 325 and Controller 7205. 

Re: IAP - Controller GRE Tunnel issues

What do you need ?

ACMP 6.4 / ACMX #107 / ACCP 6.5
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: