Controllerless Networks

last person joined: 2 days ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

IAP-VPN Distributed L3, multiple SSIDs

This thread has been viewed 0 times

  • 1.  IAP-VPN Distributed L3, multiple SSIDs

    Posted Jan 21, 2019 11:16 PM

    Looking at implementing a branch IAP-VPN setup with the following:

     

    - Locally bridged SSID

    - Tunnelled Guest w/ captive portal SSID

    - Tunnelled IoT SSID

     

    The tunnelled SSIDs will use Aruba IPSec VPN and terminate on a 7010 controller in two data centres.

     

    The 7010 controller will be placed in a DMZ behind a firewall.

     

    I have two questions:

     

    1) What is the best way to isolate traffic from each SSID so that it can't access the other one - in theory they would be routable 'through' the VPNC?

     

    2) Is it possible to configure VPN routing profiles on the Instant cluster for specific client traffic only? (i.e. only traffic from specific SSIDs should be tunnelled, traffic from the AP itself should egress locally).