How to configure default route to VPN

Aruba Employee
Aruba Employee

Starting from image 7.4.x.x, we can point the trafffic towards a VPN tunnel. A branch office Mobility Access Switch has VPN tunnel which terminates on a Firewall. Any client non-corporate traffic from Mobility Access Switch is forwarded to the firewall through the VPN tunnel. This requires a default gateway route on Mobility Access Switch pointing to a VPN tunnel.


Environment : Remote Networking


 A branch office Mobility Access Switch has VPN tunnel  towards the corporate network.


Configuring Default Route to VPN:

You can use the following command to configure the default route to a VPN tunnel:

(host) (config) #crypto-local ipsec-map <map-name> <map-number>
(host) (config-ipsec-map) #dst-net
Sample Configuration:

(host) (config) #crypto-local ipsec-map map-firewall 10
(host) (config-ipsec-map) # peer-ip
(host) (config-ipsec-map) # local-fqdn
(host) (config-ipsec-map) # interface vlan 2
(host) (config-ipsec-map) # src-net
(host) (config-ipsec-map) # dst-net
Verifying Default Route Configuration:

Use the following command to verify the default route to VPN configuration:
(host) #show ip route
Codes: C - connected
O - OSPF, O(IA) - OSPF inter area
O(E1) - OSPF external type 1, O(E2) - OSPF external type 2
O(N1) - OSPF NSSA type 1, O(N2) - OSPF NSSA type 2
M - mgmt, S - static, * - candidate default
C /0 [1] is an ipsec map: map-firewall
Version history
Revision #:
1 of 1
Last update:
‎04-07-2015 01:57 PM
Updated by:
Labels (1)

I'm trying to configure this same setup with an OmniAccess 4302, but since it's EOS'd, it doesn't look like this "feature" exists. Any alternatives to make this work?

Search Airheads
Showing results for 
Search instead for 
Did you mean: