Hi,
we're having issues trying to enable an AP-105 in a Checkpoint (CP) vpn configuration. Config :
AP-105 <-> CP vpn appliance remote site <-> CP vpn firewall HeadQuarters <-> Aruba cntrl
The AP comes up (it's been originally provisioned at HQ). But when it tries to open an encrypted tunnel to the controller, that's it. We never see it in the controllers list. In the logs we see :
Apr 16 15:06:23sapd[579]: <311020> <ERRS> |AP AP-BE-DI-TEST1@192.168.61.10 sapd| An internal system error has occurred at file sapd_redun.c function sapd_proc_redun_msg line 4314 error Error: Received RC_OPCODE_ERROR lms 192.168.101.251 tunnel 0.0.0.0 RC_ERROR_RETRYIKEV1.
We believe this is because the CP vpn actually forwards the encrypted packet on UDP port 4500, unencrypted. That basically is what is defined in the CP STAR network settings. So basically the packet gets redirected, as it is unencrypted, to the internet. And never reaches the Aruba controller.
Is there some way to change that port? We can't change it on the CP configuration. Any other solution?