Wireless Access

last person joined: 15 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Aruba 640, unable to change vpn address pool.

This thread has been viewed 0 times

  • 1.  Aruba 640, unable to change vpn address pool.

    Posted Jun 06, 2013 10:35 AM

    I have one address pool, and am unable to edit or delete it in the web gui, and can't figure out the CLI from the reference guide or lacking help menu in terminal.

     

    How do I edit the start and end address range for the vpn address pool?



  • 2.  RE: Aruba 640, unable to change vpn address pool.
    Best Answer

    EMPLOYEE
    Posted Jun 06, 2013 10:40 AM 
    config t
ip local pool "pool1" "192.168.1.3" "192.168.1.300"

     



  • 3.  RE: Aruba 640, unable to change vpn address pool.

    Posted Jun 06, 2013 10:48 AM

    That worked wonderfully!



  • 4.  RE: Aruba 640, unable to change vpn address pool.

    Posted Jun 06, 2013 10:50 AM

    I'm trying to diagnose why my RAP3 won't slave to the 650 mobility controller to be used as a VPN device for a remote user. It still won't work following changing the address pool to a private class C range. 

     

    Still getting error -8949     ERR_IKE_TIMEOUT



  • 5.  RE: Aruba 640, unable to change vpn address pool.

    EMPLOYEE
    Posted Jun 06, 2013 10:51 AM

    If you pointed a RAP3 to the controller, you need to be running ArubaOS 6.2 and above for it to convert.

     



  • 6.  RE: Aruba 640, unable to change vpn address pool.

    Posted Jun 06, 2013 10:59 AM

    I have the latest firmware on the mobility controller. 



  • 7.  RE: Aruba 640, unable to change vpn address pool.

    EMPLOYEE
    Posted Jun 06, 2013 11:04 AM

    Okay.  I am assuming it is 6.2.

     

    Have you gotten other RAPs to work with that controller? (trying to eliminate a RAP configuration issue)



  • 8.  RE: Aruba 640, unable to change vpn address pool.

    Posted Jun 06, 2013 12:28 PM

    Negative, I tried another RAP3 out of the box it and would not convert for remote usage, citing a VPN issue, to include the above error message in the pop up log. 



  • 9.  RE: Aruba 640, unable to change vpn address pool.

    EMPLOYEE
    Posted Jun 06, 2013 12:37 PM

    Did you add the RAP;s wired mac address into the RAP whitelist?

     

    If so, turn on logging:

     

    logging level debugging security subcat ike
logging level debugging security process aaa
logging level debugging security process authmgr
logging level debugging security subcat l2tp
logging level debugging security subcat vpn

     then type "show log security" while the RAP is trying to connect.

     

     

     

     



  • 10.  RE: Aruba 640, unable to change vpn address pool.

    Posted Jun 06, 2013 01:24 PM

    I did add the MAC to the whitelist. 

     

    In the meantime we unplugged the controller because spanning tree was causing issues with some other switches. I think the likely solution is to completely disable spanning tree on the controller, in addition to reviewing settings on the other devices. 

     

    I'll go through those logging procedures this weekend and post back when I know more details. 



  • 11.  RE: Aruba 640, unable to change vpn address pool.

    Posted Jun 16, 2013 03:39 PM

    when trying to enable those logging features i get the following,

     

    invalid input detected at '^' marker.

     

    i'll double check the cli guide. 



  • 12.  RE: Aruba 640, unable to change vpn address pool.

    Posted Jun 16, 2013 03:49 PM

    Ok I figured out the CLI.

    Here's what came up when searching the log for errors:

     

    ipc.c:controlplaneRouteModify:4089 Failed to Delete Route in Kernel: error:No such process