Wireless Access

last person joined: 17 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Aruba Controller IPSEC tunnel MTU setting

This thread has been viewed 41 times

  • 1.  Aruba Controller IPSEC tunnel MTU setting

    Posted Apr 04, 2018 04:27 PM

    Question.  I have Aruba VPN controllers 70xx models AOS 6.5.3.3.  I have a cyrpto tunnel between two controllers.  I read that the default tunnel mtu is 1500 and if I want to change it I have to do a gloabl command "crypto ipsec mtu xxxx".  I made a change like this for MTU 1024 for a test and a "show crypto ipsec mtu" shows the new value.

     

    What I want to know is if there is a command that I can see the MTU is set on the actual tunnel between the two controllers?  Like a sh crypto ipsec sa perr x.x.x.x.  Any MTU settings in these types of commands?  I have not been able to locate one.



  • 2.  RE: Aruba Controller IPSEC tunnel MTU setting
    Best Answer

    Posted Apr 06, 2018 02:31 PM

    Think I figured this out.

     

    Global command "crypto ipsec mtu <value>" will change the MTU of the tunnel.  And you can see the MTU on the tunnel with the command "show datapath tunnel" before and after.  You have to clear ipsec sa peer <ip> to get it to take.