This is output with RAP connected directly to LAN with controller. RAP is on whitelist and is pointed towards the internal LAN address of the controller.
(ADK-620) (config) #show crypto isakmp sa
ISAKMP SA Active Session Information ------------------------------------ Initiator IP Responder IP Flags Start Time Private IP ------------ ------------ ----- --------------- ---------- 10.0.0.133 10.0.0.11 r-m-c-y-R Feb 5 09:49:00 192.168.4.181
Flags: i = Initiator; r = Responder m = Main Mode; a = Agressive Mode v2 = IKEv2 p = Pre-shared key; c = Certificate/RSA Signature; e = ECDSA Signature x = XAuth Enabled; y = Mode-Config Enabled; E = EAP Enabled 3 = 3rd party AP; C = Campus AP; R = RAP V = VIA; S = VIA over TCP
Total ISAKMP SAs: 1
(ADK-620) (config) #show user-table verbose | include 2f:7b 192.168.4.182 00:00:00:00:00:00 00:0b:86:c3:2f:7b ap-role 00:00:02 VPN 10.0.0.133 N/A tunnel Internal 1
(ADK-620) (config) #show crypto ipsec sa
IPSEC SA Active Session Information ----------------------------------- Initiator IP Responder IP InitiatorID ResponderID Flags Start Time Inner IP ------------ ------------ ----------- ----------- ----- --------------- -------- 10.0.0.133 10.0.0.11 192.168.4.182/32 0.0.0.0/0 T Feb 5 09:53:11 192.168.4.182
Flags: T = Tunnel Mode; E = Transport Mode; U = UDP Encap L = L2TP Tunnel; N = Nortel Client; C = Client; 2 = IKEv2
Total IPSEC SAs: 1
(ADK-620) (config) #
When I connect pc to RAP-2 E1 is shows the following on the browser.
Successful eth0 interface up
Successful IP 10.0.0.133 mask 255.255.255.255.0 Gateway 10.0.0.7
Gateway Ping successfull
TPM Certificates successfull
Master Connectivity IP 10.0.0.11 ((Controller LAN address)) using Eternet Aborthed sapd_check_hbt is doing funnel down
LMS Connectivity Successful LMS IP 10.0.0.11 using Ethernet