Wireless Access

last person joined: 14 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Provision AP from internet behind a NAT

This thread has been viewed 5 times

  • 1.  Provision AP from internet behind a NAT

    Posted Mar 20, 2014 02:49 PM

    Hi,

     

    I need to provision a AP175P that are behind a firewall. The controller can be reached using Internet (The controller are with a Public IP). The controller are on site A and AP on site B. The communication are only via Internet Link.

     

    The AP receive a LAN IP via DHCP and this IP have a NAT 1:1 with a public IP.
     After first boot, the AP upgrade successful through TFTP. After the second boot, we receive this message on AP Console:

     

    AP rebooted Thu Mar 20 15:08:44 BRT 2014; SAPD: Rebooting after setting cert_cap=1. Need to open a secure channel(IPSEC)

    On third boot, the AP show this message:

     

    AP rebooted Fri Dec 31 16:02:32 PST 1999; Unable to set up IPSec tunnel to saved lms, Error:RC_ERROR_TUN_IP_ERR

     

    This messages are showed before I provision the AP on controller.

     

    Regards,

    Paulo Raponi



  • 2.  RE: Provision AP from internet behind a NAT

    EMPLOYEE
    Posted Mar 20, 2014 02:52 PM

    You cannot provision a Campus AP through a NAT boundary.

     



  • 3.  RE: Provision AP from internet behind a NAT

    Posted Mar 20, 2014 02:55 PM

    thanks



  • 4.  RE: Provision AP from internet behind a NAT
    Best Answer

    Posted Mar 21, 2014 12:36 AM
    To provision an AP across the Internet you would need to provision the AP as a RAP. Same functionality, but it'll use an IPSec tunnel.


  • 5.  RE: Provision AP from internet behind a NAT

    EMPLOYEE
    Posted Mar 21, 2014 05:07 AM
    Tsd25108,

    Can you please tell him in detail how to do that?