Wireless Access

Aruba Employee

Simple RAP LAB Configuration example

This is a simple how-to document showing the steps to configure a RAP access point to connect to a mobility controller through the internet.


RAP access point at employee's home will connect to mobility controller through the internet and tunnel access to the corporate networks and Access to the internet will be source nated and local switched.
  • Create a net destination with corporate networks
netdestination corp-network-alias
  • Create a session access-list
This access list will permit access to the corporate network and source nat all other traffic to be local switched.
ip access-list session corp-net-split-acl
   user alias corp-network-alias any permit
   alias corp-network-alias user any permit
   any any svc-dhcp permit
   user any any route src-nat
   any user any permit
  • Create user role
This role will be associated with the session access-list created before.
user-role role-split-corp
   access-list session corp-net-split-acl
  • Create an wlan profile
wlan virtual-ap "remote-teste10"
   aaa-profile "remote-teste10"
   vlan 1043                                   —> Vlan that user will get IP from
   forward-mode split-tunnel          —> Split-tunnel enabled
   ssid-profile "remote-teste10”
wlan ssid-profile "remote-teste10"
    essid "remote-teste10"
    opmode wpa2-psk-aes
    wpa-passphrase 1d5318efb6110ec9f7dd7e92d03d235fe443cb9eea6167b5
  • Create a AP Group
ap-group “RAP-Test-Group"
   virtual-ap "remote-teste10
  • Add RAP Access Point's MAC to the white list DB
whitelist-db rap add mac-address xx:xx:xx:xx:xx:xx
   ap-group RAP-Test-Group —> AP group created on item 5
   ap-name RAP-AP-01
  • Add an IP local pool
RAP access points will receive IP address from this pool.
ip local pool “RAP-Pool-Corp"
  • Prosvisioning the AP using GUI
After adding the RAP to the whitelist-db, it has to provisioned through the GUI.
During the provisioning we need will use the controllers’s external IP or hostname. Remember that the ports TCP/4500 and UDP 69 should be open between RAP and controller.
Screenshot 2018-04-12 21.07.53.pngScreenshot 2018-04-12 21.19.28.png
  • Testing and verifying the configuration

Screenshot 2018-04-12 19.05.01.pngScreenshot 2018-04-12 19.05.11.png

Screenshot 2018-04-12 17.20.47.pngScreenshot 2018-04-12 19.07.38.png

Search Airheads
Showing results for 
Search instead for 
Did you mean: