Wireless Access

Reply
Occasional Contributor II

Turnkey RAP using Dynamic DNS.

I was wondering if anyone else has configured a turnkey RAP that can be assigned to someone that they could take home and setup themselves.

We currently are testing remote access points here. I can configure the RAP here and send it home with a remote user but the issue that comes up is when the IP address changes at the user's home it will also need to be changed in our firewall to allow traffic from the new IP on UDP 4500.

 

What I am thinking is to use Dynamic DNS at the users home. I enter that FQDN in the firewall here and when the IP changes at the remote location the DNS will be changed by the DDNS.

 

I am thinking that I will need to configure a package that the non-technical user can take home. It will include a router, VOIP phone and a AP303H AP. The AP will be configured for wireless traffic and wired traffic. I'm already thinking that if the person already has a router then we've just set up a double NAT which is not a good idea.  Replacing the user's router is an option but it would probably require someone from IT to pay a visit to set it up. It would also be a big inconvenience to the user.

 

Has anyone else done something similar?

 

I'm trying to make it so that someone from the IT department doesn't have to visit the user's home and then find that hopefully the router they use will be able to use DDNS. I am looking to setup as close to plug and play setup as I can get.

 

Thank you!

Guru Elite

Re: Turnkey RAP using Dynamic DNS.

You should allow UDP 4500 from anywhere.  Having to maintain and update a list of ip addresses would be painful..


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Turnkey RAP using Dynamic DNS.

That has been discussed. The security guys are not happy about leaving that
port open.
Guru Elite

Re: Turnkey RAP using Dynamic DNS.

That is perfectly understandable for site to site VPN, but how do you manage client VPN from tens or hundreds of users from dynamic ip addresses?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: