Wireless Access

Hi all,

 

A customer is looking to have users create VPN tunnels on their laptops and then terminate the tunnels on a VPN concentrator on another site, which is not an Aruba device.  Am I right in saying in this case they do not require the VIA/VPN licence for the controller?

 

As I understand it the VIA/VPN licence is only needed if the controller is terminating the tunnel, is that right?

 

Thanks,

Jamie.

VIA is a feature license for Aruba controllers. If you're not using VIA, you don't need the license. 

Thanks for the reply Tim, so when you say "if you are not using VIA" - I assume you mean if you are not terminating the VPN tunnel on the controller you are not using VIA?  Sorry if this seems obvious, but I am new to Aruba.

 

Thanks,

Jamie.

VIA is a VPN service for clients and requires a license to enable it on the controller. 

Basic site to site VPNs can be built on the controller without this license. 

The only time you need PEFV is if you want to use the VIA client on your end user devices or if you want to customize the VPN tunnel firewall policy for site to site. 

If your clients are terminating to a 3rd party VPN concentrator, this is just standard user traffic traversing the controller. Nothing is needed on the Aruba side. 

Thanks again Tim.  1 last question on this, even though they are terminating the VPN overseas, if they want to apply PEF rules to the controller (i.e. limit to TCP wireless traffic locally and then VPN overseas) would they then require the VPN licence?  Or would they just require LIC-PEF?

 

Thanks,

Jamie.

If you want to use the stateful firewall, you will need LIC-PEF x number of
APs.