Wireless Access

Reply
Occasional Contributor I

VIA and subnets with split tunnel

Hello, I am new to Aruba. I am wondering how split tunnel with VIA works.

I get ip address from the pool - but I struggle to reach the local interfaces ?

1. Do I need an interface or vlan on the controller mapped to the ip subnet. I do not rally see any option to map VLAN number to the POOL

2. Are all other ip interfaces on the controller " directly connected" with VIA IP SUBNET-POOL ?

Thanks for the help,

Piotr

Guru Elite

Re: VIA and subnets with split tunnel

If the via pool is not part of one of the controller's ip interfaces, you will have to have an "any any any src-nat" ACL at the end of the user role for your via user.  You cannot map a VLAN.  If the pool is part of a subnet that the controller has an ip interface on, just permitting the traffic should work.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor I

Re: VIA and subnets with split tunnel

Thank you for the answer. I have changed int vlan 999 to be part of VPN_POOL for via users but the interface protocol i down. Normally a vlan would be down if there are no active ports for this vlan. And in this case there is no ports but I was hoping that connecting a VIA client would triger change of the state of the port but that did not happen.Any ideas ?

 

I have attached a picture

Br

Piotr

Guru Elite

Re: VIA and subnets with split tunnel

Is VLAN 999 tied to a physical interface?  If not, you need to config t, interface vlan 999, operstate up.  And then of course, you will need a route from your infrastructure to the controller for whatever subnet vlan 999 is on..


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Highlighted
Occasional Contributor I

Re: VIA and subnets with split tunnel

You have right :) I had to allow it on the trunk and it working now

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: