Wireless Access

Reply
Super Contributor II

VMC Scalability for IAP-VPN and Multizone

Hi Airheads,

 

Does anybody know where i can find sizing recommendation for using VMC as IAP-VPN termination or Multizone termination?

 

Scott

MVP Guru

Re: VMC Scalability for IAP-VPN and Multizone

EDIT

Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Super Contributor II

Re: VMC Scalability for IAP-VPN and Multizone

supported in 8.3

 

Starting from ArubaOS 8.3.0.0, IAP-VPN is supported on Mobility Controller Virtual Appliance by using default
self-signed certificate (Aruba PKI). For Instant AP to establish IPsec connection with Mobility Controller Virtual
Appliance, the controller presents a default self-signed certificate which is uploaded on the Instant AP using
Activate.

Through Activate, you can push only one default self-signed certificate to Instant AP which can be used to establishIPsec tunnel with Mobility Controller Virtual Appliance.

Contributor I

Re: VMC Scalability for IAP-VPN and Multizone

Can the certificate be deployed via Airwave in read-write mode with Groups? I deployed automatically 500 IAPs with Airwave group template on a network without connectivity to Activate. The VPN connection is a secondary usage, the control plane does not need it to contact Airwave. So, can I configure that IAP-VPN against a VMC AOS8.5 if I deploye the self-signed cert from Airwave itself?

 

These are the options available on Airwave for the IAP group configuration:

 

CA Cert:
Server Cert:
Captive Portal Cert:
Captive Portal Logo: only show less than 16k bytes logo files
RadSec Server Cert:
RadSec CA Cert:
Web Cert:
Custom SSL Cert:

 

Thanks

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: