Table of Contents
Advertisement
This chapter provides the following information:
Configuring DHCP Scopes on page 211
l
Configuring the Default DHCP Scope for Client IP Assignment on page 218
l
Configuring DHCP Scopes
The VC supports different modes of Dynamic Host Configuration Protocol (DHCP) address assignment. With
each DHCP address assignment mode, various client traffic forwarding modes are associated. For more
information on client traffic forwarding modes for IAP-VPN, see
When using a local DHCP scope in an IAP cluster, ensure that the VLANs configured for this DHCP scope is
allowed in the uplink switch.
In a single IAP network, when using a client DHCP scope for wired clients, ensure that client VLAN is not added
in the allowed VLAN list for the port to which the IAP E0 port is connected.
This section describes the following procedures:
Configuring Local DHCP Scopes on page 211
l
Configuring Distributed DHCP Scopes on page 213
l
Configuring Centralized DHCP Scopes on page 216
l
Configuring Local DHCP Scopes
You can configure Local; Local, L2; and Local, L3 DHCP scopes through the Instant UI or the CLI.
Local—In this mode, the VC acts as both the DHCP server and the default gateway. The configured subnet
l
and the corresponding DHCP scope are independent of the subnets configured in other IAP clusters. The VC
assigns an IP address from a local subnet and forwards traffic to both corporate and non-corporate
destinations. The network address is translated appropriately and the packet is forwarded through the
IPsec tunnel or through the uplink. This DHCP assignment mode is used in the Networks Address
Translation (NAT) forwarding mode.
Local, L2—In this mode, the VC acts as a DHCP server and the gateway located outside the IAP.
l
Local, L3—This DHCP assignment mode is used with the L3 forwarding mode. In this mode, the VC acts as
l
a DHCP server and the gateway, and assigns an IP address from the local subnet. The IAP routes the packets
sent by clients on its uplink. The Local, L3 subnets can access corporate network through the IPsec tunnel.
The network address for all client traffic, which is generated in the Local, L3 subnets and destined to the
corporate network, is translated at the source with the tunnel inner IP. However, if corporate access to
Local, L3 is not required, you can configure ACL rules to deny access.
In the Instant UI
To configure a Local or a Local, L3 DHCP scope:
1. Click More > DHCP Server. The DHCP Server window is displayed.
2. To configure a Local; Local, L2; or Local, L3 DHCP scopes, click New under Local DHCP Scopes. The
New DHCP Scope window is displayed.
3. Based on the type of DHCP scope selected, configure the following parameters:
Aruba Instant 6.5.0.0-4.3.0.0 | User Guide
DHCP Configuration
IAP-VPN Forwarding Modes on page
DHCP Configuration |
Chapter 15
243.
211
Hide quick links:
Advertisement
Table of Contents
