Table of Contents
Advertisement
Table 86: IAP Configuration for Scenario 3—IPsec: Multiple Datacenter Deployment
Configuration Steps
10.16.0.0/16 network and
all other traffic address is
translated at the source
and the global routing
profile definition is
bypassed.
NOTE: Ensure that you execute the commit apply command in the Instant CLI before saving the configuration and
propagating changes across the IAP cluster.
IAP-Connected Switch Configuration
Client VLANs defined in this example must be opened on the upstream switches in multiple IAP deployments,
as client traffic from the slave to the master is tagged with the client VLAN.
Datacenter Configuration
For information on controller configuration, see
The following OSPF configuration is required on the controller to redistribute IAP-VPN routes to upstream
routers:
(host)(config) # router ospf
(host)(config) # router ospf router-id <ID>
(host)(config) # router ospf area 0.0.0.0
(host)(config) # router ospf redistribute rapng-vpn
409
| IAP-VPN Deployment Scenarios
CLI Commands
(Instant AP)(config)# wlan access-rule wireless-ssid
(Instant AP)(Access Rule "wireless-ssid")# rule any
any match any any any permit
For WLAN SSID contractor roles:
(Instant AP)(config)# wlan access-rule wireless-
ssid-contractor
(Instant AP)(Access Rule "wireless-ssid-contractor")
# rule 10.16.0.0 255.255.0.0 match any any any
permit
(Instant AP)(Access Rule "wireless-ssid-contractor")
# rule any any match any any any src-nat
Configuring a Controller for IAP-VPN Operations on page
UI Procedure
Aruba Instant 6.5.0.0-4.3.0.0 | User Guide
247.
Hide quick links:
Advertisement
Table of Contents
