Owners manual

ManualsBrandsARUBA NETWORKS ManualsComputers & LaptopsAruba Instant IAP-325 IEEE 802.11ac 1.69 Gbit/s Wireless Access Point - 2.40 GHz, 5 GHz - 8 x Antenna(s) - 8 x Internal Antenna(

211

212

213

214

215

216

217

218

219

220

(Instant AP)(config)# vpn reconnect-user-on-failover

(Instant AP)(config)# vpn reconnect-time-on-failover <down_time>

(Instant AP)(config)# end

(Instant AP)# commit apply

Example

(Instant AP)(config)# vpn primary 192.0.2.18

(Instant AP)(config)# vpn backup 192.0.2.18

(Instant AP)(config)# vpn fast-failover

(Instant AP)(config)# vpn preemption

(Instant AP)(config)# ip dhcp distl2

(Instant AP)(DHCP Profile "distL2")# server-type Distributed,L2

(Instant AP)(DHCP Profile "distL2")# server-vlan 2

(Instant AP)(DHCP Profile "distL2")# ip-range 10.15.205.0 10.15.205.255

(Instant AP)(DHCP Profile "distL2")# subnet-mask 255.255.255.0

(Instant AP)(DHCP Profile "distL2")# lease-time 86400

(Instant AP)(DHCP Profile "distL2")# default-router 10.15.205.254

(Instant AP)(DHCP Profile "distL2")# dns-server 10.13.6.110,10.1.1.50

(Instant AP)(DHCP Profile "distL2")# domain-name arubanetworks.com

(Instant AP)(DHCP Profile "distL2")# client-count 5

(Instant AP)(config)# ip dhcp local

(Instant AP)(DHCP Profile "local")# server-type Local

(Instant AP)(DHCP Profile "local")# server-vlan 200

(Instant AP)(DHCP Profile "local")# subnet 172.16.200.1

(Instant AP)(DHCP Profile "local")# subnet-mask 255.255.255.0

(Instant AP)(DHCP Profile "local")# lease-time 86400

(Instant AP)(DHCP Profile "local")# dns-server 10.13.6.110,10.1.1.50

(Instant AP)(DHCP Profile "local")# domain-name arubanetworks.com

To view VPN configuration:

Instant Access Point# show vpn config

Enabling Automatic Configuration of GRETunnel

GRE is a tunnel protocol for encapsulating multicast, broadcast, and L2 packets between a controller and the IAPs.

The automatic GRE feature uses the IPSec connection between the IAP and controller to send the control

information for setting up a GRE tunnel. When automatic GRE configuration is enabled, a single IPSec tunnel

between the IAP cluster and the controller and one or several GRE tunnels are created based on the Per-AP tunnel

configuration on the IAP. When this feature is enabled on the IAP, no manual configuration is required on the

controller to create the GRE tunnel.

Automatic configuration of the GRE tunnel is supported only on Aruba controlleres. This feature is not supported on

controllers running ArubaOS 6.3.x.x or lower versions.

You can configure an IAP to automatically set up a GRE tunnel from the IAP to Controller by using the Instant UI or

CLI.

In the Instant UI

1. Click the More > VPN link at the top right corner of the Instant UI. The Tunneling window is displayed.

2. Select Aruba GRE from the Protocol drop-down list.

3. Enter the IP address or FQDN for the main VPN/IPSec endpoint in the Primary host field.

4. Enter the IP address or FQDN for the backup VPN/IPSec endpoint in the Backup host field. This entry is

optional. When you enter the primary host IP address and backup host IP address, other fields are displayed.

5. Specify the following parameters. A sample configuration is shown in Figure 65.

Aruba Instant 6.4.0.2-4.1 | User Guide VPN Configuration | 213