Owners manual

ManualsBrandsARUBA NETWORKS ManualsComputers & LaptopsAruba Instant IAP-325 IEEE 802.11ac 1.69 Gbit/s Wireless Access Point - 2.40 GHz, 5 GHz - 8 x Antenna(s) - 8 x Internal Antenna(

211

212

213

214

215

216

217

218

219

220

In the CLI

To enable automatic configuration of the GRE tunnel:

(Instant AP)(config)# vpn gre-outside

(Instant AP)(config)# vpn primary <name/IP-address>

(Instant AP)(config)# vpn backup <<name/IP-address>>

(Instant AP)(config)# vpn fast-failover

(Instant AP)(config)# vpn hold-time <seconds>

(Instant AP)(config)# vpn preemption

(Instant AP)(config)# vpn monitor-pkt-send-freq <frequency>

(Instant AP)(config)# vpn monitor-pkt-lost-cnt <count>

(Instant AP)(config)# vpn reconnect-user-on-failover

(Instant AP)(config)# vpn reconnect-time-on-failover <down_time>

(Instant AP)(config)# end

(Instant AP)# commit apply

To view VPN configuration details:

(Instant AP)# show vpn config

Manually Configuring a GRETunnel

You can also manually configure a GRE tunnel by configuring the GRE tunnel parameters on the IAP and controller.

This procedure describes the steps involved in the manual configuration of a GRE tunnel from Virtual Controller by

using the Instant UI or CLI.

During the manual GRE setup, you can either use the Virtual Controller IP or the IAP IP to create the GRE tunnel at

the controller side depending upon the following IAP settings:

l If a Virtual Controller IP is configured and if Per-AP tunnel is disabled, the Virtual Controller IP is used to create

the GRE tunnel.

l If a Virtual Controller IP is not configured or if Per-AP tunnel is enabled, the IAP IP is used to create the GRE

tunnel.

For information on the GRE tunnel configuration on controller, see

ArubaOS User Guide

In the Instant UI

1. Click the More > VPN link at the top right corner of the Instant UI. The Tunneling window is displayed.

2. Select Manual GRE from the Protocol drop-down list.

3. Specify the following parameters. A sample configuration is shown in Figure 66.

a. Enter an IP address or the FQDN for the main VPN/GRE endpoint.

b. Enter a value for the GRE type parameter.

c. Select Enabled or Disabled from the Per-AP tunnel drop-down list. The administrator can enable this option

to create a GRE tunnel from each IAP to the VPN/GRE Endpoint rather than the tunnels created just from the

master IAP. When enabled, the traffic to the corporate network is sent through a Layer-2 GRE tunnel from the

IAP itself and need not be forwarded through the master IAP.

By default, the Per-AP tunnel option is disabled.

Aruba Instant 6.4.0.2-4.1 | User Guide VPN Configuration | 215