Manualshelf

Owners manual

ManualsBrandsARUBA NETWORKS ManualsComputers & LaptopsAruba Instant IAP-325 IEEE 802.11ac 1.69 Gbit/s Wireless Access Point - 2.40 GHz, 5 GHz - 8 x Antenna(s) - 8 x Internal Antenna(
371372373374375376377378379380
371 | IAP-VPN Deployment Scenarios Aruba Instant 6.4.0.2-4.1 | User Guide
Scenario 3 - IPSec: Multiple Datacenter Deployment with Primary and
Backup Controllers for Redundancy
This scenario includes the following configuration elements:
l Multiple controller deployment model with controllers in different datacenters operating as primary/backup VPN
with fast-failover and pre-emption enabled.
l Split tunneling of traffic.
l Split tunneling of client DNS traffic.
l Two Distributed L3 mode DHCPs, one each for employee and contractors and one Local mode DHCP server.
l RADIUS server within corporate network and authentication survivability enabled for branch survivability.
l Wired and wireless users in L3 and NAT modes respectively.
l Access rules for wired and wireless users with source NAT based rule for contractor roles to bypass global
routing profile.
l OSPF based route propagation on controller.
Topology
Figure 140 shows the topology and the IP addressing scheme used in this scenario.
Figure 140 Scenario 3 - IPSec: Multiple Datacenter Deployment with Primary and Backup Controllers for
Redundancy
The IP addressing scheme used in this example is as follows:
l 10.0.0.0/8 is the corporate network.
l 10.30.0.0/16 subnet is reserved for L3 mode –used by Employee SSID.
l 10.40.0.0/16 subnet is reserved for L3 mode –used by Contractor SSID.