Concept Guide
407 | IAP-VPN Deployment Scenarios Dell Networking W-Series Instant 6.5.1.0-4.3.1.0 | User Guide
Configuration Steps CLI Commands UI Procedure
10.16.0.0/16 network and
all other traffic address is
translated at the source
and the global routing
profile definition is
bypassed.
(Instant AP)(config)# wlan access-rule wireless-ssid
(Instant AP)(Access Rule "wireless-ssid")# rule any
any match any any any permit
For WLAN SSID contractor roles:
(Instant AP)(config)# wlan access-rule wireless-
ssid-contractor
(Instant AP)(Access Rule "wireless-ssid-contractor")
# rule 10.16.0.0 255.255.0.0 match any any any
permit
(Instant AP)(Access Rule "wireless-ssid-contractor")
# rule any any match any any any src-nat
NOTE: Ensure that you execute the commit apply command in the Instant CLI before saving the configuration and
propagating changes across the W-IAP cluster.
Table 86: W-IAP Configuration for Scenario 3—IPsec: Multiple Datacenter Deployment
W-IAP-Connected Switch Configuration
Client VLANs defined in this example must be opened on the upstream switches in multiple W-IAP
deployments, as client traffic from the slave to the master is tagged with the client VLAN.
Datacenter Configuration
For information on controller configuration, see Configuring a Controller for IAP-VPN Operations on page 243.
The following OSPF configuration is required on the controller to redistribute IAP-VPN routes to upstream
routers:
(host)(config) # router ospf
(host)(config) # router ospf router-id <ID>
(host)(config) # router ospf area 0.0.0.0
(host)(config) # router ospf redistribute rapng-vpn